Risky Biz News reports: German and US authorities have seized a crypto-wallet service named Cryptonator on charges of money laundering and operating an unlicensed money service business. The service allowed individuals to set up crypto-wallet funds that could receive and send funds from and to any type of blockchain service, effectively operating as a “personal…
Category: Malware
Mandiant Uncovers Threat Group Behind Basta Ransomware
Akshaya Asokan reports: A newly identified financially motivated hacking group is deploying Basta ransomware as part of an ongoing extortion campaign that began early this year. Google Mandiant, which uncovered the campaign, tracks the group as UNC4393. Since Basta is not publically marketed and is available on invitation-only basis, Mandiant researchers believe UNC4393 is likely the “primary…
Ever More Toxic Ransomware Brands Breed Lone Wolf Operators
Mathew J. Schwartz reports: The downfall of previously high-flying ransomware operations Alphv and LockBit has shaken up the criminal underground, turning some former affiliates into lone operators and causing some under-the-radar groups to rack up record extortion payments. Ransomware incident response firm Coveware said in a report that 10% of all ransomware attacks it monitored…
OneBlood Target of Ransomware Event; Blood Community Rallies to Help as Urgent Call for Donors is Issued
From OneBlood: OneBlood, the not-for-profit blood center serving much of the southeastern United States is experiencing a ransomware event that is impacting its software system. OneBlood is working closely with cyber security specialists, and also federal, state and local agencies as part of their comprehensive response to the situation. “OneBlood takes the security of our…
RADAR and DISPOSSESSOR shift to R-a-a-S model
In April, Jim Walter of SentinelOne wrote an article about how some ransomware affiliates were teaming up with others to get paid if they had been cheated by previous partners. Perhaps the best-known recent example of this occurred after ALPHV allegedly secured a $22 million ransoms from Change Healthcare and then absconded with the money…
Northeast Rehabilitation Hospital Network’s “incident” was a ransomware attack with data leaked, but they haven’t said that.
Northeast Rehabilitation Hospital Network (“NRHN”) is a comprehensive network of physical rehabilitation services that includes four inpatient hospitals and 25+ outpatient rehabilitation clinics. It also provides pain management and specialized pediatric outpatient rehabilitation. On July 19, NRHN notified the U.S. Department of Health & Human Services (HHS) of a “hacking/IT incident” that affected 501 patients. The “501” is…