This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted

Ransomware attacks are on the rise, but quantifying the scope of the problem can be tricky when only the most high-profile cases make headlines. Enter Ransomwhere, […] Jack Cable, a security architect at the cybersecurity consulting firm Krebs Stamos Group, launched the site on Thursday. […] The way it works is Ransomwhere keeps a running Read more about This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted[…]

Iran’s Train System Hacked, Khamenei’s phone nr posted on station msg boards as help line

Cyberattacks reportedly disrupted Iran’s railway system on Friday, causing “unprecedented chaos” at stations throughout the country, according to state media. The hackers, whoever they are, also reportedly trolled the nation’s Supreme Leader Ali Khamenei, posting his phone number as “the number to call for information” on multiple train station message boards, Reuters reports. According to Read more about Iran’s Train System Hacked, Khamenei’s phone nr posted on station msg boards as help line[…]

Report: Russian Cyber Spies Recently Hacked the RNC

According to a new investigation from Bloomberg, cyber spies connected to the Russian government recently hacked into the Republican National Committee—though the RNC has denied that their systems were breached in this way. According to Bloomberg, the hacker group known as “Cozy Bear”—thought to be connected to Russia’s intelligence service, the SVR—conducted the intrusion, though Read more about Report: Russian Cyber Spies Recently Hacked the RNC[…]

Getting Your iPhone Near This Cursed Network Breaks Its Wifi

iPhone doesn’t even have to connect to the network to mess up. Back in June, security researcher Carl Schou found that when he joined the network “%p%s%s%s%s%n”, his iPhone permanently disabled its wifi functionality. Luckily, this was fixed by resetting all network settings, which erased the villainous wifi name from his phone’s memory. You would Read more about Getting Your iPhone Near This Cursed Network Breaks Its Wifi[…]

Largest ransomware attack ever through hacked Kaseya software by REvil. Thousands of victims in at least 17 countries. $70m asked to decrypt the lot.

Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Read more about Largest ransomware attack ever through hacked Kaseya software by REvil. Thousands of victims in at least 17 countries. $70m asked to decrypt the lot.[…]

Western Digital Confirms ‘My Book Live’ Drives Are Being Deleted Remotely

Western Digital’s popular My Book Live hard drives are being deleted remotely by an unknown attacker, according to the company. And there’s not much anyone can do at this point but unplug their drives from the internet. “We have determined that some My Book Live devices have been compromised by a threat actor,” Western Digital’s Read more about Western Digital Confirms ‘My Book Live’ Drives Are Being Deleted Remotely[…]

Microsoft says new breach via customer service discovered in probe of suspected SolarWinds hackers

Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) Read more about Microsoft says new breach via customer service discovered in probe of suspected SolarWinds hackers[…]

Russia spoofed AIS data to fake British warship’s course days before firing at them from a huge distance in Crimea

Russia was back up to its age-old spoofing of GPS tracks earlier this week before a showdown between British destroyer HMS Defender and coastguard ships near occupied Crimea in the Black Sea. Yesterday Defender briefly sailed through Ukrainian waters, triggering the Russian Navy and coastguard into sending patrol boats and anti-shipping aircraft to buzz the Read more about Russia spoofed AIS data to fake British warship’s course days before firing at them from a huge distance in Crimea[…]

Hackers Are Selling Data Stolen From Audi and Volkswagen

On Friday, Volkswagen disclosed a data breach that it said affected 3.3 million customers and interested buyers. On Monday, hackers put the data stolen from the car maker on sale on a notorious hacking forum. In the sales listing reviewed by Motherboard, a hacker that goes by 000 wrote that the data included email addresses Read more about Hackers Are Selling Data Stolen From Audi and Volkswagen[…]

In Brazil, Criminals Steal Phones to Empty Victims’ Bank Account

São Paulo pickpockets are increasingly stealing people’s smartphones not to pawn off the device, but rather to gain access to their bank account. That’s according to a report from Brazilian newspaper Folha de S.Paulo this week. As first spotted by 9to5 Mac, the report claims this kind of theft has been going on since the Read more about In Brazil, Criminals Steal Phones to Empty Victims’ Bank Account[…]

Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops

Ukrainian police have arrested six people, alleged to be members of the notorious Clop* ransomware gang, seizing cash, cars – and a number of Apple Mac laptops and desktops. “It was established that six defendants carried out attacks of malicious software such as ‘ransomware’ on the servers of American and [South] Korean companies,” alleged Ukraine’s Read more about Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops[…]

Alibaba suffers billion-item data leak including usernames and mobile numbers

Alibaba’s Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. The info was lifted from the site by a crawler developed by an affiliate marketer. Chinese outlet 163.com reported the case last week and today it was picked up by the Wall Street Read more about Alibaba suffers billion-item data leak including usernames and mobile numbers[…]

Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro

The Nefilim ransomware gang might not be the best known or most prolific online extortion crew but their penchant for attacking small numbers of $1bn+ turnover firms is paying off, according to some latest research. The crew has made comparatively fewer headlines next to better-known criminals such as Darkside, perpetrators of the infamous US Colonial Read more about Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro[…]

Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online

Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt (CDR.WA) said in a statement published on Thursday. The attack, which compromised some of its internal systems including the source code to its much-hyped game Cyberpunk 2077, dealt another blow to the Warsaw-based Read more about Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online[…]

McDonald’s Hit by Data Breach – WSJ

McDonald’s Corp. said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies. The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which Read more about McDonald’s Hit by Data Breach – WSJ[…]

FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld

The FBI has revealed how it managed to hoodwink the criminal underworld with its secretly backdoored AN0M encrypted chat app, leading to hundreds of arrests, the seizure of 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148M, and even cocaine-filled pineapples. About 12,000 smartphones with AN0M installed were sold into organized crime Read more about FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld[…]

DOJ Recovers Most of Colonial Pipeline Hack Ransom

(WASHINGTON) — The Justice Department has recovered most of a multimillion-dollar ransom payment made to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday. The operation to seize cryptocurrency paid to the Russia-based hacker group is the first of its kind Read more about DOJ Recovers Most of Colonial Pipeline Hack Ransom[…]

Air India breach compromised data for 4.5 million passengers also of other airlines

The Times of India reports Air India has revealed that a breach compromised about 4.5 million passengers whose data was registered at system provider SITA between August 2011 and late February 2021. The intruders couldn’t obtain passwords, but they had access to names, contact info, tickets and frequent flyer info (including for Star Alliance). The Read more about Air India breach compromised data for 4.5 million passengers also of other airlines[…]

American insurance giant CNA reportedly pays $40m to ransomware crooks

CNA Finaincial, the US insurance conglomerate, has apparently paid $40m to ransomware operators to gets its files back. In March the business revealed it had been hit by an extensive Phoenix Locker infection; this strain of malware was developed by Russian scam artists calling themselves Evil Corp, which may have links to Russian intelligence. All Read more about American insurance giant CNA reportedly pays $40m to ransomware crooks[…]

Russian malware will often not install on computers with a Russian virtual keyboard installed

 KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian […] DarkSide and other Russian-language affiliate moneymaking programs Read more about Russian malware will often not install on computers with a Russian virtual keyboard installed[…]

Colonial Pipeline hackers Darkside received $90 million in bitcoin

DarkSide, the hacker group behind the recent Colonial Pipeline ransomware attack, received a total of $90 million in bitcoin ransom payments before shutting down last week, according to new research. Colonial Pipeline was hit with a devastating cyberattack earlier this month that forced the company to shut down approximately 5,500 miles of pipeline in the Read more about Colonial Pipeline hackers Darkside received $90 million in bitcoin[…]

Darkside ransomware gang says it lost control of its servers & money a day after Biden threat

A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments. “A few hours ago, we lost access to the public Read more about Darkside ransomware gang says it lost control of its servers & money a day after Biden threat[…]

US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day

One of the USA’s largest oil pipelines has been shut by ransomware, leading the nation’s Federal Motor Carrier Safety Administration to issue a regional emergency declaration permitting the transport of fuel by road. The Colonial Pipeline says it carries 100 million gallons a day of refined fuels between Houston, Texas, and New York Harbor, or Read more about US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day[…]