Source: https://www.bleepingcomputer.com/
The Federal Bureau of Investigation (FBI) warns of AvosLocker ransomware being used in attacks targeting multiple US critical infrastructure sectors.
Check out my analysis of LockBit ransomware v2.0 where I analyze all of its functionalities in IDA!
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine.
In early March 2022 we came across a new variant of the Lorenz ransomware. The sample we analyzed dates back to March 2, 2022. Files encrypted by this variant are different from the previous one. This blog contains our findings on the new variant. Furthermore, we explain a serious bug in the ransomware that makes the attacker unable to recover any encrypted files. Finally, we announce that decryption is still possible without paying the ransom, or to be more specific, only possible without paying the ransom.
PCrisk found new STOP ransomware variants that append the .mmuz, .hfgd, and .rguy extensions.
Moscow-based meat producer and distributor Miratorg Agribusiness Holding has suffered a major cyberattack that encrypted its IT systems, according to a report from Rosselkhoznadzor - the Russian federal veterinary and phytosanitary supervision service.
ELTA, the state-owned provider of postal services in Greece, has disclosed a ransomware incident detected on Sunday that is still keeping most of the organizations services offline.
The White House is urging U.S. organizations to shore up their cybersecurity defenses after new intelligence suggests that Russia is preparing to conduct cyberattacks in the near future.
The 2021 Internet Crime Report (pdf) includes information from 847,376 complaints of suspected internet crime—a 7% increase from 2020—and reported losses exceeding $6.9 billion. State-specific statistics have also been released and can be found within the 2021 Internet Crime Report and in the accompanying 2021 State Reports.
On March 17, 2022, the government team responding to computer emergencies in Ukraine CERT-UA discovered several ZIP archives, one of which was called "Virus ... extremely dangerous !!!. Zip". Each of the archives contains an obfuscated .NET program. As a result of the analysis, the identified programs are classified as DoubleZero - a malicious destructor program developed using the C # programming language.
PCrisk found new STOP ransomware variants that append the .kkia and .ssoi extensions.
Researchers have conducted a technical experiment, testing ten ransomware variants to determine how fast they encrypt files and evaluate how feasible it would be to timely respond to their attacks.
The Federal Bureau of Investigation (FBI) says ransomware gangs have breached the networks of at least 649 organizations from multiple US critical infrastructure sectors last year, according to the Internet Crime Complaint Center (IC3) 2021 Internet Crime Report.
PCrisk found a new STOP ransomware variant that appends the .pphg extension.
Since February 27, 2022, the Twitter @ContiLeaks account and other online personas have been leaking communications containing details about threat actors and their operations. The leaks include more than 160,000 messages exchanged among nearly 500 threat actors between January 2020 and March 2022. The messages reveal close relationships among multiple threat groups and details about the GOLD ULRICK and GOLD BLACKBURN threat groups' operations. Leaked source code and tool repositories offer unprecedented insights into previously unknown threat actors.
Maksim Berezan, an Estonian man linked to multimillion-dollar ransomware attacks, was sentenced on Friday to 66 months in prison for his involvement in online fraud schemes.
While these risks are very real, the socio-economic shock to the Russian economy as a result of sanctions, presents a far larger long term risk, and has us at Coveware much more worried. The severity of the sanctions that continue to pile up have created an environment that could lead to an explosion in the volume of people that turn to ransomware as a means to support themselves
PCrisk found a new STOP ransomware variant that appends the .wdlo extension.
The LockBit operator known as 'LockBitSupp' has put a bounty of $1 million on his own head to anyone who can locate them.