When Scammers Get Scammed, They Take It to Cybercrime Court

Blocked from legitimate courts, cybercriminals have set up their own system for settling disputes, handing over ultimate decision-making to senior underground forum administrators who have awarded claims totaling as much as $20 million. A new report from Analyst1 details activities inside these...

US offers $10m reward for decisive info on DarkSide ransomware gang

By Waqas The US is offering $10 million to anyone who can provide information to law enforcement authorities on the infamous DarkSide ransomware gang that may help in locating and arresting its operators. This is a post from HackRead.com Read the original post: US offers $10m reward for decisive...

CISA Publishes Malware Analysis Report and Updates Alert on DarkSide Ransomware

CISA has published a new Malware Analysis Report MAR on DarkSide Ransomware and updated Alert AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks, originally released May 11, 2021. This update adds indicators of compromise associated with a...

A week in security (June 21 – June 27)

Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...

U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers

In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins currently valued at $2.3 million paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California. The...

DarkSide Ransomware Gang Extorted $90 Million from Several Victims in 9 Months

DarkSide, the hacker group behind the Colonial Pipeline ransomware attack earlier this month, received $90 million in bitcoin payments following a nine-month ransomware spree, making it one of the most profitable cybercrime groups. "In total, just over $90 million in bitcoin ransom payments were...

Update to CISA-FBI Joint Cybersecurity Advisory on DarkSide Ransomware

CISA and the Federal Bureau of Investigation FBI have updated Joint Cybersecurity Advisory AA21-131A: DarkSide Ransomware: Best Practices for Preventing Disruption from Ransomware Attacks, originally released May 11, 2021. This update provides a downloadable STIX file of indicators of compromise...

A week in security (May 10 – 16)

Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded. This attack triggered the White House to refine a planned Executive Order on cybersecurity. We also profiled DarkSide, the ransomware responsible for the...

DarkSide ransomware call it quits after Bitcoin, servers are seized

By Habiba Rashid DarkSide Ransomware gang was behind the recent Colonial Pipeline cyberattack. This is a post from HackRead.com Read the original post: DarkSide ransomware call it quits after Bitcoin, servers are seized...

Threat spotlight: DarkSide, the ransomware used in the Colonial Pipeline attack

Late last week, the business network systems of Colonial Pipeline, the biggest supplier of fuels on the East Coast of the United States, were compromised due to a ransomware attack, forcing the company to temporarily shut down its operations while investigations are underway. Monday morning,...

What We Know About the DarkSide Ransomware and the US Pipeline Attack

Trend Micro Research found dozens of DarkSide ransomware samples in the wild and investigated how the ransomware group operates and what organizations it typically targets...

Shining a Light on DARKSIDE Ransomware Operations

Update May 14: Mandiant has observed multiple actors cite a May 13 announcement that appeared to be shared with DARKSIDE RaaS affiliates by the operators of the service. This announcement stated that they lost access to their infrastructure, including their blog, payment, and CDN servers, and wou...