US sanctions crypto exchanges used by Russian ransomware gangs

September 26, 2024 at 11:52AM The U.S. Treasury Department sanctioned Cryptex and PM2BTC, accusing them of laundering funds for Russian ransomware groups and cybercrime. The exchanges allegedly facilitated transactions for threat actors and failed to maintain anti-money laundering measures. These actions are part of a broader international effort to disrupt Russian cybercrime networks. U.S. citizens … Read more

Russian ransomware gangs account for 69% of all ransom proceeds

July 26, 2024 at 10:30AM Russian-speaking threat actors accounted for over two-thirds, surpassing $500 million, of all ransomware crypto proceeds in the previous year, according to TRM Labs. North Korea leads in cryptocurrency theft, with Asia leading in scams and fraud. Russians dominate in malicious crypto activities, encompassing cybercrime, illicit exchanges, and darknet markets. From … Read more

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers

May 15, 2024 at 11:21AM Recorded Future warned of a malicious campaign leveraging a genuine GitHub profile to distribute malware such as Atomic macOS Stealer, Vidar, and Octo. Russian-speaking threat actors operating in the Commonwealth of Independent States were implicated. The campaign used a singular command-and-control infrastructure and impersonated legitimate applications. Organizations were urged to … Read more

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

February 21, 2024 at 01:15AM A recently discovered influence operation targeted Ukraine, using spam emails to spread war-related disinformation. Slovak cybersecurity company ESET linked the activity to Russia-aligned threat actors, uncovering spear-phishing campaigns and disinformation emails with PDF attachments. The campaign, named Operation Texonto, sent messages to Ukrainian government, energy companies, and individuals, while also … Read more