Security News

The Federal Bureau of Investigation says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide between November 2021 and March 2022. The flash alert is part of a series of similar reports highlighting the tactics, techniques, and procedures used by and indicators of compromise linked to ransomware variants identified during FBI investigations.

The US Federal Bureau of Investigation warned Food and Agriculture sector organizations today of an increased risk that ransomware gangs "May be more likely" to attack them during the harvest and planting seasons. While ransomware groups regularly target the US agriculture sector, the FBI noted that the number of attacks against such entities during such critical seasons stands out.

The U.S. Cybersecurity and Infrastructure Security Agency, along with the Federal Bureau of Investigation and the Treasury Department, warned of a new set of ongoing cyber attacks carried out by the Lazarus Group targeting blockchain companies. Targeted organizations include cryptocurrency exchanges, decentralized finance protocols, play-to-earn cryptocurrency video games, cryptocurrency trading companies, venture capital funds investing in cryptocurrency, and individual holders of large amounts of cryptocurrency or valuable non-fungible tokens.

Cybercriminals are attempting to trick American users of digital payment apps into making instant money transfers in social engineering attacks using text messages with fake bank fraud alerts. "Under the pretext of reversing the fake money transfer, victims are swindled into sending payment to bank accounts under the control of the cyber actors," the FBI said.

The Treasury Department's Office of Foreign Assets Control has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. The Federal Bureau of Investigation said two North Korean hacking groups, Lazarus and BlueNorOff, were behind last month's Ronin hack.

The Treasury Department's Office of Foreign Assets Control has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. Blockchain data platform Chainalysis first spotted that a new ETH address added by OFAC to the SDN list as part of a Lazarus Group update was also used in March to collect the ETH and USDC tokens stolen in the Ronin hack.

Dubbed Tourniquet, the seizure of the cybercrime website involved authorities from the U.S., U.K., Sweden, Portugal, and Romania, with the criminal investigation resulting in the arrest of the forum's administrator at his home last month in Croydon, England. Interestingly, the "Raid" in RaidForums is a nod to its early beginnings as a hub for organizing various forms of electronic harassment - like "Raiding," which refers to a form of targeted harassment by posting an overwhelming volume of messages to a victim.

The U.S. Department of Justice announced that it neutralized Cyclops Blink, a modular botnet controlled by a threat actor known as Sandworm, which has been attributed to the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation. "The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command-and-control of the underlying botnet," the DoJ said in a statement Wednesday.

FBI investing millions in software to monitor social media platforms. The FBI has invested millions of dollars into social media tracking software, according to a report from the Washington Post.

A coordinated operation conducted by the FBI and its international law enforcement partners has resulted in disrupting business email compromise schemes in several countries. BEC actors are high-level scammers who trick employees of real companies into making payments to bank accounts under their control, pretending to be a business partner or a firm submitting a legitimate payment order.