Security News

Organizations in the food sector are now also targeted in business email compromise attacks that aim to steal entire shipments of food, according to a joint advisory issued by several U.S. federal agencies. As the FBI, the Food and Drug Administration Office of Criminal Investigations, and the U.S. Department of Agriculture revealed, the value of the stolen food reaches, in some cases, hundreds of thousands of dollars.

The U.S. Department of Justice on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity. These websites, although claiming to provide testing services to assess the resilience of a paying customer's web infrastructure, are believed to have targeted several victims in the U.S. and elsewhere, such as educational institutions, government agencies, and gaming platforms.

The US Department of Justice has seized 48 Internet domains and charged six suspects for their involvement in running 'Booter' or 'Stresser' platforms that allow anyone to easily conduct distributed denial of service attacks."Some sites use the term"stresser" in an effort to suggest that the service could be used to test the resilience of one's own infrastructure; however, as described below, I believe this is a façade and that these services exist to conduct DDoS attacks on victim computers not controlled by the attacker, and without the authorization of the victim," reads an affidavit by FBI Special Agent Elliott Peterson out of the Alaska field office.

The Cuba gang has hit more than 100 organizations worldwide, demanding over $145 million in payments and successfully extorting at least $60 million since August, according to a joint FBI and US Cybersecurity and Infrastructure Security Agency advisory. Private security researchers have identified possible links between Cuba ransomware criminals and their RomCom remote access trojan and Industrial Spy ransomware counterparts.

The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies warned today.

The Federal Bureau of Investigation said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. To add insult to injury, the FBI says that the Hive gang will deploy additional ransomware payloads on the networks of victims who refuse to pay the ransom.

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. According to court documents released by the U.S. Depart of Justice in 2014, Penchukov and eight other members of the cybercriminal group infected "Thousands of business computers" with Zeus, which is capable of stealing passwords, account numbers, and other information relevant to log into online banking accounts.

The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy. "Within the body of the email, the scammers will indicate the specific service to be renewed with a price commonly in the range of $300 to $500 USD, provoking a sense of urgency in the victims to contact them and provide information for a refund," the FBI said.

While the FBI alert doesn't name said hacktivists in its latest cyber squad notification [PDF] for private industry, the Feds may be talking about Killnet, a "Relatively unsophisticated" gang whose "Nuisance-level DDoS attacks" don't live up to its rhetoric, according to security researchers. These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media.

The Federal Bureau of Investigation said on Friday that distributed denial-of-service attacks coordinated by hacktivist groups have a minor impact on the services they target. "Coinciding with the Russian invasion of Ukraine, the FBI is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success," the agency said.