Cryptocurrency, Government and Ransomware

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Ransomware Is Getting Ugly

Schneier on Security

MAY 14, 2021

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The Colonial Pipeline is another current high-profile ransomware victim. Ransomware has become the most profitable cybercrime business model, and until we solve those two problems, that’s not going to change.

Ransomware

Ransomware Cryptocurrency Cybercrime Internet

How The FBI Seized Bitcoin from Colonial Pipeline Hackers – Does Law Enforcement Have More Control Over Cryptocurrencies Than People Believe?

Joseph Steinberg

JUNE 9, 2021

According to the FBI, it has successfully seized most of the Bitcoin ransom paid by Colonial Pipeline to “Darkside” criminals after the highly publicized ransomware attack that led to recent gas shortages in multiple US States. Could Satoshi Nakomoto even be some government agency somewhere?

Cryptocurrency

Cryptocurrency Artificial Intelligence Government Hacking

On the Dangers of Cryptocurrencies and the Uselessness of Blockchain

Schneier on Security

JUNE 24, 2022

Earlier this month, I and others wrote a letter to Congress, basically saying that cryptocurrencies are an complete and total disaster, and urging them to regulate the space. But that doesn’t mean there can’t be some governance system on top of the blockchain that enables reversals. They still require governance.

Cryptocurrency

Cryptocurrency Technology Scams Government

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform.

Ransomware

Ransomware Cryptocurrency Cybercrime Healthcare

Alleged Co-Founder of Garantex Arrested in India

Krebs on Security

MARCH 11, 2025

Authorities in India today arrested the alleged co-founder of Garantex , a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations.

Ransomware

Ransomware Cryptocurrency Marketing Government

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime

Cybercrime Ransomware Healthcare Education

US charged Dual Russian and Israeli National as LockBit Ransomware developer

Security Affairs

DECEMBER 22, 2024

US authorities charged a dual Russian and Israeli national for being a developer of the LockBit ransomware group. Rostislav Panev, 51, a dual Russian-Israeli national, was charged as a LockBit ransomware developer. The man is accused of being a LockBit ransomware developer from 2019 through at least February 2024.

Ransomware

Ransomware Small Business Antivirus Malware

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

According to prosecutors, the group mainly sought to steal cryptocurrency from victim companies and their employees. Those accounts state that the intruders assaulted Tylerb’s mother in the home invasion, and that they threatened to burn him with a blowtorch if he didn’t give up the keys to his cryptocurrency wallets.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Government Gunning for Cryptocurrency—Uses Ransomware as Pretext

Security Boulevard

OCTOBER 19, 2021

tells cryptocurrency fans to stop breaking sanctions and laundering money—in the name of combating ransomware. The post Government Gunning for Cryptocurrency—Uses Ransomware as Pretext appeared first on Security Boulevard. Treasury Dept.

Cryptocurrency

Cryptocurrency Government Ransomware Risk

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

Security Affairs

DECEMBER 21, 2024

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. and foreign government organizations. in restitution.”

Ransomware

Ransomware Healthcare Government Cryptocurrency

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. On March 1, a cryptocurrency address that security researchers had already mapped to BlackCat received a single transaction worth approximately $22 million. There are indications that U.S.

Healthcare

Healthcare Ransomware Scams Government

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

net that paid people to click on ads for Russian government employment opportunities. In February, he and Ermakov were arrested on charges of operating a short-lived ransomware affiliate program in 2021 called Sugar (a.k.a. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits.

Retail

Retail Advertising Cryptocurrency Marketing

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware

Ransomware Accountability Cybercrime Malware

Governments worldwide to crack down on ransomware payment channels

Bleeping Computer

OCTOBER 15, 2021

Senior officials from 31 countries and the European Union said that their governments would take action to disrupt the cryptocurrency payment channels used by ransomware gangs to finance their operations. [.].

Government

Government Ransomware Cryptocurrency

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware

Malware DDOS Cryptocurrency Education

Ransomware at IT Services Provider Synoptek

Krebs on Security

DECEMBER 27, 2019

Synoptek , a California business that provides cloud hosting and IT management services to more than a thousand customer nationwide, suffered a ransomware attack this week that has disrupted operations for many of its clients, according to sources. A now-deleted Tweet from Synoptek on Dec.

Ransomware

Ransomware Media Financial Services Retail

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Security Affairs

MARCH 14, 2025

The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S. The US Justice Department announced that one of the LockBit ransomware developer, Rostislav Panev (51), has been extradited to the United States. reads the press release published by DoJ.

