2014, Backups and Cybercrime - Cyber Security Informer

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

Backup attacker wallet addresses are used if the C2 server is unreachable. In December 2014, researchers from Palo Alto Networks discovered that the software installed on many of Coolpad high-end Android phones includes a CoolReaper backdoor.

Malware

Malware Manufacturing Mobile Spyware

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

.” While CLOP as a money making collective is a fairly young organization, security experts say CLOP members hail from a group of Threat Actors (TA) known as “TA505,” which MITRE’s ATT&CK database says is a financially motivated cybercrime group that has been active since at least 2014. ” .

Healthcare

Healthcare Backups Ransomware Insurance

Attacks Aimed at Disrupting the Trickbot Botnet

Krebs on Security

OCTOBER 2, 2020

. “ It could be someone in the security research community, a government, a disgruntled insider, or a rival cybercrime group. Specifically, Trickbot has a backup control mechanism: A domain name registered on EmerDNS, a decentralized domain name system. In 2014, for example, U.S. We just don’t know at this point.

Ransomware

Ransomware Malware Healthcare Internet

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

Aerial Direct’s data breach notification sent to the customers revealed that an unauthorized third party had been able to access customer data on 26 February through an external backup database. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Aerial Direct , cybercrime).

Data breaches

Data breaches Telecommunications Passwords Advertising

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

The backup of a limited number of systems was also affected.” ” N ow all critical systems at the University are online and offline backups were secured by the company. According to security experts at Fox-IT, the ransomware attack is compatible with other attacks carried out by the TA505 cybercrime gang.

Ransomware

Ransomware Cyber Attacks Backups Architecture

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Affairs

AUGUST 12, 2020

The City of Lafayette, Colorado, USA, has been forced to pay $45,000 because they were unable to restore necessary files from backup. “Financial data appears to be recoverable from unaffected backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Backups

Backups Advertising Ransomware Hacking

Massive cyber attack hit the town hall of Marseille ahead local election

Security Affairs

MARCH 15, 2020

Local and national authorities are working together to restore the operations as soon as possible, while the National Police’s Cybercrime Unit is investigating into the incident. The backup and recovery systems should help limit the damage and recover most of the data,” Vassal added.

Cyber Attacks

Cyber Attacks Ransomware Advertising Backups

Protecting People, Not Just Data

Javvad Malik

JULY 5, 2024

Oliver’s story brings into sharp focus the real-world consequences of cybercrime – the stress, the uncertainty, and the potential health complications that can arise from delayed medical procedures. The absence of a robust backup and recovery plan is a cardinal sin in the world of cybersecurity.

Healthcare

Healthcare Data breaches Cybercrime Cybersecurity

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The University was able to recover the operations from the backups, but decided to pay the ransom to avoid having ransomware operators leak student information online. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

DECEMBER 13, 2018

Experts discovered the file index.html_bkp on the Apache server (likely a backup of the index.html), which caused the web server to display the list of the files and folder stored in that folder and download them. Experts believe that directory was used to store database backups. ” reads the report published by InfoArmor.

Backups

Backups Banking Advertising Cybercrime

FBI flash alert warns of LockerGoga and MegaCortex Ransomware attacks

Security Affairs

DECEMBER 24, 2019

This move is shocking and brings the ransomware attack to a higher level of threat, we can expect that other cybercrime gangs will adopt a similar strategy to blackmail the victims and force them to pay the ransom. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Backups Encryption Cyber Attacks

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. I will also continue to post on LinkedIn about new stories in 2023. In 2016, while the U.S.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. pharma giant ExecuPharm.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Nefilim ransomware operators leaked data alleged stolen from the Dussmann group

Security Affairs

JULY 28, 2020

Ransomware

Ransomware Data breaches Advertising Backups

Stuart City is the new victim of the Ryuk Ransomware

Security Affairs

APRIL 24, 2019

Dyess confirmed that the impact was limited thanks to the availability of city’s computer backup system. “If If we wouldn’t have had these viable backups, we would probably be in a situation where we had to move into negotiations,” he said. But with those backups in place, why would we negotiate?”. Pierluigi Paganini.

Ransomware

Ransomware Backups Malware Advertising

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

APRIL 9, 2020

“As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Backups

Ransomware attack knocks Weather Channel off the Air

Security Affairs

APRIL 19, 2019

IT staff has restored the normal operations using the backups. Ransomware attacks continue to represent a serious threat for companies and organizations, it is essential to adopt good cyber hygiene using defence software, having up to date applications and implementing an efficient backup policy. Pierluigi Paganini.

Ransomware

Ransomware Backups Cyber Attacks Advertising

The kingpin behind Joker’s Stash retires with a billionaire exit

Security Affairs

FEBRUARY 14, 2021

Cybercriminal behind the most prominent carding marketplace on the dark web Joker’s Stash retires, he will shut down its servers and destroy the backups. The administrator announced the decision via messages posted on various cybercrime forums. ” reads the article published by Forbes. Image source FlashPoint.

