Schneier on Security

NOVEMBER 24, 2020

Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital and the patient dying. “The delay was of no relevance to the final outcome,” Hartmann says. “The main hurdle will be one of proof,” Urban says.

Ransomware 361

Ransomware Cybercrime Hacking 361

Krebs on Security

MAY 11, 2020

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Suspecting a ransomware attack, Diebold said it immediately began disconnecting systems on that network to contain the spread of the malware.

Ransomware 348

Ransomware Retail Malware Data breaches 348

Krebs on Security

JULY 1, 2020

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime.

Ransomware 321

Ransomware Cybercrime Encryption Malware 321

Krebs on Security

JUNE 16, 2021

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims. The CLOP gang seized on those flaws to deploy ransomware to a significant number of Accellion’s FTA customers , including U.S.

Ransomware 338

Ransomware Cybercrime Malware Encryption 338

Schneier on Security

JUNE 2, 2021

The New York Times has a long story on the DarkSide ransomware gang. A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month.

Ransomware 360

Ransomware Malware Hacking Cybercrime 360

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. BlackCat is known as a “ransomware-as-service” collective, meaning they rely on freelancers or affiliates to infect new networks with their ransomware. There are indications that U.S.

Healthcare 358

Healthcare Ransomware Scams Government 358

Krebs on Security

JANUARY 28, 2022

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. Image: Varonis. Image: Varonis. ” Meanwhile, the U.S.

Ransomware 309

Ransomware Accountability Cybercrime Malware 309

Security Affairs

NOVEMBER 19, 2024

Russian Phobos ransomware operator Evgenii Ptitsyn, accused of managing attacks, was extradited from South Korea to the US to face cybercrime charges. Russian Phobos ransomware operator Evgenii Ptitsyn, suspected of playing a key role in the ransomware operations, was extradited from South Korea to the US to face cybercrime charges.

Cybercrime 122

Cybercrime Ransomware Healthcare Education 122

Krebs on Security

JUNE 9, 2020

that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. The average ransomware payment by ransomware strain.

Ransomware 363

Ransomware System Administration Backups Technology 363

Krebs on Security

NOVEMBER 2, 2021

A number of publications in September warned about the emergence of “ Groove ,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. 22 on RAMP , a new and fairly exclusive Russian-language darknet cybercrime forum. government interests online. “An appeal to business brothers!”

Ransomware 293

Ransomware Cybercrime VPN Media 293

Krebs on Security

JUNE 2, 2020

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog. and Europe in early March.” So it’s a double vig.”

Ransomware 311

Ransomware Backups Encryption Internet 311

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021. million from victims in 2022, down from $765.6

Ransomware 306

Ransomware Cryptocurrency Cybercrime 306

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. “There will be panic. 428 hospitals.”

Ransomware 305

Ransomware Healthcare Cybercrime Government 305

Schneier on Security

JULY 1, 2021

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. However, the most pressing challenge currently facing the industry is ransomware. Growing losses from ransomware attacks have also emphasised that the current reality is not sustainable for insurers either.

Insurance 303

Insurance Cyber Insurance Ransomware Marketing 303

Krebs on Security

DECEMBER 19, 2023

Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”

Ransomware 296

Ransomware Cybercrime Advertising Encryption 296

Schneier on Security

JULY 26, 2021

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from. ” There is no single silver bullet to disrupt either cryptocurrencies or ransomware.

Ransomware 363

Ransomware Cryptocurrency Banking Accountability 363

Krebs on Security

JUNE 14, 2022

Cybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web.

Ransomware 290

Ransomware Internet Internet Cybercrime 290

Krebs on Security

DECEMBER 13, 2021

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware.

Healthcare 306

Healthcare Ransomware Antivirus Hacking 306

Schneier on Security

MAY 18, 2021

Brian Krebs wonders if this could be a useful defense: In Russia, for example, authorities there generally will not initiate a cybercrime investigation against one of their own unless a company or individual within the country’s borders files an official complaint as a victim.

Ransomware 362

Ransomware Malware Cybercrime 362

Schneier on Security

OCTOBER 1, 2021

The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing. If proven in court, the case will mark the first confirmed death from a ransomware attack. “I need u to help me understand why I was not notified.”

