Category Archives: Financial

Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

Posted on by

The BlackMatter ransomware gang has struck an Iowa agricultural business, New Cooperative, and is demanding a $5.9 million ransom. Several security researchers first called attention to the hack on Monday, and the company confirmed to Bloomberg that it had been hit with a cyberattack and shut down its systems in response. It’s another big hit against the agriculture industry, following the May ransomware attack on JBS by REvil, a gang that researchers said has ties to BlackMatter. New Cooperative is a grain collective based out of Fort Dodge. In negotiations dated Sept. 19 and posted online, a person speaking on behalf of the company said the attack would cause severe problems in the food supply chain. “We are critical infrastructure – we [sic] intertwined with the food supply chain in the US,” they wrote. “If we are not able to recover very shortly, there is going to be a very […]

The post Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain appeared first on CyberScoop.

Continue reading Ransomware gang strikes Iowa agriculture business New Cooperative, the latest hack on food supply chain

Olympus investigating reported ransomware attack with BlackMatter hallmarks

Posted on by

A Japanese technology manufacturer confirmed it is investigating a reported ransomware attack affecting business units in Europe, the Middle East and Africa dating back to Sept. 8. In a statement Saturday, Tokyo-based Olympus said it’s looking into “a potential cybersecurity incident” that resulted in the suspicion of data transfers between relevant systems. The apparent breach is in fact a ransomware incident that began on Sept. 8 carried out by a hacker who claims to be affiliated with the BlackMatter extortion group, TechCrunch first reported. The attacker included a note on infected computers promising to decrypt the relevant systems in exchange for payment, according to TechCrunch. “Upon detection of suspicious activity, we immediately mobilized a specialized response team including forensics experts, and we are currently working with the highest priority to resolve this issue,” the company said. The ransom message directed recipients to visit a page reportedly known to be affiliated […]

The post Olympus investigating reported ransomware attack with BlackMatter hallmarks appeared first on CyberScoop.

Continue reading Olympus investigating reported ransomware attack with BlackMatter hallmarks

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Posted on by

Another new ransomware gang is making waves with an unconventional structure, its unique pedigree and an early victim. A coalition of researchers on Thursday explained what makes Groove, a gang that quietly emerged in July with a website, different: Namely, it eschews the traditional ransomware-as-a-service hierarchy in favor of an opportunistic pledge that they’ll work with anyone as long as there’s money to be made. The researchers — from McAfee, Intel 471 and Coveware — traced the group’s origins to a likely split with the Babuk gang, part of a trend of turmoil within extortion groups that use the ransomware-as-a-service (RaaS) model where affiliates get to use an outfit’s malware in exchange for sharing profits. For instance, a disgruntled former Conti affiliate recently leaked the group’s attack playbook. Already, there’s evidence the researchers uncovered that Groove has worked with another ransomware gang, BlackMatter, that likewise recently emerged. That group is […]

The post Groove ransomware gang is a motley crew of disgruntled hackers, researchers say appeared first on CyberScoop.

Continue reading Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware

Posted on by

After a summer marked by big ransomware attacks from suspected Russian gangs, some of those same groups went quiet. National Cyber Director Chris Inglis said Thursday that it’s too early to tell if the trend will hold. “Those attacks have fallen off. Those syndicates have to some degree deconstructed,” Inglis said at an event hosted by the Ronald Reagan Presidential Foundation and Institute. “I think it’s a fair bet they have self-deconstructed and essentially gone cold and quiet to see whether the storm will blow over and whether they can then come back.” Whether they do so will depend largely on whether Russian President Vladimir Putin takes steps to undo the “permissive” atmosphere after U.S. President Joe Biden warned him repeatedly about ransomware attacks originating from his country. “It’s too soon to say we’re out of the woods on this,” Inglis said. The FBI blamed Russian ransomware gang REvil for […]

The post National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware appeared first on CyberScoop.

Continue reading National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware

IRS used vape store receipts to gather evidence against alleged Ukrainian scammer

Posted on by

U.S. law enforcement officials gathered details about a suspected cybercriminal by collecting intelligence from his apparent messages to vape shops in Ukraine. The accused scammer, Glib Oleksandr Ivanov-Tolpintsev, was arraigned Tuesday during an 11-minute hearing in which he appeared virtually from the Pinellas County Jail near Tampa, Fla. Ivanov-Tolpintsev is accused of accessing victims’ username and password credentials between 2016 and 2020, then acting as a seller on a cybercriminal forum where he sold the sensitive data and leased access to a botnet, an army of hacked computers capable of sending spam or infecting more computers. Using the aliases “sergios” and “mars,” Ivanov-Tolpintsev allegedly claimed that his botnet was capable of accessing 2,000 usernames and passwords a day, enabling other perpetrators to carry out identity theft or other kinds of fraud. U.S. officials accused the defendant of earning more than $80,000 as part of the scheme over four years. The […]

The post IRS used vape store receipts to gather evidence against alleged Ukrainian scammer appeared first on CyberScoop.

