#LawEnforcement

Fresh Qakbot Sightings Confirm Recent Takedown Was a Temporary Setback

by

December 19, 2023 at 06:22PM Qakbot malware has resurfaced, distributed through phishing emails targeting hospitality organizations. Microsoft, Zscaler, and Proofpoint reported sightings of a new 64-bit version using AES encryption. Despite a takedown in August, Qakbot’s operators continue distributing other malware. Lumu observed 1,581 attempted attacks in September, indicating the group’s resilience. The group’s continued … Read more

How the FBI seized BlackCat (ALPHV) ransomware’s servers

by

December 19, 2023 at 12:33PM The US Department of Justice seized the ALPHV/BlackCat ransomware operation’s websites and created a decryptor to assist around 500 affected companies in recovering their data for free. By utilizing a confidential human source, the FBI accessed the ransomware gang’s affiliate panel to obtain private decryption keys. This operation is the … Read more

FBI disrupts Blackcat ransomware operation, creates decryption tool

by

December 19, 2023 at 09:19AM The FBI successfully breached the ALPHV ransomware operation, obtaining decryption keys and monitoring the activities. Over 500 victims received free decryption keys. The FBI has seized the data leak site and created a free decryption tool. Affiliates are now contacting victims directly, and the operation may rebrand due to law … Read more

The Week in Ransomware – December 15th 2023 – Ransomware Drama

by

December 15, 2023 at 04:21PM Summary: Over the past two weeks, there have been notable developments in the ransomware landscape. The BlackCat/ALPHV drama continues, with affiliates reaching out to victims directly. The LockBit operation is exploiting this situation for recruitment. Various ransomware attacks and law enforcement actions have also been reported. Lastly, new ransomware variants … Read more

ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related

by

December 11, 2023 at 10:17AM A Dark Web leak site operated by the ransomware group APLHV/BlackCat was taken offline by law enforcement action on Dec. 7, confirmed by threat intelligence experts. BlackCat/ALPHV has listed over 650 companies on its site since November 2021. Law enforcement scrutiny has increased due to cyberattacks by BlackCat/ALPHV affiliates like … Read more

Kelvin Security hacking group leader arrested in Spain

by

December 11, 2023 at 09:34AM Spanish police have arrested a leader of the ‘Kelvin Security’ hacking group responsible for 300 cyberattacks in 90 countries since 2020. The group targeted government institutions and critical infrastructure, with notable breaches including Vodafone Italia and U.S. firm Frost & Sullivan. The arrest aims to uncover co-conspirators and data buyers. … Read more

Law Enforcement Reportedly Behind Takedown of BlackCat/Alphv Ransomware Website

by

December 11, 2023 at 05:54AM The BlackCat and Alphv ransomware group’s leak website has been offline for days, believed to be taken down by law enforcement. RedSense reports confirmation by BlackCat’s affiliates and other top-tier groups. The cybercriminals expect a restoration soon, with limited impact on their operation. BlackCat has been active and listed major … Read more

ALPHV/BlackCat Takedown Appears to Be Law Enforcement Related

by

December 8, 2023 at 08:10PM The Dark Web leak site operated by the ransomware group ALPHV/BlackCat was taken offline on Dec. 7, possibly due to law enforcement action. RedSense Intelligence confirmed the takedown on social media, but its verification is pending. The group has targeted over 650 companies. Law enforcement is under scrutiny for not … Read more

ALPHV ransomware site outage rumored to be caused by law enforcement

by

December 8, 2023 at 01:32PM Ransomware gang ALPHV’s websites have been down for over 30 hours, suggesting a potential law enforcement operation. Admin claims the sites may be back soon, but remain down. Speculation on FBI involvement arises. ALPHV is believed to be a rebrand of DarkSide and BlackMatter, known for targeting critical infrastructure globally. … Read more

That call center tech scammer could be a human trafficking victim

by

December 8, 2023 at 10:34AM Human trafficking for cyber scam call centers is expanding globally, beyond southeast Asia. Interpol’s Operation Storm Makers II revealed evidence of trafficking and abuse in South America and the Middle East. Victims are lured through fake job ads and subjected to various forms of abuse. The recent operation led to … Read more