February 26, 2024 at 02:19PM LockBit, a ransomware gang, is reported to have resumed its activities following the takedown of its servers by law enforcement. A new leak site surfaced, listing alleged victims including the FBI and Georgia’s Fulton County. The gang has threatened to reveal confidential data and demanded a ransom from the county. … Read more
February 26, 2024 at 07:39AM Fake npm packages linked to North Korean state-sponsored actors were discovered on the Node.js repository, posing a software supply chain attack. The malicious packages, posing as legitimate ones, installed cryptocurrency and credential stealers. The attackers made efforts to conceal the code and made connections to North Korean threat actors. Vigilance … Read more
February 23, 2024 at 05:42PM Authorities believe that the ransomware group LockBit could have generated over $1 billion in ransom fees over its four-year lifespan. Analysis revealed around £100 million in cryptocurrency, with most payments coming from affiliates paid by victims. With over 2,000 victims, the actual sum extorted may be in the billions. LockBit’s … Read more
February 19, 2024 at 10:10AM Ukrainian national Mark Sokolovsky, 28, appeared in a US court after extradition from the Netherlands. He was arrested in March 2022 for operating the Raccoon Infostealer malware. Sokolovsky was indicted for distributing the malware globally, stealing login credentials, financial data, and leasing access to the malware for $200 monthly. The … Read more
February 16, 2024 at 09:45AM Cryptocurrency companies are targeted by a new Apple macOS backdoor called RustDoor, distributed as a Visual Studio update and used in targeted attacks. Its components include first-stage downloaders masquerading as job offering PDFs, Golang-based binaries, and leaky endpoint revealing infected victims’ details. Meanwhile, a South Korean IT organization affiliated with … Read more
February 14, 2024 at 11:22AM Hackers exploited a stolen private key to generate and steal 1.79 billion PLA tokens from PlayDapp, a blockchain platform for trading non-fungible tokens (NFTs) in games. PlayDapp took immediate measures, including offering a $1 million reward to recover the stolen assets. The attack, potentially by the “Lazarus Group,” resulted in … Read more
February 13, 2024 at 11:38AM Hackers exploited a stolen key to steal over $290 million in PLA tokens from the PlayDapp platform. PlayDapp immediately took action, transferring assets, offering a reward to the hacker, and eventually suspending trading. Elliptic reported the hackers’ movement of funds, and suspicions of the North Korean Lazarus Group’s involvement arose … Read more
February 9, 2024 at 04:09PM Ransomware payments soared in 2023, doubling compared to the previous year, exceeding $1 billion. Chainalysis found a total of $1.1 billion in cryptocurrency wallets used by cybercriminals to receive payments, a significant increase from $557 million in 2022. The report also highlighted an increase in ransomware attacks and the laundering … Read more
February 4, 2024 at 12:19PM Cybersecurity researchers have unearthed an advanced version of the HeadCrab malware, targeting Redis database servers worldwide. The threat actor behind it has doubled their infected servers, aiming to illicitly mine cryptocurrencies and execute malicious activities while evading detection. The evolving tactics underscore the urgency for enhanced security measures and vigilance … Read more
February 1, 2024 at 09:55AM The US Treasury’s Office of Foreign Assets Control (OFAC) sanctioned three individuals linked to ISIS. Egyptian nationals Mu’min Al-Mawji Mahmud Salim and Sarah Al-Sayyid established the Electronic Horizons Foundation, providing cybersecurity training for ISIS. Faruk Guzel from Turkey facilitated money transfers for the group. Sanctions aim to impede ISIS’s online … Read more