Security News

Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit ransomware on the networks of victims in the United States and abroad. According to the criminal complaint, the 20-year-old suspect from the Chechen Republic was allegedly involved in LockBit ransomware attacks between August 2020 and March 2023."Astamirov allegedly participated in a conspiracy with other members of the LockBit ransomware campaign to commit wire fraud and to intentionally damage protected computers and make ransom demands through the use and deployment of ransomware," US DOJ said.

Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. Earlier this March, Google Mandiant disclosed North Korea-based APT43's use of the hash rental and cloud mining services to obscure the forensic trail and wash the stolen cryptocurrency "Clean."

The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on a data leak site-an often-employed tactic before public disclosure of stolen information. The Clop gang took responsibility for the attacks, claiming to have breached "Hundreds of companies" and warning that their names would be added to a data leak site on June 14th if negotiations did not occur.

The threat actors behind the LockBit ransomware-as-a-service scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That's according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, the Multi-State Information Sharing and Analysis Center, and other partner authorities from Australia, Canada, France, Germany, New Zealand, and the U.K. "The LockBit ransomware-as-a-service attracts affiliates to use LockBit for conducting ransomware attacks, resulting in a large web of unconnected threat actors conducting wildly varying attacks," the agencies said.

A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions of the game. Enlisted is a legitimate game published by Gaijin Entertainment in 2021, having between 500,000 and a million active monthly players.

A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions of the game. Enlisted is a legitimate game published by Gaijin Entertainment in 2021, having between 500,000 and a million active monthly players.

U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million following approximately 1,700 attacks against U.S. organizations since 2020. According to reports received by the MS-ISAC throughout last year, approximately 16% of ransomware incidents affecting State, Local, Tribal, and Tribunal governments were LockBit attacks.

On Monday, Microsoft was the first to attribute the attacks to the Clop ransomware operation, followed by the threat actors telling BleepingComputer that they started exploiting servers on May 27th. After analyzing historic telemetry, Kroll security experts also found that the Clop gang likely tested the MOVEit Transfer zero-day since 2021 in limited attacks. Rhysida ransomware group claims attack on Martinique June 5th 2023 Microsoft links Clop ransomware gang to MOVEit data-theft attacks.

Japanese pharma giant Eisai today confirmed to The Register that "There is no imminent risk of stock shortage" after it was hit by ransomware at the weekend. Its Japanese parent group confirmed earlier this week it had taken offline "Certain systems" both inside and outside of Japan, including "Logistics systems" after some of its servers were encrypted by ransomware.

Australian law firm HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang began leaking data they claim was stolen from the company. HWL Ebsworth is one of Australia's largest law firms, with an annual revenue of hundreds of millions of dollars, employing over 2,000 people and operating nine offices nationwide.