U.S. Charges Russian Man as Boss of LockBit Ransomware Group

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attac...

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator

The U.K. National Crime Agency NCA has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development...

LockBit 3.0 Builder Unleashed Custom Ransomware on the Rise

...

Using the LockBit builder to generate targeted ransomware

The previous Kaspersky research focused on a detailed analysis of the LockBit 3.0 builder leaked in 2022. Since then, attackers have been able to generate customized versions of the threat according to their needs. This opens up numerous possibilities for malicious actors to make their attacks mo...

The LockBit’s Attempt to Stay Relevant, Its Imposters and New Opportunistic Ransomware Groups

The LockBit’s Attempt to Stay Relevant, Its Imposters and New Opportunistic Ransomware Groups By Jambul Tologonov and John Fokker · April 11, 2024 The Trellix Advanced Research Center has recently observed an uptick of LockBit-related cyber activity surrounding vulnerabilities in ScreenConnect...

CL0P's Ransomware Rampage - Security Measures for 2024

2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 t...

The Drop in Ransomware Attacks in 2024 and What it Means

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the ransomware industry was down to 1,048...

PT-2024-12343 · Telegram +1 · Telegram +1

Name of the Vulnerable Software and Affected Versions: ESXi affected versions not specified Telegram affected versions not specified Description: The issue is related to the Operation Cronos impact on LockBit, following a landmark disruption. It affects the financial industry, specifically in the...

Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption

Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption...

German Police Seize 'Nemesis Market' in Major International Darknet Raid

German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office aka Bundeskriminalamt or BKA said it seized the digital infrastructure associated wit...

TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 CVSS score...

LockBit Takedown and Resurgence

What Happened? In a coordinated effort by National Crime Agency, Europol and multiple other internation law enforcement agencies dealt a significant blow to the operations of the LockBit ransomware group. Dubbed Operation Cronos, this multi-agency initiative led to the seizure of LockBit's dark w...

Ransomware’s appetite for US healthcare sees known attacks double in a year

Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. Described by the American Hospital Association AHA President and CEO Rick Pollack as “the most significant and consequential incident of its kind...

The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions

In ancient Greek mythos, the mighty Hercules faced a seemingly insurmountable challenge when he encountered the Lernaean Hydra. This fearsome serpent had a terrifying ability: For every head that Hercules severed, two more would spring forth, creating a never-ending cycle of regrowth and renewal...

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice DoJ wit...

LockBit Affiliate Sentenced to 4 Years in Canada, Faces Extradition

By Deeba Ahmed Mikhail Vasiliev, a Russian-Canadian citizen faces four years in a Canadian prison and is likely to be extradited to the US after completing his sentence. This is a post from HackRead.com Read the original post: LockBit Affiliate Sentenced to 4 Years in Canada, Faces Extradition...

EquiLend Employee Data Breached After January Ransomware Attack

By Waqas Some reports suggest that LockBit ransomware gang is behing the EquiLend data breach. This is a post from HackRead.com Read the original post: EquiLend Employee Data Breached After January Ransomware Attack...

ALPHV ransomware gang fakes own death, fools no one

For the second time in only four months, all is not well on the ALPHV aka BlackCat ransomware gangs dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message "THIS WEBSITE HAS BEEN SEIZED." The...

No “Apple magic” as 11% of macOS detections last year came from malware

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. There pretty much always has been. As revealed in our 2024 ThreatDown State of Malware report, a full 11% of all detections recorded by Malwarebytes on Mac computers in 2023 were for different variants o...

Attacks, Vulnerabilities and Actors 26 February to 3 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, twelve vulnerabilities were uncovered, and six active adversaries we...