Europol Breaks Open Extensive Mafia Cybercrime Ring

International law enforcement has busted up an extensive cybercrime operation run by a gang with ties to the Italian Mafia. The group allegedly used phishing attacks to defraud hundreds of victims. The suspects used various lures to convince victims mostly Italian nationals but also Spanish,...

Sextortion on the rise, warns FBI

The pandemic saw a surge in sextortion cases in 2020. Fast forward 12 months, and the numbers continue to rise significantly. This revelation came from the FBI Internet Crime Complaint Center IC3. Until 31 July 2021, it had received over 16,000 sextortion complaints, with victims losing a combine...

3 steps to prevent and recover from ransomware

On July 14, 2021, the National Cybersecurity Center of Excellence1 NCCoE at the National Institute of Standards and Technology2 NIST hosted a virtual workshop3 to seek feedback from government and industry experts on practical approaches to preventing and recovering from ransomware and other...

3 steps to prevent and recover from ransomware

On July 14, 2021, the National Cybersecurity Center of Excellence1 NCCoE at the National Institute of Standards and Technology2 NIST hosted a virtual workshop3 to seek feedback from government and industry experts on practical approaches to preventing and recovering from ransomware and other...

REvil gang hits UK ITSPs with series of extortion-based DDoS attacks

By Waqas Reportedly, the REvil ransomware gang is using DDoS attacks to make huge ransom demands from victim companies VoIP Unlimited and Voipfone. This is a post from HackRead.com Read the original post: REvil gang hits UK ITSPs with series of extortion-based DDoS attacks...

Cheap and nasty: How for $100 low-skilled ransom DDoS extortionists can cripple your business

Distributed Denial of Service DDoS attacks capable of crippling network resources and websites can be rented online for as little as $5 an hour. With an average financial impact of $100k for just one hour of downtime, that’s a serious return on cybercriminal investment. And that’s just for the...

Ransom DDoS: What you need to know now

According to the 2021 DDoS Threat Landscape Report, Ransom DDoS RDoS threats are on the rise. Imperva researchers have been monitoring threats against several of our customers where extortionists have demanded payment in BitCoin to prevent DDoS attacks. The attack patterns this year are very...

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more...

Dogged Persistence -- The Name of the Game for One DDoS Attacker

With DDoS, we typically observe a moderate degree of attacker persistence. DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little...

LockBit 2.0 Ransomware Proliferates Globally

The LockBit ransomware-as-a-service RaaS gang has ramped up its targeted attacks, researchers said, with attempts against organizations in Chile, Italy, Taiwan and the U.K. using version 2.0 of its malware. Attacks in July and August have employed LockBit 2.0, according to a Trend Micro analysis...

LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK

The ransomware group LockBit resurfaced in June with LockBit 2.0, with reports indicating an increased number of targeted companies and the incorporation of double extortion features. Our detections followed attack attempts in Chile, Italy, Taiwan, and the UK from July to August...

Why Is There A Surge In Ransomware Attacks?

The U.S. is presently combating two pandemics--coronavirus and ransomware attacks. Both have partially shut down parts of the economy. However, in the case of cybersecurity, lax security measures allow hackers to have an easy way to rake in millions. It's pretty simple for hackers to gain...

Ransomware Payments Explode Amid ‘Quadruple Extortion’

Two reports slap hard figures on what’s already crystal clear: Ransomware attacks have skyrocketed, and ransomware payments are the comet trails that have followed them skyward. The average ransomware payment spiked 82 percent year over year: It’s now over half a million dollars, according to the...

IT Giant Accenture Hit by LockBit Ransomware; Hackers Threaten to Leak Data

Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. "These people are beyond privacy and security. I...

PlugwalkJoe Does the Perp Walk

Joseph "PlugwalkJoe" OConnor, in a photo from a paid press release on Sept. 02, 2020, pitching him as a trustworthy cryptocurrency expert and advisor. One day after last summers mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" OConnor appeared to...

Kaseya Obtains Universal Decryptor for REvil Ransomware

Kaseya has obtained a master decryptor key for the REvil ransomware that locked up the systems of at least 60 of its customers in a spate of worldwide cyberattacks on July 2. The attacks, which exploited now-patched zero-days in the Kaseya Virtual System/Server Administrator VSA platform, affecte...

What’s Next for REvil’s Victims?

Last week, the servers of ransomware giant REvil vanished. Many applauded as dark-web and clear-web sites used to support the backend infrastructure of REvil, aka Sodinokibi, as well as to leak victims’ data, slipped offline early Tuesday morning. Not REvil’s victims, though. They’re now stuck,...

REvil is Off-Line

This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American targets, the most aggressive of the groups suddenly went off-line early Tuesday. … Gone was the publicly available "happy blog" th...

Babuk ransomware builder leaked following muddled “retirement”

In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding a ransom for information stolen from compromised networks, leaving the encryption part of their operation behind. It meant that they no longer needed ransomware at all. “Babuk changes...

A week in security (June 21 – June 27)

Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...