Security News

Ransom Gangs Emailing Victim Customers for Leverage
2021-04-05 21:38

Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim's customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up. Several gigabytes of the company's files - including employee tax and financial records - have been posted to the victim shaming site for the Clop ransomware gang.

Ransomware admin is refunding victims their ransom payments
2021-03-28 22:53

On March 19, the Ziggy ransomware administrator said that they also wanted to return the money to the victims that paid the ransom. Today, after a week of silence, the admin said that they were ready to revert payments.

Ransomware gang urges victims’ customers to demand a ransom payment
2021-03-26 19:42

A ransomware operation known as 'Clop' is applying maximum pressure on victims by emailing their customers and asking them to demand a ransom payment to protect their privacy. After the Clop gang stole data from jet maker Bombardier in an Accellion hack, they leaked a small amount on their ransomware data leak site.

The Week in Ransomware - March 19th 2021 - Highest ransom ever!
2021-03-19 21:40

Dnwls0719 found a new Rapid ransomware variant that appends the. Xiaopao found a new variant of the Xorist ransomware that appends the.

Tether cryptocurrency firm says docs in $24 million ransom are 'forged'
2021-03-01 15:14

USDT cryptocurrency developer Tether has said they are being extorted by threat actors who are demanding 500 bitcoins, or approximately $24 million, not to leak allegedly stolen emails and documents. While Tether has stated that the documents circulating online are forged, they revealed yesterday that they received a ransom note demanding 500 bitcoins or this alleged data dump will be publicly released online.

Kia Motors America suffers ransomware attack, $20 million ransom
2021-02-17 18:30

Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary.

Hackers hit CD Projekt Red, steal data, ask for ransom
2021-02-09 13:59

Polish game developer CD Projekt Red has been hit by hackers, who breached its internal network, stole data, encrypted some devices, and asked for a ransom to not sell of leak online sensitive company documents and the source code of some of their more popular games. The company categorized the attack as targeted, and admitted that the attacker managed to access the company's internal network and "Collected certain data belonging to CD PROJEKT capital group."

CD Projekt Red 'EPICALLY pwned': Cyberpunk 2077 dev publishes ransom note after company systems encrypted
2021-02-09 12:28

CD Projekt Red, the Polish developer of Cyberpunk 2077 and The Witcher 3, has disclosed a major security incident in which several company systems were encrypted and confidential data stolen. "If we will not come to an agreement, then your source codes will be sold or leaked online and your documents will be sent to our contacts in gaming journalism," wrote the attackers, who added CD Projekt Red had a 48-hour deadline to respond to their demands.

US charges NetWalker ransomware affiliate, seizes ransom payments
2021-01-27 20:32

The U.S. Justice Department announced today the disruption of the Netwalker ransomware operation and the indictment of a Canadian national for alleged involvement in the file-encrypting extortion attacks. Earlier today, BleepingComputer reported that law enforcement in the U.S. and Bulgaria seized Netwalker sites on the dark web used for leaking data from non-paying victims and for negotiating payments for data decryption.

Ryuk Rakes in $150M in Ransom Payments
2021-01-08 20:19

Joint research released this week from Brian Carter, principal researcher at HYAS, and Vitali Kremez, CEO at Advanced Intelligence, took a the look under the Ryuk hood concerning the business operations of the group. The two were able to trace payments involving 61 Bitcoin deposit addresses attributed to the Ryuk ransomware.