Who’s Behind the GandCrab Ransomware?

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. What follow...

A week in security (June 17 – 23)

Last week on the Malwarebytes Labs blog, we took a look at the growing pains of smart cities, took a deep dive into AI, jammed along to Radiohead, and looked at the lessons learned from Chernobyl in relation to critical infrastructure. We also explored a new Steam phish attack, and pulled apart a...

Radiohead’s ransom response shows novel approach for ransomware victims

Last week, British rock band Radiohead thwarted an attempted digital ransom, in which unnamed hackers stole roughly 18 hours of unreleased music dating back to the band’s recording of its studio album OK, Computer, revealing some less-than-ok computer security sorry. Instead of paying a ransom to...

Nine Charged in Alleged SIM Swapping Ring

Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and...

Feds Bust Up Dark Web Hub Wall Street Market

Federal investigators in the United States, Germany and the Netherlands announced today the arrest and charging of three German nationals and a Brazilian man as the alleged masterminds behind the Wall Street Market WSM, one of the world's largest dark web bazaars that allowed vendors to sell...

FBI: BEC Scam Losses Almost Double To Reach $1.2 Billion

Business email compromise BEC scams are squeezing more money than ever out of victims, with losses from the attacks almost doubling year-over-year in 2018 to reach $1.2 billion. That’s according to the FBI’s annual Internet Crime Report IC3 for 2018, which records the number of complaints, losses...

A week in security (February 18 – 24)

Last week on Malwarebytes Labs, we explored the world of crack hunting, gave you a 101 on the world of bots and their threats and advantages, and took a look at some clever phishing scams. We also explained how a Mac fends off malware, posted a handy “lazy person's guide to cybersecurity,” and du...

Payroll Provider Gives Extortionists a Payday

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company's customers for nearly three days. Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the...

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave...

More Alleged SIM Swappers Face Justice

Prosecutors in Northern California have charged two men with using unauthorized SIM swaps to steal and extort money from victims. One of the individuals charged allegedly used a hacker nickname belonging to a key figure in the underground who's built a solid reputation hijacking mobile phone...

Collection 1 data breach: what you need to know

Yesterday, news broke that the largest data dump in history had been discovered, with more than 770 million people's Personally Identifiable Information PII decrypted, catalogued, and up for grabs on the Internet. The files, which are being dubbed Collection 1, were originally found on cloud...

Malvertising Campaign Delivers Double Whammy of Ransomware and Info-Stealing

A multi-payload and ongoing malvertising campaign is distributing a newly discovered info-stealer as well as the GandCrab ransomware. The info-stealer is named Vidar, after the Norse god Víðarr, who was the son of Odin in mythology. According to researcher Fumik0, who discovered it in December,...

New email extortion scam warns “Pay $4,000 or a hitman is coming for you”

By Carolina In a new extortion scam, a cybercriminal is sending threatening emails to unsuspecting users asking them to pay a whopping $4,000 in Bitcoin or wait to be executed by a hitman. The email extortion scam surfaced on the Internet a few days ago and is currently arriving in victim's inbox...

Bitcoin Bomb Scare Associated with Sextortion Scammers

This blog was written by Jaeson Schultz. Organizations across the country are on edge today after a flurry of phony bomb threats hit several public entities Thursday, such as universities, schools and news outlets, among others. The attackers distributed malicious emails claiming to have placed...

Spammed Bomb Threat Hoax Demands Bitcoin

A new email extortion scam is making the rounds, threatening that someone has planted bombs within the recipient's building that will be detonated unless a hefty bitcoin ransom is paid by the end of the business day. Sources at multiple U.S. based financial institutions reported receiving the...

U.S. Military Members Catfished and Hooked for Thousands of Dollars

A sextortion ring that aimed “catfish” efforts at U.S. military service members has been uncovered. The scam bilked 442 service members from the Army, Navy, Air Force and Marine Corps out of more than $560,000. An 11-month investigation, dubbed “Operation Surprise Party” and carried out by the...

Feds charge 2 Iranian hackers behind SamSam ransomware attacks

By Waqas The United States Department of Justice has charged two Iranian nationals with allegedly developing and using SamSam ransomware against their targets in the United States and Canada to carry out computer hacking and extortion scheme from Iran. Both Mohammad Mehdi Shah Mansouri, 27 and...

U.S Charges Two Iranian Hackers for SamSam Ransomware Attacks

The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer hackin...

Adult Website Hack Exposes 1.2M ‘Wife Lover’ Fans

The database underlying an erotica site known as Wife Lovers has been hacked, making off with user information protected only by a simple-to-crack, outdated hashing technique known as the DEScrypt algorithm. Over the weekend, it came to light that Wife Lovers and seven sister sites, all similarly...

19-Year-Old Hacker Arrested Over Making Hoax School and Flight Bomb Threats

British police have arrested a 19-year-old teen who is an alleged member of Apophis Squad cybercriminal group responsible for making hoax bomb threats to thousands of schools and airlines; and DDoSing ProtonMail and Tutanota secure email services. George Duke-Cohan was arrested in his bedroom at...