Cybercrime

Cybercrime Backups Hacking DNS

6,500+ sites deleted after Dark Web hosting provider Daniel’s Hosting hack

Security Affairs

NOVEMBER 18, 2018

More than 6500 Dark Web services hosted on the platform were completely deleted and the bad news is that it is not possible to recover them because there are no backups as per design choice of the operator. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Advertising Cybercrime Accountability

Jackson County paid $400,000 to crooks after ransomare attack

Security Affairs

MARCH 10, 2019

The decision suggests the IT staff at the County did not have backups, or that in some way backups were encrypted too because they weren’t properly managed. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Backups Malware Government

Dutch National Cyber Security Centre warns ransomware infected thousands of businesses

Security Affairs

NOVEMBER 28, 2019

“Run updates, make sure your staff are aware of the digital threats and make backups.” ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – malware, hacking).

Ransomware

Ransomware Advertising Backups Malware

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs

APRIL 22, 2020

The gang also claims to have erased the City’s local backups and to have stolen over 200 GB of files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. million ransom. Pierluigi Paganini.

Ransomware

Ransomware Advertising Backups Data breaches

REvil ransomware operators breached healthcare org Valley Health Systems

Security Affairs

AUGUST 27, 2020

Healthcare

Healthcare Ransomware Advertising Cyber Risk

BEC scams, hacked accounts available from $150 up to $5,000

Security Affairs

OCTOBER 9, 2018

It is quite easy to find online AWS buckets containing backups of email archives, the same data could be found on publicly-accessible rsync, FTP, SMB, and NAS drives. Company credentials are a valuable commodity in the cybercrime underground , they are offered up to $5,000 for a single username and password pair. Pierluigi Paganini.

Scams

Scams Accountability Hacking Passwords

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” read a Maze’s statement reported by ZDNet.

Ransomware

Ransomware Encryption Advertising Hacking

SamSam ransomware continues to make damages. Call it targeted Ransomware

Security Affairs

NOVEMBER 3, 2018

Crooks behind the attack on MedStar requested 45 Bitcoins (about US$18,500) for restoring the encrypted files, but the organization refused to pay the Ransom because it had a backup of the encrypted information. Experts close the post recommending the importance of backup of important data for combating ransomware infections.

Ransomware

Ransomware Healthcare Backups Encryption

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

The Iron cybercrime group has been active since at least 2016, is known for the Iron ransomware but across the years it is built various strain of malware, including backdoors, cryptocurrency miners, and ransomware to target both mobile and desktop systems. Www backup paths. Tomcat default credentials and misconfigurations.

Internet

Internet Internet Passwords Malware

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

JUNE 17, 2020

MaxLinear restored some of the systems using its backups, despite Maze Ransomware threatened to leak over 1TB of data allegedly stolen before encrypting the infected systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Data breaches Advertising Insurance

Prosecutors ask 3-Year Sentence in ‘Fappening’ Case for ex-teacher

Security Affairs

FEBRUARY 25, 2019

and Facebook accounts, and thereby obtained complete iCloud backups, photographs, and other private information belonging to more than 200 victims, including both celebrities and noncelebrities.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported the DoJ. Pierluigi Paganini.

Identity Theft

Identity Theft Accountability Hacking Advertising

La Porte County finally opted to pay $130,000 Ransom

Security Affairs

JULY 15, 2019

The Ryuk virus got into the backup servers.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .” reported the WSBT. ” It seems that $100,000 out of $130,000 are being covered by insurance. Pierluigi Paganini.

Insurance

Insurance Ransomware Government Malware

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Security Affairs

NOVEMBER 15, 2018

The backup channel for sharing information is email. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Security Affairs – Central Bank of Russia, cybercrime ). Pierluigi Paganini.

Banking

Banking Computers and Electronics Phishing Cybercrime

Security Affairs newsletter Round 201 – News of the week

Security Affairs

FEBRUARY 17, 2019

Hacker deleted all data from VFEmail Servers, including backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Micropatch prevents malicious PDFs from Calling Home. Malicious PDF Analysis. Pierluigi Paganini.

Advertising

Advertising Antivirus Malware Backups

Ransomware brought down services of popular TV search engine TVEyes

Security Affairs

FEBRUARY 3, 2020

CEO David Ives confirmed that the company did not pay the ransom and that the internal staff restored from backups after sanitized the impacted systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Engineering

Engineering Ransomware Advertising Backups

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Security Affairs

NOVEMBER 29, 2018

The crooks used the Tor network to avoid being tracked, exports noticed that also encrypted data backups to prevent victims from recovering their encrypted files. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Encryption Advertising Backups

Dutch brothers sentenced to community service for involvement in CoinVault ransomware distribution

Security Affairs

JULY 27, 2018

“ CoinVault ransomware was first spotted in the wild in May 2014, it infected more than 14,000 Windows computers worldwide, most of them in the Netherlands, the US, the UK, Germany, and France. Regularly backup your important files to a separate drive or storage that are only temporarily connected. Pierluigi Paganini.

