Category Archives: Financial

Google has ‘definitive agreement’ to buy Mandiant for $5.4B

Posted on by

Mandiant, one of the cybersecurity industry’s marquee names in threat intelligence and incident response, is being acquired by Google, the two companies said Tuesday. Google has a “definitive agreement” for an all-cash transaction worth about $5.4 billion, the tech giant said in a news release. Mandiant will join the Google Cloud unit, specifically, with the goal of boosting its security offerings, the companies said. “Cyber security is a mission, and we believe it’s one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organization,” Mandiant CEO Kevin Mandia said in a separate news release. The Google deal isn’t a total surprise, but it wasn’t exactly the acquisition news that many were watching for. Reports in February had said Microsoft was in talks to buy Mandiant. The Google deal represents another high-profile cybersecurity acquisition in an industry already active with such deals. […]

The post Google has ‘definitive agreement’ to buy Mandiant for $5.4B appeared first on CyberScoop.

Continue reading Google has ‘definitive agreement’ to buy Mandiant for $5.4B

Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

Posted on by

A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of thousands of leaked chats between members of the Russia-based ransomware gang Conti hit the web. In the days after the leaks, many celebrated what they thought would be a devastating blow to Conti, which a Ukrainian security researcher had apparently punished by leaking the internal chats because the gang threatened to “strike back” at any entities that organized “any war activities against Russia.” But ten days after the leaks began, Conti appears to be thriving. Experts say the notorious ransomware gang has pivoted all too easily, replacing much of the infrastructure that was exposed in the leaks while moving quickly to hit new targets with ransom demands. According to Vitali Kremez, CEO of the cybersecurity firm AdvIntel, by Monday morning Conti had successfully completed two new data breaches at […]

The post Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say appeared first on CyberScoop.

Continue reading Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

Personal data from T-Mobile breach still spreading on dark web, state governments warn

Posted on by

The top law enforcement officials from multiple states are alerting people affected by an August 2021 breach at T-Mobile that their personal data might be circulating in cybercrime forums online. “Information stolen in a massive data breach has fallen into the wrong hands and is circulating on the dark web,” New York Attorney General Letitia James said Wednesday in a news release. Officials from California, Florida and several other states issued similar warnings. The T-Mobile breach involved the data of tens of millions of current, former or potential customers who had applied for credit with the wireless company. The stolen data is attractive for identity theft and other financial crimes. The hacker who claimed responsibility for the breach told The Wall Street Journal in August that T-Mobile’s security was “awful.” Law enforcement agencies from multiple states are investigating the breach. In some cases, the hacker accessed people’s names, dates of […]

The post Personal data from T-Mobile breach still spreading on dark web, state governments warn appeared first on CyberScoop.

Continue reading Personal data from T-Mobile breach still spreading on dark web, state governments warn

TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators

Posted on by

The operators of TrickBot have essentially shut down the notorious malware, multiple reports say, but evidence suggests the gang has begun using other platforms or folded operations into another cybercrime group altogether. Researchers at Intel471 and AdvIntel noted a sharp dip in recent TrickBot activity in separate reports Thursday, even though the command-and-control infrastructure for the malware remains operational. Intel471 said “it’s likely that the Trickbot operators have phased Trickbot malware out of their operations in favor of other platforms,” probably Emotet — a development researchers have been tracking for months. AdvIntel’s Yelisey Boguslavskiy, meanwhile, said in his report that TrickBot’s operators had been subsumed into Conti, a Russia-linked cybercrime group known for offering “ransomware as a service” packages to its affiliates. Researchers previously had noted TrickBot connections with Conti. “In name, at least, this means that TrickBot’s four-year saga is now coming to a close — the liaison that […]

The post TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators appeared first on CyberScoop.

Continue reading TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators

DOJ beefs up efforts to combat criminal use of cryptocurrencies

Posted on by

The U.S. government is intensifying efforts to combat the criminal use of cryptocurrencies as federal prosecutors continue to target the business models and logistics of cybercrimes such as ransomware, Deputy Attorney General Lisa Monaco said Thursday. Speaking at the Munich Cyber Security Conference to announce several key developments in the government’s approach, Monaco said that the National Cryptocurrency Enforcement Team (NCET) — unveiled in October as part of an overall U.S. government to focus its resources on combatting ransomware operators — is getting its first director: Eun Young Choi. Choi is a seasoned federal cybersecurity prosecutor who most recently led the prosecution of Andrei Tyurin, a Russian national convicted of computer intrusion, wire fraud and other charges related to the theft of personal data from over 100 million customers of major U.S. financial firms. He was sentenced to 12 years in prison in January 2021. “Ransomware and digital extortion — […]

The post DOJ beefs up efforts to combat criminal use of cryptocurrencies appeared first on CyberScoop.

