Tag Archives: Ransomware

Volvo Cars cyber security breach

Volvo Cars cyber security breach

In its press release Volvo Cars, a Swedish multinational manufacturer of luxury vehicles headquartered in Torslanda, Gothenburg reported about the illegal access of its file repositories by a third party. After the discovery of the breach, the company notified relevant authorities and undertook measures to prevent further access to its property. Immediately with the news of the data breach, shares …

Read More »

Conti`s Ransomware Data Leakage

Conti`s Ransomware Data Leakage

A Swiss PRODAFT Threat Intelligence (PTI) Team recently published a report on their findings that relate to one of the most notorious cybercriminal gangs in the world. The team managed to get access to Conti`s infrastructure and obtained the real IP addresses of their servers. The report gives insights on how the Conti ransomware gang works, how many targets they …

Read More »

Ransomware actors use WinRar for encryption

Ransomware actors use WinRar for encryption

This year almost at the end of October a new ransomware group appeared with quite an unordinary encryption technique. “Memento Team” instead of encrypting files itself copies them into password-protected archives by using a retitled freeware version of the legitimate file utility WinRAR. Then the gang locks the archive with passwords and deletes original files. In the ransomware note criminals …

Read More »

Denis Dubnikov`s extradition to US

Denis Dubnikov`s extradition to US

The US Justice Department seeks an extradition of the Russian businessman Denis Dubnikov. Earlier the Netherlands government detained him at the airport in Amsterdam at the request of the FBI. The Justice Department accuses Russian of ransomware money laundering, an activity Dubnikov denies to be guilty of. According to Dubnikov`s lawyer Arkady Bukh his client will try to stop the …

Read More »

The Ransomware Statistics

The ransomware statistics

Over the past years the ransomware attacks have significantly increased according to statistics. With them targeting all kinds of organizations the large enterprises suffer the most. It’s an average of 10,000 attacks over the past two years. Cyber security specialists point out to the remarkable shift due to the pandemic in mode of work, mainly it is remote nowadays. And …

Read More »

Hive group attacked Media Markt demanding $50 million

Hive group attacked Media Markt demanding $50 million

Last Sunday a German multinational chain of stores selling consumer electronics with over 1000 stores in Europe endured a cyberattack. Media Markt has over 1,000 stores in 13 countries. It employs roughly 53,000 employees and has a total revenue of €20.8 billion. Company’s branches in Germany, Belgium and Netherlands fell victims to the Hive ransomware onslaught. Hive ransomware attacked Media …

Read More »

Operation Cyclone sweeps Cl0p ransomware hackers

Operation Cyclone sweeps Cl0p ransomware hackers

Interpol, the International Criminal Police Organization, recently shared the details of the codenamed Cyclone operation. It resulted in six persons` arrest in June this year and two Red Notices issued by international law enforcement. The whole operation and investigation lasted all 30 months under the lead of Ukraine, Korea and the US. Suspects allegedly worked on behalf of the Cl0p …

Read More »

Bounty rewards to hunt DarkSide ransomware hackers

Million rewards for information on DarkSide ransomware

The US Department of Justice announced a money reward of up to $10,000,000 for information on DarkSide leadership individuals. It includes the information on their location or identification. Also the Department promises up to $5,000,000 for information that will bring DarkSide affiliates to arrest and/or conviction. “More than 75 transnational criminals and major narcotics traffickers have been brought to justice …

Read More »

BlackMatter Great Shut Down

BlackMatter Great Shut Down

BlackMatter ransomware group announced its shut down due to “pressure from the authorities”. VX-Underground, which collects the latest malware samples posted the BlackMatter announcement about its shut down on Twitter. Many believe DarkSide to be the predecessor of BlackMatter. And it’s quite the possibility in the future for hackers to just reappear under a different name. BlackMatter ransomware group has …

Read More »

REvil hacker Yevgeniy Polyanin on the FBI wanted list

REvil hacker Yevgeniy Polyanin on the FBI wanted list

On Monday, November 8, 2021 United States Department of Justice announced charges against two foreign nationals Russian Yevgeniy Polyanin and Ukrainian Yaroslav Vasinskyi. They reportedly deployed Sodinokibi/REvil ransomware to attack government entities and businesses in the United States. REvil hacker appeared on the FBI wanted list According to the indictment Yevgeniy Polyanin, 28, a Russian national conducted Sodinokibi/REvil ransomware attacks …

Read More »

12 high-profile ransomware hackers targeted

12 high-profile hackers targeted by Europol

On October 26th the action day against ransomware took place. Joint forces conducted operations in Ukraine and Switzerland. Specialists consider suspects high-value targets because of their involvement in other high-profile cases in various jurisdictions. As a result of the operation joint forces seized over USD 52 000 in cash, also 5 luxury cars. In addition, forensic specialists currently assess the …

Read More »

BlackMatter ransomware victims get free decryption key

Blackmatter ransomware logo victims get free decryption key

First detected in July 2021, BlackMatter is ransomware-as-a-service (Raas) tool. It lets the ransomware’s criminals get financial gain from their affiliates (i.e BlackMatter actors) who exploit it against victims. This ransomware group can be a possible rebrand of DarkSide, a RaaS gang that was operating from September 2020 through May 2021. BlackMatter targeted numerous U.S. organizations and demanded ransom payments …

Read More »

U.S. Treasury and FinCEN investigates the $5.2 bln ransom payments

$5.2 billion ransomware payments, US Treasury reports

With ransomware steadily climbing the charts of criminal reports, the Biden administration is developing plans to combat it. Due to this the current president’s administration held a meeting with the representatives of 30 countries. The plans were to discuss the current state of the situation and the possible solutions. One of such proactive steps is the decision to impose new …

Read More »

Cyber criminals use old unpatched vulnerabilities

Cyber criminals use old unpatched vulnerabilities

Cyber security researchers at California-based company Qualys published a report in which they analyzed Common Vulnerabilities and Exposures (CVEs). The results showed mostly those used in ransomware attacks over the past years. The interesting thing was that most of the often-used vulnerabilities were those that have been left unpatched. “The rate at which vulnerabilities are rising is exponentially higher than …

Read More »

U.S. government starts the active campaign against ransomware

U.S. government starts the active campaign against ransomware

Several American newspaper outlets recently published articles concerning the current American president’s administration rumored steps in regard to the growing ransomware criminal ecosystem. U.S government officials expressed their concern that this particular kind of crime poses a great threat to national security. Ransomware hackers to pose a threat to national security The incidents with Colonial Pipeline and one of the …

Read More »