Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. First surfacing in September 2019, the gang is estimated to have made hundreds of millions of U.S. Department of Justice (DOJ).

Ransomware 332

Ransomware Cybercrime Encryption Insurance 332

Krebs on Security

AUGUST 13, 2021

A new dark web service is marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. “The likes of ransomware and darknet markets rely on payments being made in Bitcoin and other cryptocurrencies. AMLBot’s user interface.

Cryptocurrency 343

Cryptocurrency Marketing Ransomware Financial Services 343

Adam Levin

JANUARY 2, 2019

2019 will be the year consumers start thinking more about cyber hygiene , and the year Congress becomes more proactive in the areas of privacy and cybersecurity. As the exchange rates for cyptocurrencies continue to decline, ransomware attack on investors will become less profitable. This presents myriad business opportunities.

Cybersecurity 157

Cybersecurity Identity Theft Passwords Password Management 157

Krebs on Security

JULY 8, 2019

The crooks behind an affiliate program that paid cybercriminals to install the destructive and wildly successful GandCrab ransomware strain announced on May 31, 2019 they were terminating the program after allegedly having earned more than $2 billion in extortion payouts from victims. Image: Malwarebytes.

Ransomware 277

Ransomware Accountability Cybercrime Passwords 277

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware 64

Ransomware Cryptocurrency Small Business Malware 64

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. ” In an October 2013 discussion on the cybercrime forum Exploit , NeroWolfe weighed in on the karmic ramifications of ransomware. Last week, the United States joined the U.K.

Ransomware 303

Ransomware Cybercrime Accountability Malware 303

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. Sergey “Taleon” Ivanov (right) in 2019 in his helicopter with the woman he lives with, flying over a lake north of St.

Cryptocurrency 299

Cryptocurrency Cybercrime Retail Government 299

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency 142

Cryptocurrency Cybercrime Media Government 142

Security Affairs

MARCH 3, 2020

The Department of Justice has charged the two Chinese nationals for laundering cryptocurrency for North Korea-linked APT groups. for helping North Korea-linked hackers in laundering cryptocurrency. The cryptocurrency have been stolen by the APT groups from two cryptocurrency exchanges. and Li Jiadong (???),

Cryptocurrency 139

Cryptocurrency Banking Hacking Accountability 139

Security Affairs

JUNE 15, 2020

Black Kingdom ransomware operators are targeting organizations using unpatched Pulse Secure VPN software to deploy their malware. Black Kingdom ransomware was first spotted in late February by security researcher GrujaRS. Black Kingdom ransomware was first spotted in late February by security researcher GrujaRS.

VPN 139

VPN Ransomware Advertising Encryption 139

Security Affairs

JANUARY 27, 2021

and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker ransomware operators. and Europe have seized the dark web sites used by NetWalker ransomware operators. The authorities also charged a Canadian national involved in the NetWalker ransomware operations. A joint operation of U.S.

Ransomware 145

Ransomware Healthcare Cryptocurrency Government 145

Security Affairs

JUNE 3, 2020

REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. The Sodinokibi ransomware operators have launched an eBay-like auction site for stolen data where they plan to sell data stolen from the victims. SecurityAffairs – ransomware, cybersecurity).

Ransomware 137

Ransomware Advertising Cryptocurrency Malware 137

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime 336

Cybercrime Ransomware Accountability Advertising 336

Webroot

APRIL 7, 2021

With investors currently bullish on Bitcoin, is its high value is driving cybercriminals to pursue crypto-generating forms of cybercrime like ransomware and illicit miners? At the same time, the average cost of a ransomware incident is also rising steeply. Not necessarily, says threat researcher and cryptocurrency expert Tyler Moffitt.

Ransomware 119

Ransomware Cryptocurrency Marketing Cybercrime 119

Malwarebytes

FEBRUARY 10, 2022

If you’re unfortunate enough to be caught out by ransomware, the consequences can be devastating. Files can sometimes be recovered in the following ways: A ransomware author makes some sort of mistake, or their files are just simply coded badly. Back in 2019, Maze Ransomware came to light: #FalloutEK dropping Maze ransomware.

Ransomware 145

Ransomware Malware Backups Cryptocurrency 145

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Penchukov was arrested after leaving Ukraine to meet up with his wife in Switzerland.

Cryptocurrency 295

Cryptocurrency Cybercrime Computers and Electronics Scams 295

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. On June 7, the DOJ announced it had clawed back $2.3

Cybercrime 356

Cybercrime Ransomware Passwords Banking 356

Malwarebytes

DECEMBER 19, 2022

On June 7, 2021, the US Department of Justice announced a breakthrough : Less than one month after the oil and gas pipeline company Colonial Pipeline had paid its ransomware attackers roughly $4.4 Cryptocurrency is vital to modern cybercrime. But cryptocurrency has matured. million from the cybercriminals. Why is that?

Cryptocurrency 90

Cryptocurrency Cybercrime Ransomware Government 90

Security Affairs

MARCH 11, 2019

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. ” reads a blog post published by Bleepingcomputer.

Encryption 109

Encryption Ransomware Cryptocurrency Passwords 109

Krebs on Security

APRIL 7, 2022

and Germany moved to decapitate “ Hydra ,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. That amount included roughly $8 million in ransomware proceeds laundered through Hydra on behalf of multiple ransomware groups, including Ryuk and Conti.

Marketing 307

Marketing Energy and Utilities Malware Ransomware 307

Malwarebytes

JUNE 16, 2021

According to a press release issued by Ukrainian authorities, law enforcement officials also shut down infrastructure that was used to spread the cybercrime gang’s ransomware, which was first spotted in February of 2019 as a new variant of the Cryptomix family. Instead, the arrests involved money launderers, Intel 471 said.

