Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks targeting Dutch companies in 2021. "He is wanted internationally for committing several cybercrimes ransomware attacks, blackmail, and money laundering against...

ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families

Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate formerly Infra Storm that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of...

DoppelPaymer ransomware group suspects identified

The German police in cooperation with the US Secret Service have executed search warrants against suspected members of the DoppelPaymer ransomware group in Germany and Ukraine. In March of 2023, we reported how the German Regional Police and the Ukrainian National Police, with support from Europo...

A week in security (March 6 - 12)

Last week on Malwarebytes Labs: 8 cybersecurity tips to keep you safe when travelling National Cybersecurity Strategy Document: What you need to know Intel CPU vulnerabilities fixed. But should you update? Warning issued over Royal ransomware Play ransomware gang leaks City of Oakland data...

DoppelPaymer ransomware group disrupted

Europol has announced it has arrested two suspected core members of the DoppelPaymer ransomware group. On 28 February, the German Regional Police and the Ukrainian National Police, with support from Europol, the Dutch Police, and the United States Federal Bureau of Investigations FBI, apprehended...

Top members of DoppelPaymer Ransomware gang arrested

By Deeba Ahmed Authorities have arrested two suspected members of the DoppelPaymer ransomware gang in Germany and Ukraine, believed to be high-value members of the cybercrime syndicate. This is a post from HackRead.com Read the original post: Top members of DoppelPaymer Ransomware gang arrested...

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind large-scale attacks using DoppelPaymer ransomware. The operation, which took place on February 28, 2023, was carried out with support from the Dutch National Police...

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind large-scale attacks using DoppelPaymer ransomware. The operation, which took place on February 28, 2023, was carried out with support from the Dutch National Police...

DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

The ransomware gang identified as DoppelPaymer has leaked a substantial collection of files from the Illinois Office of the Attorney General OAG on a server controlled by the cybercriminal group. The move came after ransom negotiations between the two parties broke down following a ransomware...

Kia Motors Hit With $20M Ransomware Attack – Report

So far, Kia Motors America has publicly acknowledged an “extended system outage,” but ransomware gang DoppelPaymer claimed it has locked down the company’s files in a cyberattack that includes a $20 million ransom demand. That $20 million will gain Kia a decryptor and a guarantee to not to publis...

Ransomware Profitability

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the companys data, among last years top earners, there were groups like Ryuk, Maze now-defunct, Doppelpaymer, Netwalker disrupted by...

Apple Manufacturer Foxconn Confirms Cyberattack

Foxconn Technology Group confirmed Tuesday that a November cyberattack knocked some of its U.S. operations offline. The incident is reportedly a ransomware attack carried out by a cybergang attempting to extort $34 million from the global manufacturing powerhouse. “We can confirm that an...

Knoxville Ransomware Attack Leads to IT Network Shutdown

The city of Knoxville, Tenn. is reeling from a ransomware attack that knocked the city’s network offline and prevented police officers from responding to non-life-threatening traffic crashes. The incident occurred Wednesday and shuttered systems until Thursday. Also impacted was the city’s intern...

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly...

LA County Hit with DoppelPaymer Ransomware Attack

The DoppelPaymer ransomware operators claim that they’ve hit a Los Angeles county with a ransomware attack – and are now leaking the city’s data online, according to a recent report. Impacted is the city of Torrance, a coastal U.S. city in the South Bay region of LA, which has a population of...

'Double Extortion' Ransomware Attacks Spike

Victims of ransomware attacks now face a double whammy of headaches. Cybercriminals are increasingly inflicting more pain on ransomware victims by threatening to leak compromised data or use it in future spam attacks, if ransom demands aren’t met. The ransomware tactic, call “double extortion,”...

DoppelPaymer ransomware hits SpaceX, Tesla & Boeing’s parts manufacturer

By Deeba Ahmed According to security researchers, DoppelPaymer Ransomware is a relatively new file-encrypting and data-stealing malware. This is a post from HackRead.com Read the original post: DoppelPaymer ransomware hits SpaceX, Tesla & Boeing's parts manufacturer...

Head Fake: Tackling Disruptive Ransomware Attacks

Within the past several months, FireEye has observed financially-motivated threat actors employ tactics that focus on disrupting business processes by deploying ransomware in mass throughout a victim’s environment. Understanding that normal business processes are critical to organizational succes...

A week in security (July 15 – 21)

Last week on Malwarebytes Labs, we took an extensive look at Sodinokibi, one of the new ransomware strains found in the wild that many believe picked up where GandCrab left off. We also profiled Extenbro, a Trojan that protects adware; reported on the UK's new Facebook reporting tool, homed in on...