Those who hacked the Internet Archive haven’t gone away. Users of the Internet Archive who have submitted helpdesk tickets are reporting replies to the tickets from the hackers themselves.
Internet Archive, most known for its Wayback Machine, is a digital library that allows users to look at website snapshots from the past. It is often used for academic research and data analysis. Earlier in October, the Internet Archive suffered from a data breach and DDoS attack. During that breach the attackers were able to steal a user authentication database containing 31 million records.
Read more…
Source: Malwarebytes Labs
Related:
- REvil ransomware operators claim group is ending activity again, victim leak blog now offline
October 19, 2021
Cybercriminals claiming to be part of the REvil ransomware group have alleged that the gang is closing shop after losing control of vital infrastructure and having internal disputes. Recorded Future security expert Dmitry Smilyanets shared multiple messages on Twitter from ‘0_neday’ — a known REvil operator — discussing what happened on the cybercriminal forum XSS. He ...
- Trickbot module descriptions
October 19, 2021
Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016 and performed man-in-the-browser attacks in order to steal banking credentials. Trickbot was first discovered in October 2016. Just like Dyre, its main functionality was initially the theft of online banking data. However, over time, its ...
- Joint CISA, FBI and NSA Cybersecurity Advisory – BlackMatter Ransomware
October 18, 2021
This joint Cybersecurity Advisory was developed by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) to provide information on BlackMatter ransomware. Since July 2021, BlackMatter ransomware has targeted multiple U.S. critical infrastructure entities, including two U.S. Food and Agriculture Sector organizations. This advisory provides information ...
- Sinclair Confirms Ransomware Attack That Disrupted TV Stations
October 18, 2021
Sinclair Broadcast Group, which owns hundreds of local television stations across the U.S., confirmed Monday that it has suffered a ransomware attack. The incident is disrupting its advertising operations, among other things, and spread to many of its owned TV affiliates over the weekend, knocking local broadcast feeds off the air. The cyberattack disrupted the company’s ...
- BlackByte ransomware decryptor released
October 18, 2021
A new form of malware found in a recent IT incident appears to have been inspired by other strains known to reap their operators’ huge financial rewards — but is likely the work of amateurs. Dubbed BlackByte and discovered by Trustwave, the Windows-based ransomware is considered “odd” due to some of the design and function decisions ...
- Case Study: From BazarLoader to Network Reconnaissance
October 18, 2021
BazarLoader is Windows-based malware spread through various methods involving email. These infections provide backdoor access that criminals use to determine whether the host is part of an Active Directory (AD) environment. If so, criminals deploy Cobalt Strike and perform reconnaissance to map the network. If the results indicate a high-value target, criminals attempt lateral movement ...

