Security News

The Cuba gang has hit more than 100 organizations worldwide, demanding over $145 million in payments and successfully extorting at least $60 million since August, according to a joint FBI and US Cybersecurity and Infrastructure Security Agency advisory. Private security researchers have identified possible links between Cuba ransomware criminals and their RomCom remote access trojan and Industrial Spy ransomware counterparts.

The FBI and CISA revealed in a new joint security advisory that the Cuba ransomware gang raked in over $60 million in ransoms as of August 2022 after breaching more than 100 victims worldwide. "Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase," the two federal agencies warned today.

The Federal Bureau of Investigation said today that the notorious Hive ransomware gang has successfully extorted roughly $100 million from over a thousand companies since June 2021. To add insult to injury, the FBI says that the Hive gang will deploy additional ransomware payloads on the networks of victims who refuse to pay the ransom.

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. According to court documents released by the U.S. Depart of Justice in 2014, Penchukov and eight other members of the cybercriminal group infected "Thousands of business computers" with Zeus, which is capable of stealing passwords, account numbers, and other information relevant to log into online banking accounts.

The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy. "Within the body of the email, the scammers will indicate the specific service to be renewed with a price commonly in the range of $300 to $500 USD, provoking a sense of urgency in the victims to contact them and provide information for a refund," the FBI said.

While the FBI alert doesn't name said hacktivists in its latest cyber squad notification [PDF] for private industry, the Feds may be talking about Killnet, a "Relatively unsophisticated" gang whose "Nuisance-level DDoS attacks" don't live up to its rhetoric, according to security researchers. These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media.

The Federal Bureau of Investigation said on Friday that distributed denial-of-service attacks coordinated by hacktivist groups have a minor impact on the services they target. "Coinciding with the Russian invasion of Ukraine, the FBI is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success," the agency said.

In what can only be described as inevitable, the FBI is warning those eligible for student loan debt relief to keep an eye out for scammers trying to take advantage of President's Biden program. The White House announced limited student loan debt forgiveness in August, with qualifying individuals and joint filers each able to get up to $10,000 of student loan debt forgiven, or double that amount if the person was awarded Pell grants for low-income students.

The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money. Federal Student Aid is a debt relief program announced in August 2022 that opened for applications yesterday.

The Federal Bureau of Investigation warned today of foreign influence operations that might spread disinformation to affect the results of this year's midterm elections. The federal law enforcement agency warned that foreign actors are actively spreading election infrastructure disinformation to manipulate public opinion, discredit the electoral process, sow discord, and encourage a lack of trust in democratic processes and institutions.