Catalin Cimpanu reports: Twitter has suspended today two accounts operated by North Korean government hackers and used as part of a clever plot to attract security researchers to malicious sites and infect their systems with malware. The accounts —@lagal1990 and @shiftrows13— are part of a long-lived DPRK cyber-espionage campaign that began last year and specifically targets members…
Category: Malware
US Treasury said it tied $5.2 billion in BTC transactions to ransomware payments
Catalin Cimpanu reports: The financial crimes investigation unit of the US Treasury Department, also known as FinCEN, said today it identified approximately $5.2 billion in outgoing Bitcoin transactions potentially tied to ransomware payments. FinCEN officials said the figure was compiled by analyzing 2,184 Suspicious Activity Reports (SARs) filed by US financial institutions over the last…
US govt reveals three more ransomware attacks on water treatment plants this year
Catalin Cimpanu reports: Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. The attacks —which had been previously unreported— took place in March, July, and August and hit facilities in Nevada,…
Australia to tackle ransomware data breaches by deleting stolen files
Bill Toulas reports: Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan,” which is a set of new measures the country will adopt in an attempt to tackle the rising threat. […] To further strengthen the ability to conduct investigations and disrupt ransomware attacks, the government is looking to establish new…
Governments worldwide to crack down on ransomware payment channels
Sergiu Gatlan reports: Senior officials from more than 30 countries said that their governments would take action to disrupt the illicit cryptocurrency payment channels used by ransomware gangs to finance their operations. The joint statement was issued following the virtual Counter-Ransomware Initiative meetings facilitated this week by the White House National Security Council in response to ongoing…
Acer India hacked — again?
DataBreaches.net was contacted by DESORDEN, who are claiming that they successfully attacked Acer India and exfiltrated 60 GB of data (they also posted their claims on a popular hacking forum). As they have done in the past, they provided a video showing directories and folders on the server they claim to have accessed. They also…