Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. ...

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice DoJ wit...

There Are Dark Corners of the Internet. Then There's 764

A global network of violent predators is hiding in plain sight, targeting children on major platforms, grooming them, and extorting them to commit horrific acts of abuse...

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass...

GhostSec and Stormous Join Forces for a Ransomware Blitz

Summary: The GhostSec and Stormous ransomware factions have launched a sophisticated campaign. Introducing the GhostLocker 2.0 ransomware and the STMXGhostLocker ransomware-as-a-service RaaS initiative, these groups employ double extortion tactics, posing a significant threat to businesses...

You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam

Its that time of the year when not only do you have to be worried about filing your federal taxes in the U.S., you must also be on the lookout for a whole manner of tax-related scams. These are something that pop up every year through email, texts, phone calls and even physical mail -- phony...

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. "TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries," Cisco Talos researcher...

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group a.k.a. "ALPHV" as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide f...

GhostSec’s joint ransomware operation and evolution of their arsenal

Cisco Talos observed a surge in GhostSec, a hacking groups malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware. The GhostSec and Stormous ransomware groups are jointly conducting double extortion...

BlackCat’s Resurgence Despite Law Enforcement Disruptions

Summary: Blackcat, a sophisticated Ransomware-as-a-Service operation, infiltrates networks using advanced social engineering and remote access tools, offering triple extortion tactics and cyber remediation advice for ransom payment, and resurged after a December 2023 disruption, causing widesprea...

Ransomware Reality Check: Deciphering Priorities in a Sea of Cyber Extortion

Welcome to a critical exploration of the 2023 Cyber Vulnerability Landscape, with a specific focus on the escalating threat of ransomware. I have previously shared the broader results we found in evaluating the 2023 threat landscape; this is now a deeper dive into what the data reveals specifical...

RansomHouse am See

RansomHouse am See By Pham Duy Phuc in collaboration with Noël Keijzer and Michaël Schrijver from Northwave · February 14, 2024 This blog was also written by Max Kersten Ransom gangs make big bucks by extorting victims, which sadly isn’t new. Their lucrative business allows them not only to live...

Ransomware review: February 2024

This article is based on research by Marcelo Rivero, Malwarebytes ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of...

Rhysida Ransomware Cracked, Free Decryption Tool Released

Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and...

What is Blackcat Ransomware

Begin This Exploration: Unraveling the Mysteries of PantheraNegra Malware As new forks in the road of online threats emerge, an innovative peril has cast its shadow in the digital landscape – a danger we have identified as PantheraNegra Malware. What sets PantheraNegra Malware apart? Let's unrave...

The evolution of the Kuiper ransomware

Kuiper Ransomware’s Evolution By Trellix · January 17, 2024 This blog was written by Max Kersten The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help...

A true tale of virtual kidnapping: Lock and Code S05E02

This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...

A true tale of virtual kidnapping: Lock and Code S05E02

This week on the Lock and Code podcast… On Thursday, December 28, at 8:30 pm in the Utah town of Riverdale, the city police began investigating what they believed was a kidnapping. 17-year-old foreign exchange student Kai Zhuang was missing, and according to Riverdale Police Chief Casey Warren,...

Medusa Ransomware Unleashed A Growing Cybersecurity Menace

Summary: Medusa ransomware, a potent threat since late 2022, employs a multi-extortion approach via its Medusa Blog, disclosing victim data and pressuring non-compliant organizations. Operating as a ransomware-as-a-service, Medusas global impact underscores the need for proactive cybersecurity...

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims who are unwilling to agree to their demands. "As part of their multi-extortion strategy,...