Security News

LockBit victims in the US alone paid over $90m in ransoms since 2020
2023-06-14 19:42

Seven nations today issued an alert, plus protection tips, about LockBit, the prolific ransomware-as-a-service gang, as the group's affiliates remains a global scourge, costing US victims alone more than $91 million since 2020. The crew has been linked to Russia, and in May Uncle Sam sanctioned a Russian national, Mikhail Pavlovich Matveev, accused of using LockBit and other ransomware to extort a law enforcement agency and nonprofit healthcare organization in New Jersey, as well as the Metropolitan Police Department in Washington DC, among "Numerous" other victim organizations in the US and globally.

IT security analyst admits hijacking cyber attack to pocket ransom payments
2023-05-24 08:30

A former IT security analyst at Oxford Biomedica has admitted, five years after the fact, to turning to the dark side - by hijacking a cyber attack against his own company in an attempt to divert any ransom payments to himself. Ashley Liles, of Letchworth Garden City, Hertfordshire, pleaded guilty at Reading Crown Court to blackmail and unauthorized access to a computer with intent to commit other offences on May 17 following an investigation by the South East Regional Organised Crime Unit.

Dish Network likely paid ransom after recent ransomware attack
2023-05-19 15:34

Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. Ransomware gangs only delete data or provide a decryption key after a ransom is paid, meaning that is highly unlikely that Dish could receive confirmation that the stolen data was deleted without paying.

Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
2023-05-16 12:20

Ransomware affiliates associated with the Qilin ransomware-as-a-service scheme earn anywhere between 80% to 85% of the ransom payments, according to new findings from Group-IB. The cybersecurity firm said it was able to infiltrate the group in March 2023, uncovering details about the affiliates' payment structure and the inner workings of the RaaS program following a private conversation with a Qilin recruiter who goes by the online alias Haise. "Many Qilin ransomware attacks are customized for each victim to maximize their impact," the Singapore-headquartered company said in a new report.

New Money Message ransomware demands million dollar ransoms
2023-04-02 17:36

A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor. While investigating, BleepingComputer has seen evidence of a potential Money Message breach on a well-known computer hardware vendor.

Crown Resorts confirms ransom demand after GoAnywhere breach
2023-03-28 16:26

Crown Resorts, Australia's largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability. This data breach was conducted by the Clop ransomware gang, which has shifted over the past year from encrypting files to performing data extortion attacks.

Ferrari discloses data breach after receiving ransom demand
2023-03-20 23:20

Ferrari has disclosed a data breach following a ransom demand received after attackers gained access to some of the company's IT systems."We regret to inform you of a cyber incident at Ferrari, where a threat actor was able to access a limited number of systems in our IT environment," Ferrari says in breach notification letters sent to customers.

LockBit's Royal Mail ransom deadline flies by. No data released
2023-02-13 12:38

In brief The notorious LockBit ransomware gang has taken credit for an attack on the Royal Mail - but a deadline it gave for payment has come and gone with nothing exposed to the web except the group's claims. LockBit even published a page bragging of an attack against fintech firm ION without directly acknowledging the Royal Mail attack earlier this week - though that's now changed, according to Reuters.

Riot Games receives ransom demand from hackers, refuses to pay
2023-01-24 17:23

Riot Games says it will not pay the ransom demanded by the attackers responsible for the security breach the company disclosed last week. "While we hope some of these game modes and other changes eventually make it out to players, most of this content is in prototype and there's no guarantee it will ever be released," Riot Games said.

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
2022-12-02 06:04

The threat actors behind Cuba ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation, the agencies highlighted a "Sharp increase in both the number of compromised U.S. entities and the ransom amounts."