Security News

The U.S. Federal Bureau of Investigation on Monday confirmed that North Korean threat actors were responsible for the theft of $100 million in cryptocurrency assets from Harmony Horizon Bridge in June 2022. The law enforcement agency attributed the hack to the Lazarus Group and APT38, the latter of which is a North Korean state-sponsored threat group that specializes in financial cyber operations.

According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts "Unofficial propaganda and photographs related to ISIS" multiple times on May 14, 2019. In virtue of being a dark web site-­that is, one hosted on the Tor anonymity network-­it should have been difficult for the site owner's or a third party to determine the real IP address of any of the site's visitors.

In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the internet's most severe security crisis. Ransomware as a Service has become the most widespread type of ransomware.

The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials for financial institutions and crypto exchanges. These ads appear at the top of search result pages and link to sites that look identical to the impersonated company's website.

Organizations in the food sector are now also targeted in business email compromise attacks that aim to steal entire shipments of food, according to a joint advisory issued by several U.S. federal agencies. As the FBI, the Food and Drug Administration Office of Criminal Investigations, and the U.S. Department of Agriculture revealed, the value of the stolen food reaches, in some cases, hundreds of thousands of dollars.

The U.S. Department of Justice on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of-service attacks on behalf of other threat actors, effectively lowering the barrier to entry for malicious activity. These websites, although claiming to provide testing services to assess the resilience of a paying customer's web infrastructure, are believed to have targeted several victims in the U.S. and elsewhere, such as educational institutions, government agencies, and gaming platforms.

The US Department of Justice has seized 48 Internet domains and charged six suspects for their involvement in running 'Booter' or 'Stresser' platforms that allow anyone to easily conduct distributed denial of service attacks."Some sites use the term"stresser" in an effort to suggest that the service could be used to test the resilience of one's own infrastructure; however, as described below, I believe this is a façade and that these services exist to conduct DDoS attacks on victim computers not controlled by the attacker, and without the authorization of the victim," reads an affidavit by FBI Special Agent Elliott Peterson out of the Alaska field office.

The Cuba gang has hit more than 100 organizations worldwide, demanding over $145 million in payments and successfully extorting at least $60 million since August, according to a joint FBI and US Cybersecurity and Infrastructure Security Agency advisory. Private security researchers have identified possible links between Cuba ransomware criminals and their RomCom remote access trojan and Industrial Spy ransomware counterparts.

The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies warned today.

The Federal Bureau of Investigation said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. To add insult to injury, the FBI says that the Hive gang will deploy additional ransomware payloads on the networks of victims who refuse to pay the ransom.