Between law enforcement operations, REvil’s second shut down, and ransomware gangs’ response to the hacking of their servers, it has been quite the week.
This week’s biggest news is the Reuters report that international law enforcement operation took over REvil’s Tor infrastructure, which ultimately led to the shutdown of the ransomware again last Sunday.
Since then, reactions have been coming in from other ransomware operations, such as Groove, Conti, and Arvin Club.
DarkSide also appears to have reacted to the law enforcement operation by attempting to cash out $7 million in Bitcoin sitting in a wallet.
This week we also learned of an attack on the Sinclair Broadcast Group that disrupted the broadcasting of shows and newscasts. This attack was conducted by new Evil Corp ransomware known as Macaw Ransomware who has been seen demanding a $40 million ransom from an unidentified victim.
Also Read: NDA Data Protection: The Importance, Its Meaning And Laws
Interesting research we saw this week is that the Karma Ransomware is rebrand of Nemty and how FIN7 created a fake company to hire legitimate security professionals to conduct ransomware attacks unknowingly.
Contributors and those who provided new ransomware information and stories this week include: @malwrhunterteam, @malwareforme, @FourOctets, @BleepinComputer, @VK_Intel, @fwosar, @struppigel, @PolarToffee, @LawrenceAbrams, @billtoulas, @Seifreed, @demonslay335, @jorntvdw, @Ionut_Ilascu, @DanielGallagher, @serghei, @Trustwave, @josephmenn, @Bing_Chris, @coveware, @uuallan, @GelosSnake, @elliptic, @SentinelOne, @geminiadvisory, @ddd1ms, @GelosSnake, @siri_urz, and @fbgwls245.
The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog.
dnwls0719 found the J3ster that appends the .j3ster extension to encrypted files and drops a ransom note named j3ster readme.txt.
TV stations owned by the Sinclair Broadcast Group broadcast television company went down over the weekend across the US, with multiple sources telling BleepingComputer a ransomware attack caused the downtime.
A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country.
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) published today an advisory with details about how the BlackMatter ransomware gang operates.
Also Read: Invasion Of Privacy Elements And Its Legal Laws To Comply
Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang.
A free decryptor for the BlackByte ransomware has been released, allowing past victims to recover their files for free.
S!Ri found the in-development Foxxy Ransomware that appends the .foxxy extension to encrypted files.
Allan Liska’s book on ransomware is available for pre-order on Amazon!
Evil Corp has launched a new ransomware called Macaw Locker to evade US sanctions that prevent victims from making ransom payments.
The FIN7 hacking group is attempting to join the highly profitable ransomware space by creating fake cybersecurity companies that conduct network attacks under the guise of pentesting.
The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official.
As of publication we are well into National Cyber Security Awareness month and this past quarter has seen an unprecedented amount of domestic and international activity from government and law enforcement to counter the operations of ransomware actors. Despite these initiatives, ransomware actors continue peppering enterprises with more attacks than ever. What we are doing is not working, at least not yet. Why?
Almost $7 million worth of Bitcoin in a wallet controlled by DarkSide ransomware operators has been moved in what looks like a money laundering rollercoaster.
The Groove ransomware gang is calling on other extortion groups to attack US interests after law enforcement took down REvil’s infrastructure last week.
The Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) has announced an investigation into a data breach of the country’s copyright protection agency.
dnwls0719 found a new STOP ransomware variant that appends the .zaps extension to encrypted files.
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
