On March 5, the FBI issued an alert regarding a mail scam targeting U.S. business executives with extortion. The letters claim to be from noted ransomware group BianLian, demanding a payment in Bitcoin ranging from $250,000 to $500,000 within ten days of receipt.
The FBI alert reads as follows: “Stamped “Time Sensitive Read Immediately”, the letter claims the “BianLian Group” gained access into the organization’s network and stole thousands of sensitive data files. The letter then goes on to threaten that the victim’s data will be published to BianLian’s data leak sites if recipients do not use an included QR code linked to a Bitcoin wallet to pay between $250,000 and $500,000 within ten days from receipt of the letter, claiming the group will not negotiate further with victims.”
Read more…
Source: Rapid7
Related:
- Up to 40,000 British Ticketmaster users may have had their personal and payment details stolen by hackers
June 27, 2018
Ticketmaster UK have admitted British customers may have had their credit card data stolen in a security breach that could have affected up to 40,000 people. The company says it ‘identified malicious software’ on a third party product on Saturday, but did not reveal the breach until today. The firm said it disabled the software as soon ...
- New Malware Family Uses Custom UDP Protocol for C&C Communications
June 26, 2018
Security researchers have uncovered a new highly-targeted cyber espionage campaign, which is believed to be associated with a hacking group behind KHRAT backdoor Trojan and has been targeting organizations in South East Asia. According to researchers from Palo Alto, the hacking group, which they dubbed RANCOR, has been found using two new malware families—PLAINTEE and DDKONG—to target ...
- FakeSpy Android Information-Stealing Malware Targets Japanese and Korean-Speaking Users
June 19, 2018
Spoofing legitimate mobile applications is a common cybercriminal modus that banks on their popularity and relies on their users’ trust to steal information or deliver payloads. Cybercriminals typically use third-party app marketplaces to distribute their malicious apps, but in operations such as the ones that distributed CPUMINER, BankBot, and MilkyDoor, they would try to get their apps published ...
- Ex-CIA employee charged with leaking ‘Vault 7’ hacking tools to Wikileaks
June 18, 2018
A 29-year-old former CIA computer programmer who was charged with possession of child pornography last year has now been charged with masterminding the largest leak of classified information in the agency’s history. Joshua Adam Schulte, who once created malware for both the CIA and NSA to break into adversaries computers, was indicted Monday by the Department of Justice on 13 ...
- Banco de Chile Wiper Attack Just a Cover for $10M SWIFT Heist
June 13, 2018
A cyberattack against Chile’s largest financial institution last month, which reportedly destroyed 9,000 workstations and 500 servers, was actually cover for a larger plot to compromise endpoints handling transactions on the SWIFT network. When the dust settled on the attacks, investigators said $10 million was stolen from Banco de Chile and funneled off to an account in Hong ...
- Zero-Day Flash Exploit Targeting Middle East
June 7, 2018
A zero-day vulnerability is being exploited in the wild in targeted attacks against Windows users in the Middle East, researchers warned Thursday. The Flash Player vulnerability (CVE-2018-5002), a stack-based buffer overflow bug that could enable arbitrary code execution, was patched earlier today by Adobe. Read more… Source: ThreatPost