The ‘Groove’ Ransomware Gang Was a Hoax

A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. Continue reading The ‘Groove’ Ransomware Gang Was a Hoax

Cofense appoints Ronnie Tokazowski as Principal Threat Advisor

Cofense has appointed Ronnie Tokazowski as Principal Threat Advisor. Tokazowski brings to the Cofense team a wealth of firsthand knowledge and research on Business Email Compromise (BEC), which will bolster the company’s mission to support organization… Continue reading Cofense appoints Ronnie Tokazowski as Principal Threat Advisor

Bitdefender releases REvil decryptor as ransomware gang shows signs of return

As law enforcement braces for the revival of the REvil ransomware gang, a cybersecurity firm on Thursday released a free decryption tool for early victims of the criminals. The decryptor, which Bitdefender developed in coordination with an unnamed law enforcement partner, will aid victims hit before July 13. The Romania-based company said it was still in the middle of an investigation with its partner, which agreed to release the decryptor before completing the joint inquiry to help as many victims as possible. Bitdefender has a long history of working with Europol to release tools that help victims of digital extortion sidestep the process of making a payment. “We believe new REvil attacks are imminent after the ransomware gang’s servers and supporting infrastructure recently came back online after a two month hiatus,” Bitdefender wrote in a blog post. According to another cybersecurity firm, Flashpoint, REvil is already fully back in business. […]

The post Bitdefender releases REvil decryptor as ransomware gang shows signs of return appeared first on CyberScoop.

Continue reading Bitdefender releases REvil decryptor as ransomware gang shows signs of return

Four years after FBI shut it down, AlphaBay dark web marketplace claims it’s back in business

It might be time to update the obituary of one of the web’s most notorious marketplaces for hacking tools and drugs. Four years after the FBI shut down AlphaBay, which registered a reported $1 billion in transactions, a scammer is touting the launch of a new version of the illicit marketplace, according to threat intelligence firm Flashpoint. In an online posting earlier this week, someone claiming to be one of the original moderators of AlphaBay said the marketplace was coming back into business, Flashpoint researchers noted. Among the offerings on the revamped AlphaBay, according to the posting, will be the source code of a hacking tool that steals banking credentials, and money, from victims. U.S. and European law enforcement agencies have in the last year conducted a series of crackdowns on popular dark-web forums. But the alleged resurrection of AlphaBay, dubbed the Amazon.com of the dark web, shows how difficult it can […]

The post Four years after FBI shut it down, AlphaBay dark web marketplace claims it’s back in business appeared first on CyberScoop.

Continue reading Four years after FBI shut it down, AlphaBay dark web marketplace claims it’s back in business

Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers

Digital sleuths at cyber threat intelligence firms have found clues that a seemingly new ransomware organization has links to DarkSide and REvil, two gangs that suddenly disappeared shortly after major attacks. From the moment DarkSide vanished following the Colonial Pipeline incident and REvil went dark after locking up JBS and customers of Kaseya, questions swirled about whether a government took them down, whether attackers quit, or whether they simply went underground to rebrand. Flashpoint, Mandiant and Recorded Future on Tuesday and Wednesday said they discovered at least some connection between DarkSide and/or REvil and BlackMatter, a group that emerged last week. “The project has incorporated in itself the best features of DarkSide, REvil, and LockBit,” BlackMatter itself proclaimed, according to Recorded Future. LockBit is another ransomware operation that first appeared in 2019, and all three are thought to operate out of Russia. Exactly what “best features” BlackMatter borrowed from other […]

The post Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers appeared first on CyberScoop.

Continue reading Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers

Flashpoint collaborates with Cybermerc to enhance its threat intelligence solution

Flashpoint announces a partnership with the Australian threat intelligence services provider Cybermerc. The partnership features a joint solution making Flashpoint’s advanced threat intelligence available in Cybermerc service offerings and acts as a va… Continue reading Flashpoint collaborates with Cybermerc to enhance its threat intelligence solution

Audax Private Equity acquires Flashpoint to support its growth initiatives

Audax Private Equity announced that it has acquired a majority stake in Flashpoint to support its continued growth initiatives. Terms of the transaction were not disclosed. Based in New York City, Flashpoint is a provider of actionable threat intellige… Continue reading Audax Private Equity acquires Flashpoint to support its growth initiatives

Flashpoint partners with Cyware to deliver enhanced threat intelligence

Flashpoint announced a partnership with Cyware, the Virtual Cyber Fusion platform provider. The partnership features a joint solution enabling customers to leverage Flashpoint’s advanced threat intelligence within the Cyware Virtual Cyber Fusion platfo… Continue reading Flashpoint partners with Cyware to deliver enhanced threat intelligence

Virsec expands executive team to further drive business acceleration

Virsec reported significant momentum in the first half of 2021 with solid revenue growth, strategic customer validation and testing, and prominent industry acceptance of its non-traditional approach to reducing cyber threats. To further drive business … Continue reading Virsec expands executive team to further drive business acceleration

How Hydra, a Russian dark net market, made more than $1 billion in 2020

Russian-speaking dark web bazaar Hydra has dominated the illicit marketplace since 2018, thanks in part to the demise of a rival business as well as its imposition of restrictive policies on sellers, according to research published Tuesday. Hydra administrators have made transactions on the site more difficult to track by forcing users to transact in difficult-to-track Russian currencies, along with regional financial operators and service providers, according to the research. Dark web markets have typically relied on a variety of methods for withdrawing funds, from ATMs to escrow services. It adds up to a headache for law enforcement, potential competitors and other entities with an interest in disrupting Hydra, concludes the joint report by dark web intelligence firm Flashpoint and cryptocurrency-watching software company Chainalysis. Hydra specializes in narcotics sales. “Money laundering trails to Hydra are difficult, near impossible, to trace,” the companies said. “While the illicit trade of narcotics is problematic […]

The post How Hydra, a Russian dark net market, made more than $1 billion in 2020 appeared first on CyberScoop.

Continue reading How Hydra, a Russian dark net market, made more than $1 billion in 2020