2009 and Ransomware - Cyber Security Informer

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. All they need is one successful attempt to gain initial access."

Ransomware

Ransomware IoT Encryption Social Engineering

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes. The GandCrab identity on Exploit[.]in

Ransomware

Ransomware Accountability Cybercrime Passwords

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime

Cybercrime Ransomware Accountability Advertising

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Stunning as these two high-profile attacks were, they do not begin to convey the full scope of what a pervasive and destructive phenomenon ransomware has become – to individuals, to companies of all sizes and, lately, to poorly defended local agencies. Probing and plundering Ransomware is highly resilient and flexible.

Ransomware

Ransomware Internet Internet Hacking

The Link Between Ransomware and Cryptocurrency

eSecurity Planet

DECEMBER 21, 2021

There are few guarantees in the IT industry, but one certainty is that as the world steps into 2022, ransomware will continue to be a primary cyberthreat. The dangers from ransomware have risen sharply since WannaCry and NotPetya hit the scene in 2017, and this year has been no different. Cryptocurrency Fuels Ransomware.

Cryptocurrency

Cryptocurrency Ransomware Cybercrime Social Engineering

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

More recently, it appears Megatraffer has been working with ransomware groups to help improve the stealth of their malware. According to cyber intelligence firm Intel 471 , Megatraffer has been active on more than a half-dozen crime forums from September 2009 to the present day. WHO IS MEGATRAFFER? account on Carder[.]su su from 2008.

Malware

Malware Cybercrime Software Accountability

Nutanix makes its Cloud Platform Ransomware free

CyberSecurity Insiders

FEBRUARY 26, 2021

Nutanix, a cloud infrastructure and software provider has made it official that its cloud platform will be ransomware protected, thus making it conducive for businesses to implement their virtualization and other enterprise network storage needs with no hesitation.

Ransomware

Ransomware Software Cybersecurity

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

Bogachev is accused of running the Gameover Zeus botnet , a massive crime machine of 500,000 to 1 million infected PCs that was used for large DDoS attacks and for spreading Cryptolocker — a peer-to-peer ransomware threat that was years ahead of its time. tank: Levak was written there. tank: Because now the entire USA knows about Zeus.

Banking

Banking Small Business Accountability Malware

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

This service is actually recommended by the purveyors of the RedLine information stealer malware , which is a popular and powerful malware kit that specializes in stealing victim data and is often used to lay the groundwork for ransomware attacks. WHO RUNS CRYPTOR[.]BIZ?

Malware

Malware Antivirus Cybercrime Hacking

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization disclosed a data breach. CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists.

Education

Education Data breaches Ransomware Hacking

3 Top Reasons America Is Under a 'Ransomware Siege'

SecureWorld News

JULY 28, 2021

crime-fighting agencies testified in front of Congress this week and the hearing had a chilling title: "America Under Cyber Siege: Preventing and Responding to Ransomware Attacks". Secret Service has observed a marked uptick in the frequency, sophistication, and destructiveness of ransomware attacks against the American people.".

Ransomware

Ransomware Cybercrime Cryptocurrency Healthcare

Adventures in Contacting the Russian FSB

Krebs on Security

JUNE 7, 2021

federal prison for his role in the theft of $9 million from RBS WorldPay in 2009. enabling them to engage in disruptive ransomware attacks and phishing campaigns,” reads a Treasury assessment from April 2021. “It uses GOST encryption, and [the antivirus products] may be thinking that those properties look like ransomware.”

Antivirus

Antivirus VPN Encryption Malware

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

SecureWorld News

DECEMBER 5, 2024

Recorded Future, founded in 2009, has made its name in recent years by harnessing AI to provide real-time threat detection and predictive analytics. In the face of increasingly sophisticated threats such as ransomware, supply chain attacks, and nation-state-backed hacking groups , traditional cybersecurity methods are struggling to keep up.

Cybersecurity

Cybersecurity Threat Detection Financial Services Cyber threats

Artificial Intelligence meets real talk at IRISSCON 2024

BH Consulting

NOVEMBER 14, 2024

But a hallmark of the event since it was first held in 2009 is visiting speakers who aren’t afraid to challenge popular narratives. That’s because criminals are “slow to change” and they have little incentive to invest in alternatives as long as easy exploits like ransomware continues to make money.

Artificial Intelligence

Artificial Intelligence Ransomware Social Engineering Cybersecurity

Social Security Numbers leaked in ransomware attack on Ohio History Connection

Malwarebytes

AUGUST 29, 2023

The Ohio History Connection (OHC) has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers (SSNs) of current and former OHC employees (from 2009 to 2023).

