Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds

Eastern Europe remains a hotbed for illicit cryptocurrency activity, new research shows. Between June 2020 and July 2021, Eastern Europe-based cryptocurrency addresses sent $815 million to investment ponzi scams that lure users with false promises of high returns, according to Chainalysis data published Wednesday. Ukraine, in particular, drove a significant amount of the region’s traffic to the fraud websites, trouncing second-place United States by roughly 20 million visits. Half the money sent in the region went to just one apparent fraud effort. Between December 2019 and August 2021, users sent over $1.5 billion worth of bitcoin to Finiko, a Russia-based ponzi-scheme whose founders are under arrest or have fled Russia. The company marketed itself as a referral network that would reward investors with high returns, only to come under scrutiny from authorities in Moscow for allegedly defrauding users. The report highlights that while Eastern Europe is largely seen as the recipient […]

The post Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds appeared first on CyberScoop.

Continue reading Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds

Rene Ritchie’s ‘How Apple DESTROYED Facebook’s Spyware’

Simply superb video, published on YouTube by the eponymous Rene Ritchie, targeting the criminal behavior of Facebook.
Permalink
The post Rene Ritchie’s ‘How Apple DESTROYED Facebook’s Spyware’ appeared first on Security Boulevard.
Continue reading Rene Ritchie’s ‘How Apple DESTROYED Facebook’s Spyware’

Ransomware Gangs and the Name Game Distraction

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. We hang on to these occasional victories because history tells us that most ransomware moneymaking collectives don’t go away so much as reinvent themselves under a new name, with new rules, targets and weaponry. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation over as many years.

Reinvention is a basic survival skill in the cybercrime business. Among the oldest tricks in the book is to fake one’s demise or retirement and invent a new identity. A key goal of such subterfuge is to throw investigators off the scent or to temporarily direct their attention elsewhere.

Cybercriminal syndicates also perform similar disappearing acts whenever it suits them. These organizational reboots are an opportunity for ransomware program leaders to set new ground rules for their members — such as which types of victims aren’t allowed (e.g., hospitals, governments, critical infrastructure), or how much of a ransom payment an affiliate should expect for bringing the group access to a new victim network. Continue reading Ransomware Gangs and the Name Game Distraction

Ransomware group ‘Hades’ claims more victims as investigators seek answers

A ransomware group that targets billion-dollar companies — but that has stubbornly defied attribution consensus among cybersecurity researchers — has claimed at least seven victims since its discovery late last year. What’s more, it has taken additional steps in an apparent bid to baffle investigators who have tried to pin down who, exactly, the operators are, according to Accenture Security research released Tuesday. The update on the operators of the self-proclaimed Hades ransomware variant adds to its mystery as much as it subtracts from it. Accenture said it “is not yet able to confidently make attribution claims,” though other researchers have variously described Hades as a new group, suggested  it is connected to a wel known Russian ransomware gang, or linked the Hades activity to a Chinese nation-state hacking outfit thought to be behind this year’s Microsoft Exchange Server attack. What Accenture says it knows is this: First, the Hades […]

The post Ransomware group ‘Hades’ claims more victims as investigators seek answers appeared first on CyberScoop.

Continue reading Ransomware group ‘Hades’ claims more victims as investigators seek answers

Cyber insurance giant CNA hit by ransomware attack

Insurance firm CNA Hardy says that it has suffered a “sophisticated cybersecurity attack” that has impacted its operations, including its email system. According to a statement posted on the firm’s website, CNA determined it had falle… Continue reading Cyber insurance giant CNA hit by ransomware attack

Ransomware in 2020: A Banner Year for Extortion

From attacks on the UVM Health Network that delayed chemotherapy appointments, to ones on public schools that delayed students going back to the classroom, ransomware gangs disrupted organizations to inordinate levels in 2020. Continue reading Ransomware in 2020: A Banner Year for Extortion

US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

If a Treasury Department advisory threatening financial penalties against anyone paying ransomware hackers was intended to send a clear message, it may have done the exact opposite. The Oct. 1 advisory from the Office of Foreign Assets Control warned that paying or helping to pay ransoms to anyone on its cyber sanctions list could incur civil penalties. Across some of the industries mentioned in the advisory — like cybersecurity incident response firms and insurance providers — reactions have ranged from confusion to silence, from yawns to raised eyebrows, from praise to fear of a blizzard of potentially unintended consequences. The worst case scenarios involve ransomware victims in the health sector having to make a life-or-death decision on whether to pay to unlock their systems while at risk of incurring Treasury’s wrath, or situations where victims try even harder to keep attacks quiet to avoid OFAC fines, which sometimes total millions […]

The post US advisory meant to clarify ransomware payments only spotlights widespread uncertainty appeared first on CyberScoop.

Continue reading US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today. Continue reading Ransomware Victims That Pay Up Could Incur Steep Fines from Uncle Sam

Garmin Pays Ransom to Evil Corp – Despite Russian Sanctions

It’s emerged that Garmin caved into pressure and paid several million dollars’ ransom to WastedLocker-wielding criminals.
The post Garmin Pays Ransom to Evil Corp – Despite Russian Sanctions appeared first on Security Boulevard.
Continue reading Garmin Pays Ransom to Evil Corp – Despite Russian Sanctions