18 matches found
Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested
European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering...
Canadian Netwalker Ransomware Affiliate Sentenced to 20 Years in U.S. Prison
A former affiliate of the Netwalker ransomware has been sentenced to 20 years in prison in the U.S., a little over three months after the Canadian national pleaded guilty to his role in the crimes. Sebastien Vachon-Desjardins, 35, has also been ordered to forfeit $21,500,000 that was illicitly...
To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved
We're here with the final installment in our Pain Points: Ransomware Data Disclosure Trends report blog series, and today we're looking at a unique aspect of the report that clarifies not just what ransomware actors choose to disclose, but who discloses what, and how the ransomware landscape has...
Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
A former Canadian government employee this week agreed to plead guilty in the U.S. to charges related to his involvement with the NetWalker ransomware syndicate. Sebastien Vachon-Desjardins, who was extradited to the U.S. on March 10, 2022, is accused of conspiracy to commit computer fraud and wi...
NetWalker ransomware gang member sentenced to 7 years in prison
By Deeba Ahmed Sebastien Vachon-Desjardins, a NetWalker ransomware gang member, pleaded guilty to 5 charges including data theft and ransom. In… This is a post from HackRead.com Read the original post: NetWalker ransomware gang member sentenced to 7 years in prison...
Ransomware Profitability
Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019. Based on the companys data, among last years top earners, there were groups like Ryuk, Maze now-defunct, Doppelpaymer, Netwalker disrupted by...
A week in security (January 25 – January 31)
January 28 was Data Privacy Day, but for Malwarebytes Labs, it was Data Privacy Week. As such, were packed with more privacy coverage than you can shake a stick at, starting with some practical steps on how to make your online life private and secure, and why privacy is core to a safer internet. ...
Authorities Seize Dark-Web Site Linked to the Netwalker Ransomware
U.S. and Bulgarian authorities this week took control of the dark web site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. "We are striking back against the growing threat of ransomware by not only bringing criminal charges against the responsible actors...
NetWalker ransomware disrupted – Cryptocurrency and domain seized
By Waqas Authorities have arrested a Canadian national affiliated with the NetWalker ransomware operation. This is a post from HackRead.com Read the original post: NetWalker ransomware disrupted - Cryptocurrency and domain seized...
Arrest, Seizures Tied to Netwalker Ransomware
U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charg...
NetWalker Ransomware Suspect Charged; Tor Site Seized
Hot on the heels of the Emotet takedown announced Wednesday, the NetWalker ransomware has also been partially disrupted by an international police action. The Department of Justice said Wednesday that it has brought charges “against a Canadian national in relation to NetWalker ransomware attacks,...
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
UPDATE The virulent malware known as Emotet – one of the most prolific malware strains globally – has been dealt a blow thanks to a takedown by an international law-enforcement consortium. Meanwhile, the NetWalker ransomware has also been subjected to partial disruption, according to the U.S...
Quarterly Report: Incident Response trends in Summer 2020
By David Liebenberg and Caitlin Huey. For the fifth quarter in a row, Cisco Talos Incident Response CTIR observed ransomware dominating the threat landscape. Infections involved a wide variety of malware families including Ryuk, Maze, LockBit, and Netwalker, among others. In a continuation of...
NetWalker Ransomware Rakes in $29M Since March
The NetWalker ransomware has been around for about a year, but it has really made a name for itself in 2020, racking up around $29 million in extortion gains just since March. First detected in August 2019, NetWalker lingered around before surging in use in March through June, according to an...
Take a "NetWalk" on the Wild Side
ARCHIVED STORY Take a “NetWalk” on the Wild Side ATR Operational Intelligence Team · AUG 03, 2020 · 25 MIN READ Executive Summary The NetWalker ransomware, initially known as Mailto, was first detected in August 2019. Since then, new variants were discovered throughout 2019 and the beginning of...
UCSF Pays $1.14M After NetWalker Ransomware Attack
The University of California, San Francisco UCSF has paid a $1.14 million ransom to recover data related to “important” academic work. The data was encrypted after the NetWalker ransomware reportedly hit the UCSF medical school. The UCSF, which includes a medical school and a medical center UCSF...
Knoxville Ransomware Attack Leads to IT Network Shutdown
The city of Knoxville, Tenn. is reeling from a ransomware attack that knocked the city’s network offline and prevented police officers from responding to non-life-threatening traffic crashes. The incident occurred Wednesday and shuttered systems until Thursday. Also impacted was the city’s intern...
Threat Analysis Unit (TAU) Threat Intelligence Notification: MailTo (NetWalker) Ransomware
MailTo is a ransomware variant that has recently been reported to have been part of a targeted attack against Toll Group, an Australian freight and logistics company. This ransomware makes no attempt to remain stealthy, and quickly encrypts the user’s data as soon as the ransomware is launched...