The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack.
The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information on active cases, files from the 2022 drug enforcement operation “Operation Turnbuckle” and more, according to HackManac, which posted screenshots of group’s claims on the X social media platform.
Read more…
Source: SC Media
Related:
- New cryptomining malware builds an army of Windows, Linux bots
April 23, 2021
A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. First spotted by Alibaba Cloud (Aliyun) security researchers in February (who dubbed it Sysrv-hello) and active since December 2020, the botnet has also landed on the radars of researchers at ...
- Ransomware gang offers traders inside scoop on attack victims so they can short sell their stocks
April 23, 2021
Brazen ransomware groups are continuing to seek out new avenues to rake in profits and ratchet up pressure on victims. In one of the latest such developments, the DarkSide ransomware group is openly coaxing stock traders to reach out and receive the inside scoop on the gang’s latest corporate victims, so they can short sell ...
- New US Justice Department team aims to disrupt ransomware operations
April 22, 2021
The US Department of Justice (DoJ) is forming a new task force to deal with the “root causes” of ransomware. In an internal memo, the DoJ outlines the creation of a new initiative that will bring together current efforts in federal government to “pursue and disrupt” ransomware operations. As noted by CNN, this could include the takedown ...
- Telegram Platform Abused in ‘ToxicEye’ Malware Campaigns
April 22, 2021
Hackers are leveraging the popular Telegram messaging app by embedding its code inside a remote access trojan (RAT) dubbed ToxicEye, new research has found. A victim’s computer infected with the ToxicEye malware is controlled via a hacker-operated Telegram messaging account. The ToxicEye malware can take over file systems, install ransomware and leak data from victim’s PCs, ...
- Mount Locker Ransomware Aggressively Changes Up Tactics
April 22, 2021
The Mount Locker ransomware has shaken things up in recent campaigns with more sophisticated scripting and anti-prevention features, according to researchers. And, the change in tactics appears to coincide with a rebranding for the malware into “AstroLocker.” According to researchers, Mount Locker has been a swiftly moving threat. Having just hit the ransomware-as-a-service scene in the ...
- Prometei botnet is hunting for unpatched Microsoft Exchange servers
April 22, 2021
Cyber criminals are trying to use vulnerabilities in Microsoft Exchange servers to add to their botnet for mining cryptocurrency – but the level of access they’re gaining means they could use their access for other, much more dangerous cyberattacks. Detailed by cybersecurity researchers at Cybereason, the Prometei botnet is a widespread global campaign that is targeting ...