Ransomware

Ransomware Cryptocurrency Small Business Malware

US Government tells firms not to give in to ransomware demands, as first crypto exchange sanctioned for laundering cyber ransoms

The State of Security

SEPTEMBER 23, 2021

The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands, as for the first time it sanctions a cryptocurrency exchange "for laundering cyber ransoms." Read more in my article on the Tripwire State of Security blog.

Government

Government Ransomware Cryptocurrency Malware

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Cryptocurrency

Cryptocurrency Ransomware Retail Government

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

Security Affairs

JANUARY 2, 2022

North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected to be behind some of the largest cyberattacks against cryptocurrency exchanges. billion (2 trillion won) worth of cryptocurrency from multiple exchanges during the past five years.

Cryptocurrency

Cryptocurrency Cybercrime Media Government

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

The government also indicted and sanctioned a top Russian cybercriminal known as Taleon , whose cryptocurrency exchange Cryptex has evolved into one of Russia’s most active money laundering networks. A 2016 screen shot of the Joker’s Stash homepage. Joker’s sold cards stolen in a steady drip of breaches at U.S.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

Russian government claims to have dismantled REvil ransomware gang

Security Affairs

JANUARY 14, 2022

Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian Federal Security Service (FSB) announced to have shut down the REvil ransomware gang, the group that is behind a long string of attacks against large organizations, such as Kaseya and JBS USA.

Government

Government Ransomware Cryptocurrency Banking

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Emerging in 2007 as a banking trojan, QakBot (a.k.a.

Hacking

Hacking Malware Ransomware Government

The Financial Dynamics Behind Ransomware Attacks

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware

Ransomware Cryptocurrency Insurance Cybercrime

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. ” In an October 2013 discussion on the cybercrime forum Exploit , NeroWolfe weighed in on the karmic ramifications of ransomware. Last week, the United States joined the U.K.

Ransomware

Ransomware Cybercrime Accountability Malware

Holy Ghost ransomware operation is linked to North Korea

Security Affairs

JULY 15, 2022

Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC) researchers linked the activity of the Holy Ghost ransomware (H0lyGh0st) operation to a North Korea-linked group they tracked as DEV-0530. ” concludes Microsoft.

Ransomware

Ransomware Cryptocurrency Government Small Business

Australian government announced sanctions for Medibank hacker

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Gennadievich Ermakov (aka GustaveDore, aiiis_ermak, blade_runner, JimJones), a Russian national who is a member of the REvil ransomware group.

Government

Government Insurance Ransomware Hacking

How Does One Get Hired by a Top Cybercrime Gang?

Krebs on Security

JUNE 15, 2021

Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot , a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware.

Cybercrime

Cybercrime Ransomware Passwords Banking

FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks

Security Affairs

JULY 23, 2022

DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. reads the advisory published by US authorties.

Ransomware

Ransomware Healthcare Cryptocurrency Encryption

Bitcoin transactions lead to interconnect ransomware affiliates

CyberSecurity Insiders

FEBRUARY 5, 2021

A scenario where software is being distributed as a service is being witnessed in the business of ransomware distribution these days. In a similar fashion, those creating ransomware are also seen selling it via a service called RaaS- Ransomware as a service. Meaning, the ransomware variants might be many.

Ransomware

Ransomware Cryptocurrency Malware Marketing

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Promoting continuous learning in privacy tech, AI governance, and Zero Trust, alongside partnerships with educational institutions, helps build a skilled workforce to meet evolving regulatory demands.

Risk

Risk Threat Detection Technology Phishing

A new piece of Ryuk Stealer targets government, military and finance sectors

Security Affairs

JANUARY 26, 2020

A new piece of the Ryuk malware has been improved to steal confidential files related to the military, government, financial statements, and banking. It is not clear if the malware was developed by the threat actors behind Ryuk Ransomware for data exfiltration. Anyone remember this "Ryuk Stealer"?

Government

Government Malware Banking Ransomware

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

You just knew 2022 was going to be The Year of Crypto Grift when two of the world’s most popular antivirus makers — Norton and Avira — kicked things off by installing cryptocurrency mining programs on customer computers. Penchukov was arrested after leaving Ukraine to meet up with his wife in Switzerland.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

The Hacker News

SEPTEMBER 21, 2021

The U.S. (..)

Cryptocurrency

Cryptocurrency Ransomware Government

Could curtailing cryptocurrency calm cyber crime wave?

SC Magazine

JUNE 28, 2021

A technician inspects the backside of a cryptocurrency mining farm in Saint Hyacinthe, Quebec. Cryptocurrency is famously anonymous, but evading capture is not the only reason cryptocurrency is the go-to payment solution for ransomware. First, understanding the role of cryptocurrency in ransomware.

