Lawrence Abrams reports: The LockBit ransomware operation has released ‘LockBit 3.0,’ introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. […] LeMagIT’s Valery Marchive discovered that the LockBit 3.0 operation is utilizing a new extortion model, allowing threat actors to buy data stolen during attacks. One of the…
Category: Malware
MO: Fitzgibbon Hospital hit by ransomware, sensitive data leaked
Although one of this year’s trends in cybercrime seems to be a return to the theft/extort model, some groups continue to encrypt victims’ files. On Saturday, DataBreaches received information pointing to an attack on Fitzgibbon Hospital in Missouri. The group claiming responsibility call themselves “Daixin Team.” It is not a name known to DataBreaches…
Ransomware Ransom Payments: A Geostrategic Risk
The following is a Google-translated statement addressing the significant and negative impact of ransom payments on the German economy and recommendations to reduce and eliminate the payment of ransoms. In the original German, “Lösegeldzahlungen bei Ransomware-Angriffen: ein geostrategisches Risiko” can be found at https://ransomletter.github.io/: Blackmail Trojans in the form of so-called ransomware have grown into…
Fake copyright infringement emails install LockBit ransomware
Bill Toulas reports: LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content…
Expensive week for Carnival Corp: a $1.25 million settlement with states over one breach, then a $5 million settlement with New York for violating state cybersecurity regulation
It seems this was the week for following up on Carnival Corporation breaches. Earlier this week, state attorneys general announced a $1.25 million multistate settlement with the cruise line over a 2019 data breach first disclosed in 2020. But there was other news concerning the cruise line this week, too. On Friday, the New York…
Conti ransomware finally shuts down data leak, negotiation sites
Lawrence Abrams reports: The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand. According to threat intel analyst Ido Cohen, Conti’s servers were shut down on Wednesday and BleepingComputer has confirmed they are still offline…