Joseph Menn and Christopher Bing broke the news yesterday: The ransomware group REvil was itself hacked and forced offline this week by a multi-country operation, according to three private sector cyber experts working with the United States and one former official. …. “The FBI, in conjunction with Cyber Command, the Secret Service and like-minded countries,…
Category: Commentaries and Analyses
Why Not Hold Ransomware Attackers Hostage for a Change?
Mark Rasch writes about a fourth option for ransomware victims in terms of response: … what happens in the case where you are able to identify—either by name, location, computer, IP address, MAC address or otherwise—the individual(s) responsible for the ransomware, extortionware or electronic demand for payment? Right now, a ransomware victim has few options….
US Government warns of BlackMatter ransomware attacks against critical infrastructure
Graham Cluley writes: The US Government has issued an alert to organisations about the threat posed by the BlackMatter ransomware group. The government’s Cybersecurity & Infrastructure Security Agency (better known as CISA) issued the advisory earlier this week, following a series of BlackMatter ransomware attacks since July 2021 targeting US critical infrastructure, including two American organisations working…
DarkSide ransomware gang moves some of its Bitcoin after REvil got hit by law enforcement
Catalin Cimpanu reports: The operators of the Darkside and BlackMatter ransomware strains have moved a large chunk of their Bitcoin reserves after news broke that fellow ransomware gang REvil had its servers taken over by a coalition of law enforcement agencies. Approximately 107 BTC ($6.8 million) were moved earlier today, according to Omri Segev Moyal, CEO…
FIN7 Recruits Talent For Push Into Ransomware
There’s a fascinating blog post out today by Gemini Advisory. Here are just the key findings to give you a sense of it all: The cybercriminal group FIN7 has been responsible for large-scale card theft campaigns, resulting in the exposure of over 20 million payment card records, as well as ransomware attacks. Gemini has discovered…
Indiana orthopedics practice becomes a victim of a ransomware attack
I hate to see medical entities become victims of ransomware attacks, but if they do, then I’m glad to see them promptly alert patients to any problems. Central Indiana Orthopedics is a positive example of prompt alerting. The following notice appears on their web site: IMPORTANT ANNOUNCEMENT: We regret to inform you that Central Indiana…