Cybercrime


NEWS 
  • U.S. Accuses North Korean Hackers of Stealing Millions

    February 17, 2021

    The U.S. Department of Justice has indicted three North Korean computer programmers for their alleged participation in widespread, destructive cyberattacks as part of the advanced persistent threat (APT) known as Lazarus Group. The indictment broadens the scope of crimes that the DoJ has linked to Lazarus Group (and by extension, to North Korea). The feds also ...

  • Kia Motors America suffers ransomware attack, $20 million ransom

    February 17, 2021

    Kia Motors America has suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data. Kia Motors America (KMA) is headquartered in Irvine, California, and is a Kia Motors Corporation subsidiary. KMA has nearly 800 dealers in the USA with cars and SUVs manufactured out of West ...

  • Details Tied to Safari Browser-based ‘ScamClub’ Campaign Revealed

    February 17, 2021

    Details of a flaw in Apple’s Safari browser, publicly disclosed Tuesday, outline how the cybergang known as ScamClub reached 50 million users with a three-month-long malicious ad campaign pushing malware to mobile iOS Chrome and macOS desktop browsers. The Safari bug, patched on Dec. 2 by Apple, was exploited by a malvertising campaign that redirected traffic ...

  • DDoS attacks in Q4 2020

    February 16, 2021

    Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix ADC (application delivery controller) devices became one such tool, when perpetrators abused their DTLS interface. The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as ...

  • DDoS attacks on Russian online retailers double in 2020

    February 16, 2021

    The number of DDoS attacks on Russian online retailers nearly doubled in 2020 compared to the previous year, the Rostelecom-Solar cyber security company said in a statement. “Online retail business has been in the focus of cyber criminals for several years. However, as customer demand for online retail services grew amid coronavirus restrictions, they became even ...

  • DDoS attack takes down EXMO cryptocurrency exchange servers

    February 15, 2021

    The servers of British cryptocurrency exchange EXMO were taken offline temporarily after being targeted in a distributed denial-of-service (DDoS) attack. “We are currently experiencing a DDoS attack on our platform,” the exchange said in a notification published earlier today. “Please note that the EXMO exchange website is now under the DDoS attack. The servers are temporarily unavailable.” In ...

  • Egregor ransomware members arrested by Ukrainian, French police

    February 14, 2021

    A joint operation between French and Ukrainian law enforcement has reportedly led to the arrests of several members of the Egregor ransomware operation in Ukraine. As reported first by France Inter, on Tuesday, law enforcement made the arrests after French authorities could trace ransom payments to individuals located in Ukraine. The arrested individuals are thought to be ...

  • Leading Canadian rental car company hit by DarkSide ransomware

    February 13, 2021

    Canadian Discount Car and Truck Rentals has been hit with a DarkSide ransomware attack where the hackers claim to have stolen 120GB of data. Discount Car and Truck Rentals is a leading Canadian car and truck rental company with 300 locations throughout Canada. Enterprise Holdings’ Canadian subsidiary acquired the company in 2020. This month, the car rental ...

  • Avaddon ransomware fixes flaw allowing free decryption

    February 11, 2021

    The Avaddon ransomware gang has fixed a bug that let victims recover their files without paying the ransom. The flaw came to light after a security researcher exploited it to create a decryptor. On Tuesday, Javier Yuste, a Ph.D. student at Rey Juan Carlos University, published a decryptor for the Avaddon Ransomware on his GitHub page ...

  • British cyber gang ‘stole large amounts from US sports and music stars after accessing their phones’

    February 10, 2021

    Eight Britons have been arrested for hacking into the phones of US celebrities to steal money and personal information – even posing as them online. Britain’s National Crime Agency (NCA) said sports stars, musicians and their families had been targeted by the scam in which criminals gain access to their victim’s phones or accounts. This allowed them ...

  • Web hosting provider shuts down after cyberattack

    February 9, 2021

    A web hosting company named No Support Linux Hosting announced today it was shutting down after a hacker breached its internal systems and compromised its entire operation. According to a message posted on its official site , the company said it was breached on Monday, February 8. The hacker appears to have “compromised” the company’s entire ...

  • Billions of Passwords Offered for $2 in Cyber-Underground

    February 8, 2021

    A “compilation of many breaches” – COMB for short – has been leaked on the cyber-underground, according to researchers. The so-called COMB contains a staggering 3.27 billion unique combinations of cleartext email addresses and passwords. The trove is an aggregate database that brings together older stolen data from breaches past – including credentials from Netflix, LinkedIn, ...

  • Eletrobras, Copel energy companies hit by ransomware attacks

    February 5, 2021

    Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), two major electric utilities companies in Brazil have announced that they suffered ransomware attacks over the past week. State-controlled, both are key players in the country. Copel being the largest in the state of Paraná while Eletrobras is the largest power utility company in Latin America ...

  • The State Of Ransomware, 2020’s Catch-22

    February 3, 2021

    A ransomware infection can put organizations in difficult situations. The damage that WannaCry and Petya have caused has made people more wary, leading to stricter and more consistent security measures against a constant threat. Developments in ransomware over the past year have made dealing with ransomware not only difficult but also a delicate matter. Aside ...

  • Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise

    February 2, 2021

    Two web skimmers have been discovered on the payment webpages of Costway, one of the top retailers in North America and Europe, which sells appliances, furniture and more. The skimmers are targeting consumers’ credit-card payment details. In a twist, researchers say one of these web skimmers is piggybacking on top of the other, to take over ...

  • Ransomware gangs now have industrial targets in their sights

    February 2, 2021

    Ransomware attacks are a potential danger for any organisation, with ransomware variants including Conti, Egregor, Maze and many others still successfully compromising victims across all industries – but there are some industries that criminal gangs are targeting more than others. The ransomware attacks are successful because many organisations can’t afford for their network to be out ...

  • Agent Tesla ramps up its game in bypassing security walls, attacks endpoint protection

    February 2, 2021

    Agent Tesla malware variants are now using new techniques to try and eradicate endpoint antivirus security. On Tuesday, Sophos researchers said that two new variants of the Remote Access Trojan (RAT) are targeting Microsoft Anti-Malware Software Interface (AMSI), scanning and analysis software designed to prevent malware infections from taking hold. Agent Tesla operators will now attempt to ...

  • Minnesota: Netgain ransomware incident impacts local governments

    February 2, 2021

    The ransomware incident that Netgain, a provider of managed IT services, had late last year rippled onto its customers. Now, Ramsey County, Minnesota, is informing clients of the Family Health Division program that the hackers may have accessed personal data. The government of Ramsey County learned about the potential breach on December 2, 2020, when Netagin ...

  • Trickbot malware now maps victims’ networks using Masscan

    February 2, 2021

    The Trickbot malware has been upgraded with a network reconnaissance module designed to survey local networks after infecting a victim’s computer. This new module, dubbed masrv, uses the open-source masscan tool, a mass port scanner with its own TCP/IP stack and capable of scanning large swaths of the Internet in a matter of minutes. Trickbot uses the ...

  • UK Research and Innovation (UKRI) suffers ransomware attack

    January 30, 2021

    The UK Research and Innovation (UKRI) is dealing with a ransomware incident that encrypted data and impacted two of its services, one offering information to subscribers and the platform for peer review of various parts of the agency. UKRI is a public body of the Government of the United Kingdom, tasked with investing in science and ...