Victoria Kivilevich writes that even if REvil is gone, the trend is still to increasing ransomware attacks. In June 2021, the last month of REvil’s full-time activities, 205 victims were published on ransomware blogs and data leak sites. Meanwhile, in August 2021, a full month after the group’s disappearance, 248 victims were published on the…
Category: Commentaries and Analyses
In: IPO-bound unicorn MobiKwik under RBI scanner for data breach
Debangana Ghosh reports on an incident involving a claimed Mobikwik breach that this site covered a number of times. The alleged data breach of 3.5 million users at IPO-bound fintech unicorn MobiKwik is under RBI’s scanner. The company has submitted a forensic audit report detailing the data breach, the RBI said in response to a…
Governments turn tables on ransomware gang REvil by pushing it offline
Joseph Menn and Christopher Bing broke the news yesterday: The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official. …. “The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries,…
Why Not Hold Ransomware Attackers Hostage for a Change?
Mark Rasch writes about a fourth option for ransomware victims in terms of response: … what happens in the case where you are able to identify—either by name, location, computer, IP address, MAC address or otherwise—the individual(s) responsible for the ransomware, extortionware or electronic demand for payment? Right now, a ransomware victim has few options….
US Government warns of BlackMatter ransomware attacks against critical infrastructure
Graham Cluley writes: The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working…
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement
Catalin Cimpanu reports: The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that fellow ransomware gang REvil had its servers taken over by a coalition of law enforcement agencies. Approximately 107 BTC ($6.8 million) were moved earlier today, according to Omri Segev Moyal, CEO…