It used to surprise me when a victim would claim that they had never received any ransom demand, but I am no longer totally suspicious or baffled. KGET reports: California City’s computer system has been down since around late May following a ransomware attack and an emergency meeting is scheduled tonight to discuss the issue,…
Author: Dissent
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Tyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce of FireEye report: Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be…
SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files
On April 25, UnitingCare Queensland (UCQ) was the victim of a ransomware attack that impacted multiple Queensland hospitals and aged care centres. The next day, they posted a notice on their web site informing people as to what was happening and its impact. And on May 5, they posted a second update where they revealed…
Russian National Convicted of Charges Relating to Kelihos Botnet
A federal jury in Connecticut convicted a Russian national on Tuesday for operating a “crypting” service used to conceal “Kelihos” malware from antivirus software, enabling hackers to systematically infect victim computers around the world with malicious software, including ransomware. According to court documents and evidence introduced at trial, Oleg Koshkin, 41, formerly of Estonia, operated…
Cl0p affiliated hackers exposed in Ukraine, $500 million in damages estimated
Vilius Petkauskas reports: Ukrainian police reported uncovering a group of hackers who used ransomware software to extort money from foreign businesses, mainly in the United States and South Korea. Authorities claim that hackers used Cl0p encryption software to decipher stolen data and demanded ransom for the access key. According to the police, suspects used double-extorsion,…
Alibaba Falls Victim to Chinese Web Crawler in Large Data Leak
Yang Jie and Liza Lin report: A Chinese software developer trawled Alibaba Group Holding Ltd. ’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information before Alibaba noticed the scraping, a Chinese court verdict said. The software developer began using web-crawling software he designed on Taobao’s site starting in November…