Continue reading IRS used vape store receipts to gather evidence against alleged Ukrainian scammer

Russian cybercrime continues as government-backed attacks on companies dwindle, CrowdStrike says

Posted on by

The Russian approach to hacking shifted considerably over the past year, with state-sponsored attacks on commercial organizations dropping off even as the local cybercrime scene dominated the field, CrowdStrike said in a report Wednesday. From July 2020 to June of this year, Russian state-backed hacking outfits accounted for only a tiny sliver of nation-sponsored attacks aimed at commercial enterprises detected by the cyber firm’s threat hunting service, at 1% compared to China’s 69%. (The figure represents the findings from only one threat intelligence firm, and does not account for hacking campaigns that CrowdStrike might have missed.) Meanwhile, the suspected Russia-based hacking group that CrowdStrike calls Wizard Spider, and that has used the Ryuk ransomware since 2018, was responsible for double the number of detected attempted intrusions of any other cybercrime gang over the same period. While CrowdStrike didn’t have comparison figures on the percentages of state-sponsored attacks on commercial organizations […]

The post Russian cybercrime continues as government-backed attacks on companies dwindle, CrowdStrike says appeared first on CyberScoop.

Continue reading Russian cybercrime continues as government-backed attacks on companies dwindle, CrowdStrike says

Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs

Posted on by

A federal judge sentenced two men to prison for a coordinated scheme to hack into tax preparation firms, steal personal information, file fraudulent unemployment claims and income tax returns and then launder the money. The fraudulent unemployment claims aimed to exploit a COVID-19 relief program that netted $280,000 in improper benefits from the state of Washington, the Justice Department announced Thursday. They also included attempts to seek $2.6 million in tax refunds. Bamidele Muraina, a Nigerian national whom DOJ said led the effort to steal identities, received five years and 10 months in prison, as well as three years of supervised release and an order to pay more than $500,000 in restitution. For leading the money laundering leg of the operation, Gabriel Kalembo received four years and two months in prison, along with two years of supervised release and an order to pay nearly $300,000. Starting at least in January […]

The post Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs appeared first on CyberScoop.

Continue reading Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs

Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs

Posted on by

A federal judge sentenced two men to prison for a coordinated scheme to hack into tax preparation firms, steal personal information, file fraudulent unemployment claims and income tax returns and then launder the money. The fraudulent unemployment claims aimed to exploit a COVID-19 relief program that netted $280,000 in improper benefits from the state of Washington, the Justice Department announced Thursday. They also included attempts to seek $2.6 million in tax refunds. Bamidele Muraina, a Nigerian national whom DOJ said led the effort to steal identities, received five years and 10 months in prison, as well as three years of supervised release and an order to pay more than $500,000 in restitution. For leading the money laundering leg of the operation, Gabriel Kalembo received four years and two months in prison, along with two years of supervised release and an order to pay nearly $300,000. Starting at least in January […]

The post Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs appeared first on CyberScoop.

Continue reading Hacker, money launderer sentenced to prison for scamming tax preparers and COVID-19 relief programs

Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

Posted on by

Battle lines are drawn in Congress over legislation that would require companies to report some cyber incidents to the federal government, with industry groups lining up to support a House of Representatives bill poised to create fewer challenges for business leaders than a similar proposal in the Senate. The debate involves questions about how quickly companies would have to report attacks, what kinds of specific intrusions would trigger notification and whether failure to comply with the rules would lead to financial penalties. The idea of breach notification legislation gained momentum following last year’s discovery of the SolarWinds hack that compromised nine federal agencies and some 100 companies, as well as the Colonial Pipeline ransomware attack in May. At issue are such questions as whether companies have 24 or 72 hours to report an incident, along with who would be on the hook outside of critical infrastructure owners and operators, if […]

The post Breach notification window, accountability are focus of coming fight on cyber legislation in Congress appeared first on CyberScoop.

Continue reading Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

SEC fines brokerage firms over email hacks, customer data exposure

Posted on by

The Securities and Exchange Commission has fined several brokerages a total of $750,000 for exposing the sensitive personal information of thousands of customers and clients after hackers took over employee email accounts. All of the companies settled the SEC charges, in three separate actions: Cetera Advisor Networks, Cetera Investment Services, Cetera Financial Specialists, Cetera Advisors, and Cetera Investment Advisers; Cambridge Investment Research and Cambridge Investment Research Advisors; and KMS Financial Services. The firms ran afoul of the SEC’s “Safeguards Rule,” which requires companies to write and adopt procedures for protecting customer records and information. “Investment advisers and broker dealers must fulfill their obligations concerning the protection of customer information,” said Kristina Littman, chief of the SEC Enforcement Division’s Cyber Unit. “It is not enough to write a policy requiring enhanced security measures if those requirements are not implemented or are only partially implemented, especially in the face of known attacks.” […]

The post SEC fines brokerage firms over email hacks, customer data exposure appeared first on CyberScoop.

Continue reading SEC fines brokerage firms over email hacks, customer data exposure