Ransomware 297

Ransomware Hacking Accountability Healthcare 297

SecureWorld News

DECEMBER 3, 2024

In a surprising move related to international cybercrime, Russian authorities have charged Mikhail Matveev, also known as "Wazawaka," with creating ransomware to extort commercial organizations, according to Russian media outlet RIA. His alleged exploits include: The 2021 attack on Washington, D.C.'s Multiple attacks on critical U.S.

Cybercrime 86

Cybercrime Ransomware Healthcare Cryptocurrency 86

The Hacker News

NOVEMBER 26, 2024

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent.

Cybercrime 140

Cybercrime Ransomware 140

Krebs on Security

MAY 30, 2024

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the international effort…

Malware 275

Malware Cybercrime Ransomware 275

The Hacker News

AUGUST 14, 2024

National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. A coalition of law enforcement agencies coordinated by the U.K. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky.

Cybercrime 141

Cybercrime Ransomware 141

Krebs on Security

MAY 31, 2022

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti.

Ransomware 301

Ransomware Government Hacking Media 301

Krebs on Security

MAY 13, 2024

and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Last week, the United States joined the U.K. Image: Shutterstock. The code is written in C.”

Ransomware 277

Ransomware Cybercrime Accountability Malware 277

The Hacker News

JULY 19, 2024

have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said.

Cybercrime 143

Cybercrime Ransomware 143

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Krebs on Security

MARCH 7, 2022

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable. “I think it will help us with smart contracts.”

Ransomware 247

Ransomware Cryptocurrency DDOS Scams 247

Krebs on Security

MAY 18, 2020

is cybercrime forum. “We can examine your (or not exactly your) PHP code for vulnerabilities and backdoors,” reads his offering on several prominent Russian cybercrime forums. The cybercrime actor “upO” on Exploit[.]in RANSOMWARE DREAMS. RedBear’s profile on the Russian-language xss[.]is

Malware 322

Malware Cybercrime Ransomware Marketing 322

Krebs on Security

NOVEMBER 8, 2021

Department of Justice today announced the arrest of Ukrainian man accused of deploying ransomware on behalf of the REvil ransomware gang, a Russian-speaking cybercriminal collective that has extorted hundreds of millions from victim organizations. The DOJ also said it had seized $6.1 Vasinskyi was arrested Oct. 3 was Lublin, Poland.

Ransomware 330

Ransomware Cybercrime System Administration Passwords 330

The Hacker News

OCTOBER 26, 2024

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St.

Cybercrime 131

Cybercrime Ransomware Hacking 131

The Last Watchdog

OCTOBER 10, 2024

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data. About SpyCloud — SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Risk 286

Risk Cybercrime Identity Theft Phishing 286

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. The researchers noticed that the tool has been used by various ransomware operations, including AvosLocker , MedusaLocker, BlackCat , Trigona , and LockBit. in cybercrime forum.

Advertising 143

Advertising Cybercrime Hacking Ransomware 143

Security Affairs

JUNE 18, 2024

Over the last few years, ransomware attacks have become one of the most prevalent and expensive forms of cybercrime. Today, this tactic has evolved, where ransomware operators in nearly every case first exfiltrate sensitive data and then threaten to publicly expose it if a ransom demand is not paid.

Ransomware 143

Ransomware Cryptocurrency Insurance Cybercrime 143

Krebs on Security

DECEMBER 8, 2021

A 31-year-old Canadian man has been arrested and charged with fraud in connection with numerous ransomware attacks against businesses, government agencies and private citizens throughout Canada and the United States. Federal Bureau of Investigation (FBI) contacted them regarding ransomware attacks that were based in Canada.

Cybercrime 314

Cybercrime Ransomware Accountability Advertising 314

The Last Watchdog

JUNE 20, 2022

IABs specialize in one specific area of the cybercrime ecosystem where the victims are accumulated and then sold off to the highest bidder,” he says. Or the payload might be a data exfiltration routine — or a full-blown ransomware attack. Speaking of ransomware, cyber extortion continues to persist at a plague level.

Ransomware 235

Ransomware Digital transformation Marketing Software 235