The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack.
The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information on active cases, files from the 2022 drug enforcement operation “Operation Turnbuckle” and more, according to HackManac, which posted screenshots of group’s claims on the X social media platform.
Read more…
Source: SC Media
Related:
- New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
October 1, 2019
Trend Micro found a new modular fileless botnet malware, which we named “Novter,” (also reported and known as “Nodersok” and “Divergent”) that the KovCoreG campaign has been distributing since March. We’ve been actively monitoring this threat since its emergence and early development, and saw it being frequently updated. KovCoreG, active since 2011, is a long-running campaign ...
- Thousands of PCs Affected by Nodersok/Divergent Malware
September 27, 2019
New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own components but also takes advantage of existing tools to do ...
- WhiteShadow downloader uses Microsoft SQL queries to deliver malicious payloads
September 27, 2019
Researchers have documented the emergence of a downloader that makes use of Microsoft SQL queries to pull and deliver malicious payloads. In August this year, Proofpoint researchers found the new, staged downloader, known as WhiteShadow, which is being used to deliver a variety of malware to vulnerable systems. The cybersecurity team said in a blog post on Thursday ...
- Malware infection disrupts production at defence contractor plants in three countries
September 27, 2019
One of the biggest defence contractors in the world is having a very bad week after malware infected the company’s network and caused “significant disruption” at plants in three countries, the company said on Thursday. The infection took root on Tuesday, September 24, and affected Rheinmetall AG, a German corporation based in Düsseldorf, and one of ...
- Arcane Stealer V Takes Aim at the Low End of the Dark Web
September 27, 2019
A general-purpose info-stealing malware is poised to make a splash in cybercrime circles, thanks to its market niche: It’s positioned as an ideal tool for low-skilled adversaries looking to get some skin in the game without having a lot of expertise. According to the Fidelis Threat Research Team (TRT), the Arcane Stealer V malware is an ...
- Masad Spyware Uses Telegram Bots for Command-and-Control
September 27, 2019
A freshly discovered commercial spyware dubbed the “Masad Clipper and Stealer” is using Telegram bots as its command-and-control (C2) hub. Masad harvests information from Windows and Android users and also comes with a full cadre of other malicious capabilities, including the ability to steal cryptocurrency from victims’ wallets. According to an analysis from Juniper Threat Labs on ...