Security News

The Federal Bureau of Investigation warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. The FBI issued the warning via a TLP:GREEN Private Industry Notification designed to provide cybersecurity professionals with the information required to properly defend against these ongoing attacks.

The REvil cybergang is taking credit for Friday's massive ransomware attack against managed service provider Kaseya Ltd. The criminals behind the attack claim it infected 1 million systems tied to Kaseya services and are demanding $70 million in bitcoin in exchange for a decryption key. The attack is considered the single biggest global ransomware attack on record.

CISA and the Federal Bureau of Investigation have shared guidance for managed service providers and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform. The two federal agencies advise MSPs affected by the Friday REvil attack to further check their systems for signs of compromise using a detection tool provided by Kaseya over the weekend and enable multi-factor authentication on as many accounts as possible.

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency, Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and the U.K.'s National Cyber Security Centre formally attributed the incursions to the Russian General Staff Main Intelligence Directorate 85th Main Special Service Center. "The campaign uses a Kubernetes cluster in brute force access attempts against the enterprise and cloud environments of government and private sector targets worldwide," CISA said.

The FBI's director told lawmakers Thursday that the bureau discourages ransomware payments to hacking groups even as major companies in the past month have participated in multimillion-dollar transactions aimed at getting their systems back online. Besides the fact that such payments can encourage additional cyberattacks, victims may not automatically get back their data despite forking over millions, "And that's not unknown to happen," Wray said.

For three years, the Federal Bureau of Investigation and the Australian Federal Police owned and operated a commercial encrypted phone app, called AN0M, that was used by organized crime around the world. This week, the world's police organizations announced 800 arrests based on text messages sent over the app.

The Federal Bureau of Investigation warned private sector companies of scammers impersonating construction companies in business email compromise attacks targeting organizations from multiple US critical infrastructure sectors. BEC scammers use various tactics to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under their control.

Even though law enforcement groups around the world urge ransomware victims not to pay up, Colonial apparently decided to hand over what was then $4.4 million in bitcoins anyway. Sadly, the value of Bitcoin has taken a tumble since last month, so even though 85% of the bitcoins involved in the blackmail payment were recovered, they're now worth about 50% of what they cost when Colonial purchased them to do its deal with the criminals.

Their messages were some of 27 million that the FBI and law enforcement partners in Australia and elsewhere scooped up and decrypted, exposing global criminal networks to an unparallelled extent. FBI Special Agent Suzanne Turner said they were stunned at how openly traffickers exchanged information on the ANOM devices.

The FBI has revealed how it managed to hoodwink the criminal underworld with its secretly backdoored AN0M encrypted chat app, leading to hundreds of arrests, the seizure of 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148M, and even cocaine-filled pineapples. "The CHS offered this next generation device, named 'AN0M,' to the FBI to use in ongoing and new investigations. The CHS also agreed to offer to distribute AN0M devices to some of the CHS's existing network of distributors of encrypted communications devices."