Security News

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful than others, law enforcement has been increasingly using hack-back tactics to infiltrate operations and disrupt them.

The US Justice Department announced today a disruption campaign against the Blackcat/ALPHV ransomware group and let victims know that there is a decryptor they can use. Over the past 18 months, ALPHV/Blackcat has emerged as the second most prolific ransomware-as-a-service variant in the world based on the hundreds of millions of dollars in ransoms paid by victims around the world.

A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. BleepingComputer suspects that the ransomware gang may have suffered potential law enforcement action after their recent activities, which was also hinted at by others.

Considering the phenomenal increase in mobile and IoT devices, data traffic subscribers, and SIM connections, how have the security challenges evolved for telecom providers? Regardless of the security of the network connection, the consumer should be provided with the protection they need to keep them and their data safe.

The US Attorney's Office for the district alleged Sagar Steven Singh and Nicholas Ceraolo had not only blackmailed victims using their personal info by threatening to post it on a public-facing website, but they also made "Emergency requests" to social media companies asking for information about users. It might interest readers to know that Twitter, for example, had 11,500 requests for information on 28,000 accounts worldwide from government and law enforcement officials from July to December 2021.

A coordinated international law enforcement exercise has taken down the online infrastructure associated with a cross-platform remote access trojan known as NetWire. "NetWire is a licensed commodity RAT offered in underground forums to non-technical users to carry out their own criminal activities," Europol's European Cybercrime Center said in a tweet.

In a joint effort, the German Regional Police, Ukrainian National Police, Europol, Dutch Police, and FBI joined forces on February 28, 2023, to take down the masterminds behind a notorious criminal organization responsible for unleashing devastating cyberattacks using the DoppelPaymer ransomware. This ransomware appeared in 2019, when cybercriminals started using it to launch attacks against organizations, critical infrastructure, and industries.

The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a "Major" breach of its information security defenses allowed a ransomware infection and exfiltration of "Law-enforcement sensitive information". NBC broke news of the incident, which Marshals Service spokesperson Drew Wade described as having impacted a system that "Contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

A joint law enforcement operation conducted by Germany, the Netherlands, and Poland has cracked yet another encrypted messaging application named Exclu used by organized crime groups. "Exclu makes it possible to exchange messages, photos, notes, voice memos, chat conversations, and videos with other users," the Politie said.

The infrastructure associated with the Hive ransomware-as-a-service operation has been seized as part of a coordinated law enforcement effort involving 13 countries. "Law enforcement identified the decryption keys and shared them with many of the victims, helping them regain access to their data without paying the cybercriminals," Europol said in a statement.