Ransomware

Ransomware Advertising Antivirus Cybercrime

New Bedford city infected with Ryuk ransomware, but did not pay $5.3M ransom

Security Affairs

SEPTEMBER 5, 2019

Then the city opted out to restore from backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Another US city was the victim of a ransomware attack, this time crooks hit the city of New Bedford, Massachusetts, asking for $5.3

Ransomware

Ransomware Encryption Advertising Backups

Experts Warn of Cyber Threats to Elections and Geopolitical Events

SecureWorld News

JUNE 14, 2024

Electoral Commission and the 2014 breach of Ukraine's election systems, Tadepalli discussed the ability of hostile nation-states, contractors, and cybercriminals to target this critical infrastructure. These actors combine resources and cyber intrusion techniques with disruptive capabilities in Information Operations."

Cyber threats

Cyber threats Backups Risk Government

Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?

Security Affairs

OCTOBER 4, 2018

” Recipe Unlimited denies it was victim of a ransomware attac, because it conducts regular system backups to promptly mitigate such kind of attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Malware Advertising Encryption

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

Security Affairs

DECEMBER 27, 2018

Criminals create entire networks from the “mirror–websites” of their online alcohol stores; if one site is blocked, they swiftly migrate to a backup resource. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Marketing

Marketing Advertising Manufacturing Retail

SamSam Ransomware operators earned more than US$5.9 Million since late 2015

Security Affairs

JULY 31, 2018

Ransomware

Ransomware Advertising Marketing Encryption

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Finally, he infects the backups by installing backdoors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. First steps. Pierluigi Paganini. SecurityAffairs – hacking, Fxmsp).

Antivirus

Antivirus Advertising Hacking Banking

What Is DoppelPaymer Ransomware? A Look At The Software Wreaking Havoc At A High Price

SiteLock

OCTOBER 20, 2021

It’s distributed by a cybercrime group called Indrik Spider, which has been in operation since 2014. Finally, DoppelPaymer runs a tool called Process Hacker, which damages the system’s defenses by terminating security, email server, backup, and database software processes.

Software

Software Ransomware Backups Malware

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

According to the Data Quality Campaign , 45 states and Washington, DC, enacted new student privacy laws between 2014 and 2020. But with the same diligence adopted by the private sector, K–12 schools can follow regulation protocols to keep cybercrime at bay so that teachers and students remained focused on what matters: their education.

Education

Education Ransomware Cybersecurity Risk

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

New Ransom Payment Schemes Target Executives, Telemedicine

Webinars

Trending Sources

Attacks Aimed at Disrupting the Trickbot Botnet

Webinars

Aerial Direct, the O2’s largest UK partner suffered a data breach

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Maastricht University finally paid a 30 bitcoin ransom to crooks

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Massive cyber attack hit the town hall of Marseille ahead local election

Protecting People, Not Just Data

University of Utah pays a $457,000 ransom to ransomware gang

ID Numbers for 120 Million Brazilians taxpayers exposed online

FBI flash alert warns of LockerGoga and MegaCortex Ransomware attacks

Happy 13th Birthday, KrebsOnSecurity!

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Nefilim ransomware operators leaked data alleged stolen from the Dussmann group

Stuart City is the new victim of the Ryuk Ransomware

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Ransomware attack knocks Weather Channel off the Air

The kingpin behind Joker’s Stash retires with a billionaire exit

6,500+ sites deleted after Dark Web hosting provider Daniel’s Hosting hack

Jackson County paid $400,000 to crooks after ransomare attack

Dutch National Cyber Security Centre warns ransomware infected thousands of businesses

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

REvil ransomware operators breached healthcare org Valley Health Systems

BEC scams, hacked accounts available from $150 up to $5,000

Maze Ransomware operators published data from LG and Xerox

SamSam ransomware continues to make damages. Call it targeted Ransomware

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Maze Ransomware gang breached the US chipmaker MaxLinear

Prosecutors ask 3-Year Sentence in ‘Fappening’ Case for ex-teacher

La Porte County finally opted to pay $130,000 Ransom

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Security Affairs newsletter Round 201 – News of the week

Ransomware brought down services of popular TV search engine TVEyes

U.S. DoJ charges Iranian duo over SamSam Ransomware activity

Dutch brothers sentenced to community service for involvement in CoinVault ransomware distribution

New Bedford city infected with Ryuk ransomware, but did not pay $5.3M ransom

Experts Warn of Cyber Threats to Elections and Geopolitical Events

Canadian restaurant chain Recipe suffered a network outage, is it a ransomware attack?

Market volume of illegal online sales of alcohol exceeded 30 million USD in 2018 in Russia

SamSam Ransomware operators earned more than US$5.9 Million since late 2015

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

What Is DoppelPaymer Ransomware? A Look At The Software Wreaking Havoc At A High Price

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Stay Connected