Cryptocurrency

Cryptocurrency Ransomware Banking Cybercrime

Kaseya Ransomware Attack Update

CyberSecurity Insiders

JULY 22, 2021

Kaseya Software Company has released an update that all its software users who have fallen prey to the ransomware attack will receive a free decryptor to unlock their database files on a respective note. Going with the details, REvil is a ransomware group that is suspected to be linked to Russian Intelligence.

Ransomware

Ransomware Cryptocurrency Software Government

Senior Officials Join the U.S. in an Anti-Ransomware Initiative

Heimadal Security

OCTOBER 18, 2021

Following the last week’s White House National Security Council’s virtual meetings on the Counter-Ransomware Initiative event, senior officials from the U.E. in an Anti-Ransomware Initiative appeared first on Heimdal Security Blog. What Countries Are Involved […]. What Countries Are Involved […].

Ransomware

Ransomware Cryptocurrency Government Cybersecurity

A history of ransomware: How did it get this far?

Malwarebytes

SEPTEMBER 6, 2023

Today's ransomware is the scourge of many organizations. If we define ransomware as malware that encrypts files to extort the owner of the system, then the first malware that could be classified as ransomware is the 1989 AIDS Trojan. But where did it start?

Ransomware

Ransomware Encryption Cryptocurrency Government

Names of new ransomware groups that are on rise

CyberSecurity Insiders

AUGUST 25, 2021

All these days the government agencies and corporate networks were busy in combating known ransomware groups such as REvil, Conti, DarkSide, CLOP and Egregor along with Babuk, DopplePaymer and Ragnar. Going deep into the details, LockBit ransomware that existed since Sept’19 and has transformed into a new version dubbed 2.0

Ransomware

Ransomware Healthcare Cryptocurrency Government

Russian nationals plead guilty to participating in the LockBit ransomware group

Security Affairs

JULY 19, 2024

Two Russian nationals pleaded guilty to participating in the LockBit ransomware group and carrying out attacks against victims worldwide. Two foreign nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in Newark federal court for their roles in the LockBit ransomware operation.

Ransomware

Ransomware Healthcare Encryption Government

No more ransom payment in ransomware spread say Australia

CyberSecurity Insiders

NOVEMBER 13, 2022

Australian government has imposed a ban on ransom payments in cyber attack incidents as it fears that such payments can encourage crime affecting millions of populaces at a time. In case of ransomware, the victim is being asked to shell out millions to free up data.

Ransomware

Ransomware Insurance Cryptocurrency Cybercrime

U.S. Offered $10M for Hacker Just Arrested by Russia

Ransomware Is Getting Ugly

Trending Sources

How The FBI Seized Bitcoin from Colonial Pipeline Hackers – Does Law Enforcement Have More Control Over Cryptocurrencies Than People Believe?

On the Dangers of Cryptocurrencies and the Uselessness of Blockchain

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Alleged Co-Founder of Garantex Arrested in India

Russian Phobos ransomware operator faces cybercrime charges

US charged Dual Russian and Israeli National as LockBit Ransomware developer

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Government Gunning for Cryptocurrency—Uses Ransomware as Pretext

Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

An Interview With the Target & Home Depot Hacker

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Governments worldwide to crack down on ransomware payment channels

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 15

Ransomware at IT Services Provider Synoptek

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Cryptocurrencies and cybercrime: A critical intermingling

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

US Government tells firms not to give in to ransomware demands, as first crypto exchange sanctioned for laundering cyber ransoms

Arrests in $400M SIM-Swap Tied to Heist at FTX?

North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Russian government claims to have dismantled REvil ransomware gang

U.S. Hacks QakBot, Quietly Removes Botnet Infections

The Financial Dynamics Behind Ransomware Attacks

How Did Authorities Identify the Alleged Lockbit Boss?

Holy Ghost ransomware operation is linked to North Korea

Australian government announced sanctions for Medibank hacker

How Does One Get Hired by a Top Cybercrime Gang?

FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks

Bitcoin transactions lead to interconnect ransomware affiliates

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

A new piece of Ryuk Stealer targets government, military and finance sectors

Happy 13th Birthday, KrebsOnSecurity!

US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

Could curtailing cryptocurrency calm cyber crime wave?

Kaseya Ransomware Attack Update

Senior Officials Join the U.S. in an Anti-Ransomware Initiative

A history of ransomware: How did it get this far?

Names of new ransomware groups that are on rise

Russian nationals plead guilty to participating in the LockBit ransomware group

No more ransom payment in ransomware spread say Australia

Stay Connected