Continue reading DOJ beefs up efforts to combat criminal use of cryptocurrencies

TrickBot developers continue to refine the malware’s sneakiness and power

Posted on by

The versatile malware known as TrickBot continues to pose “great danger” to customers of financial and technology companies because its developers are trying to stay a step ahead of cybersecurity analysts, according to Check Point Research. The company says TrickBot’s authors have equipped it with layers of “anti-analysis” and “anti-deobfuscation” capabilities, meaning that if an expert tries to pick apart the malware’s code, it stops communicating with its command-and-control servers or stops working altogether. Those features “show the authors’ highly technical background and explain why Trickbot remains a very prevalent malware family,” Check Point says in research published Wednesday. The danger remains clear, too: Check Point says the various modules of TrickBot are often deployed for stealing login credentials from customers of several large banks, including Bank of America and Wells Fargo, as well as big tech firms like Microsoft and Amazon. About 60 companies are affected overall. “These brands […]

The post TrickBot developers continue to refine the malware’s sneakiness and power appeared first on CyberScoop.

Continue reading TrickBot developers continue to refine the malware’s sneakiness and power

Ukrainian government says websites for banks, defense ministry hit with DDoS attack

Posted on by

Websites for several banks and government agencies in Ukraine — including the Ministry of Defense, Ministry of Internal Affairs and the Armed Forces of Ukraine — were facing disruptions Tuesday, according to multiple sources. Ukraine’s Center for Strategic Communications and Information Security posted a message to Facebook late morning U.S. time saying the banks and the government were hit by a “massive” distributed denial-of-service (DDoS) cyberattack. A request for comment from the agency was not immediately returned. None of the reports attributed the DDoS attacks to a specific source. The attacks come as tensions in the region continue to ratchet up, with the Russian government potentially on the verge of military escalation against Ukraine. Local news reported that users were having problems with online banking earlier in the day. One of the banks in question, Privat, is one of the largest in Ukraine, and users were having issues with the […]

The post Ukrainian government says websites for banks, defense ministry hit with DDoS attack appeared first on CyberScoop.

Continue reading Ukrainian government says websites for banks, defense ministry hit with DDoS attack

‘Razzlekhan’ released on bond, husband detained ahead of cryptocurrency laundering trial

Posted on by

A U.S. judge Monday determined that Ilya Dutch Lichtenstein, one-half of the couple accused of a massive cryptocurrency laundering scheme, will await trial in prison. His wife and alleged co-conspirator, Heather Morgan, was set free on a $3 million bond package, with the conditions of strict electronic monitoring and limits on her virtual currency accounts. Federal law enforcement arrested the pair earlier this month for allegedly conspiring to launder $4.5 billion worth of cryptocurrency stolen in a 2016 hack of virtual cryptocurrency exchange Bitfinex.  Lichtenstein and Morgan employed sophisticated money-laundering techniques that included the use of a combination of fictitious identities, automatic transactions, and dispersing funds across virtual currency accounts. Prosecutors found access keys to the wallet containing the stolen cryptocurrency in Lichtenstein’s cloud storage, evidence that Judge Beryl Howell of the U.S. District for the District of Columbia called a “smoking gun.” Howell deemed the pair a strong flight risk […]

The post ‘Razzlekhan’ released on bond, husband detained ahead of cryptocurrency laundering trial appeared first on CyberScoop.

Continue reading ‘Razzlekhan’ released on bond, husband detained ahead of cryptocurrency laundering trial

For signs of cryptocurrency laundering, look closely at Moscow firms, report says

Posted on by

Moscow-based businesses appear to be handling much of the money laundering of cryptocurrency payments that come from global ransomware activity and other forms of cybercrime, according to a report from crypto-tracking company Chainalysis. The analysts focused on several dozen companies with a presence in Moscow City, the Russian capital’s skyscraper-packed business district. In any given quarter, “illicit and risky” blockchain addresses account for between 29% and 48% of all funds received by those cryptocurrency businesses, the report says. That traffic, including legitimate crypto transactions, can sometimes be more than $1 billion in a quarter, Chainalysis says. “A huge amount of cryptocurrency-based money laundering, not just of ransomware funds but of funds associated with other forms of cybercrime as well, goes through services with substantial operations in Russia,” Chainalysis says in the Monday blog post, which is based on its upcoming “2022 Crypto Crime Report.” The company defines “risky or illicit” […]

The post For signs of cryptocurrency laundering, look closely at Moscow firms, report says appeared first on CyberScoop.

Continue reading For signs of cryptocurrency laundering, look closely at Moscow firms, report says

Online romance scams expand, now with more cryptocurrency

Posted on by

Reports of online romance scams continued to grow in 2021, according to the Federal Trade Commission, and cryptocurrency payments now represent a big chunk of the money lost. Complaints about these heartbreaking swindles added up to $547 million overall last year, the agency said Thursday, up about 80 percent from the $307 million reported to the FTC in 2020. Of that total, $139 million in reported losses came from cryptocurrency transactions. In those cases, the victims often are subjected to a fancier plea for money than what typically occurs in a romance scam. “People are led to believe their new online companion is a successful investor who, before long, casually offers investment advice,” the FTC said. “These so-called investment opportunities often involve foreign exchange (forex) trading or cryptocurrency.” The spike in cryptocurrency-oriented complaints is dramatic. The 2021 numbers “are nearly five times those reported in 2020, and more than 25 […]

The post Online romance scams expand, now with more cryptocurrency appeared first on CyberScoop.

Continue reading Online romance scams expand, now with more cryptocurrency