Security News

A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds. Codenamed "HAECHI-II," the crackdown enabled law enforcement units from across 20 countries, as well as Hong Kong and Macao, close 1,660 cases alongside blocking 2,350 bank accounts linked to the fraudulent illicit funds amassed from a range of online financial crimes, such as romance scams, investment fraud, and money laundering associated with illegal online gambling.

The Spanish police have arrested 45 people who are believed to be members of an online fraud group that operated twenty websites to defraud at least 200 people of 1,500,000 Euros. When victims made purchases, the money went to bank accounts that belonged to other victims who were forced by the criminals to act as "Money mules".

Miscreants have hijacked the systems of Angling Direct, diverting traffic from its websites to Pornhub and threatening to wipe its internal data. The statement says Angling Direct has contacted the law enforcement agencies and the UK's data watchdog, the Information Commissioner's Office.

Ransomware attacks on industrial environments have increased by 500 per cent in three years, and it's unlikely the criminals responsible are going to slow down anytime soon. If cyber-attackers are smart, is it possible to beat them with something even smarter? Something like AI? And is it possible to predict what the next wave of attacks will look like and prepare now?

Europol has announced the arrest of 12 individuals believed to be linked to ransomware attacks against 1,800 victims in 71 countries. The most notable case linked to the suspects is a 2019 attack against Norsk Hydro, the Norwegian aluminum production giant, causing severe and lengthy disruption in the company's operations.

Hurling online abuse at ransomware gangs may have contributed to a hardline policy of dumping victims' data online, according to counter-ransomware company Emsisoft. Earlier this month, the Conti ransomware gang declared it would publish victims' data and break off ransom negotiations if anyone other than "Respected journalist and researcher personalities" [sic] dared publish snippets of ransomware negotiations, amid a general hardening of attitudes among ransomware gangs.

Two Eastern European nationals have been sentenced in the U.S. for offering "Bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison, respectively, for their roles in the scheme.

A new national cyber strategy will be launched by year-end, the National Cyber Security Centre's chief exec has promised - while calling out spyware vendor NSO Group as a "Red flag" for the UK infosec community. Lindy Cameron told the Chatham House international affairs think tank that NSO Group was "Something we raised a red flag about before, that the commercial market for sophisticated cyber exploitation products is an issue."

As a result, ransomware groups are hiring experts in every aspect of the business, from pen-testers who can gain initial access to systems to ransom negotiators. We've seen ransomware groups call and harass employees of an organisation. We've seen them reach out to business partners and suppliers, third parties, to drum up additional pressure," he says.

The London law firm which secured a court injunction forbidding ransomware criminals from publishing data stolen from them has now gone a step further - by securing a default judgment from the High Court. 4 New Square Ltd, a barristers' chambers, raised some amusement in cyber security circles in July when it applied for a High Court injunction in the wake of a ransomware infection.