Ravie Lakshmanan reports: Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt,…
Category: Malware
U.S. Joins International Action Against RedLine and META Infostealers; unseals charges against Maxim Rudometov (1)
AUSTIN, Texas – The Department of Justice joined the Netherlands, Belgium, Eurojust and other partners in announcing an international disruption effort against the current version of RedLine Infostealer, one of the most prevalent infostealers in the world that has targeted millions of victim computers, and the closely-related META Infostealer. The Justice Department, FBI, Naval Criminal…
Russia Tied to Ukrainian Military Recruit Malware Targeting
Mathew J. Schwartz reports: Potential Ukrainian military recruits are being targeted with malware and anti-mobilization messaging through legitimate Telegram channels. A report from Google’s Threat Intelligence Group attributes the “hybrid espionage and information operation” to a suspected Russian group, codenamed UNC5812, whose Telegram persona goes by the handle “Civil Defense.” Telegram remains a vital source of information…
Operation Magnus disrupts Redline and Meta infostealers
From Operation Magnus: On the 28th of October 2024 the Dutch National Police, working in close cooperation with the FBI and other partners of the international law enforcement task force Operation Magnus, disrupted operation of the Redline and Meta infostealers. Involved parties will be notified, and legal actions are underway. Watch their update and stay tuned!…
In legal first, Japan convicts man of abusing AI to generate ransomware
Malay Mail reports: A 25-year-old man has become the first person in Japan to be convicted for criminal activities involving generative AI. According to The Yomiuri Shimbun, the Tokyo District Court found Ryuki Hayashi guilty of creating a computer virus using interactive generative artificial intelligence. He was sentenced to three years in prison, suspended for four…
Update to Change Healthcare breach
From HHS OCR: “On October 22, 2024, Change Healthcare notified OCR that approximately 100 million individual notices have been sent regarding this breach. ” As DataBreaches mentioned this morning on Infosec.Exchange, is that 100 million an interim update and we should expect another update with even bigger numbers, or is 100 million the total number…