Ransomware

Ransomware Data breaches Passwords Phishing

Ransomware in the UK: April 2022–March 2023

Malwarebytes

APRIL 12, 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their dark web sites. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware

Ransomware Education Accountability Backups

Stealing More SRE Ideas for Your SOC

Anton on Security

DECEMBER 21, 2021

In the past, I largely implied ( even in 2009 ) that sub-second speed matters little in security, especially in the day and age of 200+ day response timelines. With ransomware, speed does matter. Speed does come up a lot in SRE discussions of automation, after all “humans don’t usually react as fast as machines.” Guess what?

Engineering

Engineering Phishing Ransomware Technology

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cybersecurity

Cybersecurity Engineering Software Malware

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

The Ransomware Scourge. The Institute for Science and Technology ' Ransomware Task Force ' (RTF), which is a collaboration of more than 60 stakeholders, finally released its ransomware framework , which comprised of 48 strategies to tackle the ransomware problem.

Ransomware

Ransomware Passwords Scams Government

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Banking

Banking Malware Advertising Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

These criminal groups stole millions of dollars from their victims and even attacked a major hospital with ransomware, leaving it unable to provide critical care to patients for over two weeks,” said Acting Assistant Attorney General Nicole M. Argentieri of the Justice Department’s Criminal Division.

Malware

Malware Cybercrime Banking Hacking

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

AI and the SEC Whistleblower Program

Schneier on Security

OCTOBER 21, 2024

In 2009, after Bernie Madoff’s $65 billion Ponzi scheme was exposed, Congress authorized the SEC to award bounties from civil penalties recovered from securities law violators. Ransomware groups have used the threat of SEC whistleblower tips as a tactic to pressure the companies they’ve infiltrated into paying ransoms.

Artificial Intelligence

Artificial Intelligence Marketing Data Analyst Government

What Are the Effects of a Cyberattack in a Recession?

CyberSecurity Insiders

SEPTEMBER 16, 2022

The last global recession occurred in 2009. If a ransomware attack hits a business and compromises its information, It will probably pay to keep afloat. The average ransomware payment was $570,000 in 2021. Can criminal operations shut down like others do as an unfortunate side effect of economic unrest?

Cybercrime

Cybercrime Identity Theft Government Technology

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

An ad for war.md, circa 2009. ru ) show that in 2009 he was a spammer who peddled knockoff prescription drugs via Rx-Promotion , once one of the largest pharmacy spam moneymaking programs for Russian-speaking affiliates. Neculiti was the owner of war[.]md Cached copies of DonChicho’s vanity domain ( donchicho[.]ru

North Korea-linked group Lazarus targets Latin American banks

Security Affairs

NOVEMBER 24, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Banking

Banking Encryption Malware Advertising

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Banking

Banking Retail Advertising Malware

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Hacking Phishing Ransomware

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Who’s Behind the GandCrab Ransomware?

Trending Sources

Canada Charges Its “Most Prolific Cybercriminal”

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Link Between Ransomware and Cryptocurrency

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Nutanix makes its Cloud Platform Ransomware free

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Why Malware Crypting Services Deserve More Scrutiny

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

3 Top Reasons America Is Under a 'Ransomware Siege'

Adventures in Contacting the Russian FSB

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

Artificial Intelligence meets real talk at IRISSCON 2024

Social Security Numbers leaked in ransomware attack on Ohio History Connection

Ransomware in the UK: April 2022–March 2023

Stealing More SRE Ideas for Your SOC

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Cyber Security Roundup for May 2021

North Korea-linked APT group BeagleBoyz targets banks

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

North Korea-linked Lazarus APT targets the COVID-19 research

AI and the SEC Whistleblower Program

What Are the Effects of a Cyberattack in a Recession?

Stark Industries Solutions: An Iron Hammer in the Cloud

Shodan: Cybersecurity Tool or Hacker’s Yellow Pages?

Experts link attack on Chilean interbank network Redbanc NK Lazarus APT

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

US and UK sanctioned seven Russian members of Trickbot gang

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

North Korea-linked Lazarus APT targets the IT supply chain

The analysis of the code reuse revealed many links between North Korea malware

Nine Top of Mind Issues for CISOs Going Into 2023

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Lazarus APT continues to target cryptocurrency businesses with Mac malware

FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Dacls RAT, the first Lazarus malware that targets Linux devices

The US Treasury placed sanctions on North Korea linked APT Groups

Microsoft: North Korea-linked Zinc APT targets security experts

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

North Korea-linked group Lazarus targets Latin American banks

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Stay Connected