A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names.
The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, and individuals worldwide. It’s part of his “fight against an organized society of criminals known worldwide,” GangExposed told The Register via Signal chat. He claims that he’s not interested in the $10 million bounty that the Feds have put up for information about one key Conti leader that he’s already named, as well as a second that he says will soon be identified on Telegram.
Read more…
Source: The Register News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Expanding Range and Improving Speed: A RansomExx Approach
January 6, 2021
RansomExx, a ransomware variant responsible for several high-profile attacks in 2020, has shown signs of further development and unhampered activity. The most recently reported development involves the use of newer variants adapted for Linux servers that effectively expanded its range to more than Windows servers. Own monitoring efforts found RansomExx compromising companies in the United States, ...
- Cyberattacks on Healthcare Spike 45% Since November
January 5, 2021
As COVID-19 ravages international healthcare systems, cybercriminals have decided to leverage the increasingly dire circumstances to squeeze a few bucks out of the human suffering. According to new findings from Check Point Software, healthcare organizations have seen a 45-percent increase in cyberattacks since November, which is more than double other industry sectors, which a average 22-percent ...
- Italian mobile operator offers to replace SIM cards after massive data breach
January 5, 2021
Ho Mobile, an Italian mobile operator, owned by Vodafone, has confirmed a massive data breach on Monday and is now taking the rare step of offering to replace the SIM cards of all affected customers. The breach is believed to have impacted roughly 2.5 million customers. It first came to light last month on December 28 when ...
- ElectroRAT Drains Cryptocurrency Wallet Funds of Thousands
January 5, 2021
A new remote access tool (RAT) has been discovered being used in an extensive campaign. The attack has targeted cryptocurrency users in an attempt to collect their private keys and ultimately to drain their wallets. The never-before-seen RAT at the center of the campaign, which researchers dub ElectroRAT, is written in the Go programming language and ...
- Beware: PayPal phishing texts state your account is ‘limited’
January 3, 2021
A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which will put temporary restrictions on withdrawing, sending, or receiving money. Read ...
- Data breach broker selling 368.8 million user records stolen from 26 companies
December 31, 2020
A data breach broker is selling the allegedly stolen user records for twenty-six companies on a hacker forum, BleepingComputer has learned. When threat actors and hacking groups breach a company and steal their user databases, they commonly work with data breach brokers who market and sell the data for them. Brokers will then create posts on ...