Ransomware 122

Ransomware Cybercrime Cryptocurrency Encryption 122

SecureWorld News

JUNE 28, 2022

The cybercriminals behind LockBit ransomware are taking things up a notch with the version 3.0 launch of their ransomware-as-a-service (RaaS) operation. The announcement was made on June 26th with the message, "Make Ransomware Great Again! The announcement was made on June 26th with the message, "Make Ransomware Great Again!,"

Ransomware 98

Ransomware Cryptocurrency Encryption 98

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

CyberSecurity Insiders

MARCH 14, 2021

A ransomware attack that took place on the database of Buffalo Public Schools (BPS) on Friday last week is reportedly being investigated by the Federal Bureau of Investigation(FBI) says a recently posted tweet from the school district. No details on the ransomware variant that targeted the systems are available to the press at this moment.

Ransomware 109

Ransomware Encryption Backups Malware 109

CyberSecurity Insiders

AUGUST 26, 2022

One of the most ruthless cyberattacks is a ransomware attack. What Is a Ransomware Attack? Ransomware is a cyberattack that uses malware – software created to infiltrate a computer system and damage or disrupt it. Ransomware attacks are about as old as the internet itself. What Companies Have Suffered These Attacks?

Ransomware 123

Ransomware Software Education Malware 123

Security Affairs

JUNE 16, 2021

Ukraine police arrested multiple individuals that are believed to be linked to the Clop ransomware gang as part of an international joint operation. At the time of this writing, the Ukrainian authorities did not disclose the number of Clop ransomware operators that have been arrested. SecurityAffairs – hacking, ransomware).

Ransomware 116

Ransomware Cybercrime Cryptocurrency Software 116

Security Affairs

AUGUST 18, 2020

Ukrainian authorities arrested the members of a cybercrime gang who ran 20 cryptocurrency exchanges involved in money laundering. Police in Ukraine announced the arrest of the members of a cybercrime gang composed of three individuals who ran 20 cryptocurrency exchanges used in money laundering activities.

Cryptocurrency 140

Cryptocurrency Computers and Electronics Cybercrime Digital transformation 140

CyberSecurity Insiders

FEBRUARY 14, 2023

Mortal Kombat is the news ransomware that is on the prowl and Cisco Talos says the new ransomware can wipe off data of the victim, if they fail to pay the demanded ransom on time. MortalKombat belongs to the Xorist Commodity Ransomware family, a malware that has been existing on the internet since 2016.

Ransomware 102

Ransomware Healthcare Malware Cryptocurrency 102

SecureList

MAY 12, 2021

As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in the security community. Yet, much of the media attention ransomware gets is focused on chronicling which companies fall prey to it. Part I: Three preconceived ideas about ransomware.

Ransomware 145

Ransomware Encryption Malware Cybercrime 145

Security Affairs

FEBRUARY 5, 2022

LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major cryptocurrencies including Bitcoin Cash, Bitcoin, Ethereum, HCX, Litecoin, Ethereum Classic. Like other ransomware gangs, Lockbit 2.0 affiliate program. .

Ransomware 98

Ransomware Cryptocurrency Hacking Advertising 98

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .”

Ransomware 98

Ransomware Cryptocurrency Cybercrime Malware 98

Malwarebytes

JULY 20, 2022

The Justice Department today announced a complaint filed in the District of Kansas to forfeit cryptocurrency paid as ransom to North Korean hackers or otherwise used to launder such ransom payments. Maui ransomware. Malwarebytes recently reported on the North Korean APT that targets US healthcare sector with Maui ransomware.

Ransomware 98

Ransomware Cryptocurrency Healthcare Firmware 98

Security Affairs

MAY 2, 2024

The Ukrainian national, Yaroslav Vasinskyi (24), aka Rabotnik, has been sentenced to more than 13 years in prison and must pay $16 million in restitution for conducting numerous ransomware attacks and extorting victims. Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. in March 2022. million in U.S.

Ransomware 126

Ransomware Cryptocurrency Cybercrime Encryption 126

Security Affairs

MAY 1, 2019

Threat actors are exploiting a recently patched critical Oracle WebLogic Server vulnerability to deliver the Sodinokibi ransomware to organizations. The flaw initially received the identifier CNVD-C-2019-48814. “Oracle first patched the issue on April 26, outside of their normal patch cycle, and assigned it CVE-2019-2725.

Ransomware 96

Ransomware Advertising Malware Cryptocurrency 96

CyberSecurity Insiders

JANUARY 2, 2023

And if the victim pays them a ransom in cryptocurrency, they send fake screenshots that their data is being or was deleted from their database. Nowadays, ransomware spreading gangs have indulged in a new business of preying on victims who have or willing to pay for their data deletion. What’s your say? .

Ransomware 107

Ransomware Encryption Backups Cryptocurrency 107

SecureWorld News

JUNE 17, 2021

The Ukrainian Cyberpolice Department recently detained six hackers for the use of the ransomware program known as "Clop.". According to Ukranian Cyberpolice, four Korean companies were attacked with the Clop virus in 2019. For decrypting the information, the attackers received a 'ransom' in cryptocurrency.

Ransomware 98

Ransomware Encryption Cryptocurrency Retail 98

Security Boulevard

JULY 8, 2021

Over the July 4 th weekend, the REvil ransomware syndicate hit software supplier Kaseya Ltd. The Russian-linked ransomware group encrypted entire networks in the Kaseya supply chain and demanded $70 million in cryptocurrency to deliver a universal decryptor key. Infiltrating the Supply Chain to Deliver Ransomware. .

Ransomware 122

Ransomware Backups Software Encryption 122