Security News > 2022 > July

The notorious REvil ransomware gang, linked to the infamous JBS and Kaseya, has resurfaced three months after the arrest of its members in Russia. The financially-motivated cybercriminal threat group Gold Southfield controlled ransomware group known as REvil emerged in 2019 and spread like wildfire after extorting $11 million from the meat-processor JBS. REvil would incentivize its affiliates to carry out cyberattacks for them by giving a percentage of the ransom pay-outs to those who help with infiltration activities on targeted computers.

Google has issued an unexpected update to its Chrome browser to address a zero-day WebRTC flaw that is actively being exploited. The fix is installing Chrome 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android, both of which will appear soon.

The Cyber Police of Ukraine last week disclosed that it apprehended nine members of a criminal gang that embezzled 100 million hryvnias via hundreds of phishing sites that claimed to offer financial assistance to Ukrainian citizens as part of a campaign aimed at capitalizing on the ongoing conflict. "Criminals created more than 400 phishing links to obtain bank card data of citizens and appropriate money from their accounts," the agency said in a press statement last week.

The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking. The ransomware's developer submitted a ZIP archive with AstraLocker decryptors to the VirusTotal malware analysis platform.

The choice of Tampa for his trial was because a known victim of one of his "NetWalker" ransomware attacks is based there. The NetWalker Ransomware was a specific type of malicious software that was used to compromise and restrict access to a victim's computer network in an effort to extort a ransom.

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022. This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.

An anonymous threat actor is selling several databases they claim to contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins. Based on the information they shared regarding the allegedly stolen data, the databases contain Chinese national residents' names, addresses, national ID numbers, contact info numbers, and several billion criminal records.

British Army's Twitter and YouTube accounts were hacked and altered to promote online crypto scams sometime yesterday. Notably, the army's verified Twitter account began displaying fake NFTs and bogus crypto giveaway schemes.

The Django project, an open source Python-based web framework has patched a high severity vulnerability in its latest releases. Tracked as CVE-2022-34265, the potential SQL Injection vulnerability impacts Django's main branch, and versions 4.1, 4.0, and 3.2, with patches and new releases issued that squash the vulnerability.

Contrary to most worms, Hopper was built to do good. The development team at Cymulate based Hopper on a common malware stager - a small executable that serves as an initial payload, with its primary objective being to prepare a larger payload. Our stager also serves as a PE packer, a program that loads and executes programs indirectly, usually from a package.