As reported on dev.ua: In the Kyiv region, police detained a group of hackers who gained remote access to the devices of state bailiffs and private notaries and, for a fee, illegally removed encumbrances imposed on citizens’ property. According to the Cyber Police, four suspects, one of whom was a private contractor, set up a scheme…
Category: Malware
Dialysis firm DaVita hit by ransomware attack
Reuters reports: DaVita said on Monday it had become aware of a ransomware incident that has encrypted some elements of its network, prompting the dialysis firm to implement measures to limit the effect of the breach. The company discovered the cyberattack on Saturday, but added it “cannot estimate the duration or extent of the disruption…
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns
From Europol: Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025. In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet,…
When the victimizers become the victims…. RansomHub the victim of a takeover?
In February, RansomHub was described as the leading Ransomware-as-a-Service group and as a pervasive threat to critical sectors. Weeks later, Trend Micro analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware. RansomHub was clearly developing and making a significant impact in the ransomware ecosystem. But in the blink of an eye, it seemed,…
Unmasking EncryptHub: Help from ChatGPT & OPSEC blunders
KrakenLabs writes: This is the second part of Outpost24’s KrakenLabs investigation into EncryptHub, an up-and-coming cybercriminal who has been gaining popularity in recent months and is heavily expanding and evolving operations at the time of writing. We’ve already published one article explaining EncryptHub’s campaigns and TPPs, infrastructure, infection methods, and targets. This article will follow a different approach. We’ll…
16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected
In 2017, Dameron Hospital in Texas reported a breach to the California Attorney General’s Office. No copy of its breach notification was uploaded to California’s breach site, and Dameron did not respond to this site’s email asking for details of the breach. The incident never appeared on HHS’s public breach tool, so we never found…