Nio Inc., which is located in China, said on Tuesday that hackers had broken into its computer systems and acquired data on users and car sales. This is the most recent instance of a hacking attack to strike the global automotive sector. According to reports from the media, the cybercriminals had written an email to […]
Recent reports indicate that in late May Cisco’s corporate network was infected with ransomware from the Yanluowang group. Under the threat of leaking stolen files to the online world, the threat actor attempted to intimidate the victims into making a financial sacrifice; in short, ransom. An employee’s Box folder linked to a compromised account was […]
The total number of arrests made concerning Sodinokibi/REvil and GandCrab ransomware is now seven. Europol launched a multi-agency operation to catch REvil ransomware operators (Ransomware-Evil) based on their findings of an old ransomware strain, GrandCrab, which authorities believe is the predecessor of REvil. Dubbed Operation GoldDust; around seventeen countries took part in the operation. These […]
The U.S. Department of State announced that it is offering a reward of up to $10 million USD to anyone who provides information that leads to the identification and arrest of the operators of the DarkSide ransomware and any possible variants derived from this malware. Authorities are also offering a $5 million USD reward for […]
Recently, cybersecurity experts have claimed that the operators of Ryuk Ransomware are targeting severe infrastructures to extort high ransom from their victims. In 2018, the Ryuk ransomware was spotted for the first time, and the security researchers claim that the Ryuk procured and developed by its operators from the Hermes ransomware’s source code. As last […]
Maze ransomware, one of the most dangerous and potent strains of Windows ransomware that have hit companies and organizations around the world and demanded a payment in cryptocurrency in exchange for a safe recovery of encrypted data, has now officially announced the shutting down of its operations on its website on the dark web. Though […]
A group of ransomware operators known as Darkside has been extorting various companies around the world, although they do not seem to pursue the same purposes as other similar hacking groups. Through a dark web forum, criminals posted receipts for $10,000 USD in Bitcoin donations sent to two nonprofits. In their publication hackers claim that […]
As if it wasn’t hard enough to have their data compromised, businesses who fell victim to Maze ransomware are now facing another threat: their data could become public. Maze’s operators have been collecting data from victim organisations for a while, ultimately using it as a weapon until payment is received to decrypt archives. Now, for […]
We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These changes are observed in installers that drop ransomware like Cerber, Locky, and others. Cybercriminals have […]
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. “Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations,” Trend Micro researchers said in an analysis published last week. “In this case, the distribution involved […]
The operators of TrickBot trojan are collaborating with the Shathak threat group to distribute their wares, ultimately leading to the deployment of Conti ransomware on infected machines. “The implementation of TrickBot has evolved over the years, with recent versions of TrickBot implementing malware-loading capabilities,” Cybereason security analysts Aleksandar Milenkoski and Eli Salem said in a […]