Catalin Cimpanu reports: The members of the Clop ransomware gang that were arrested last week in Ukraine as part of an international law enforcement action also operated money laundering services for multiple cybercrime groups. According to cryptocurrency exchange portal Binance, the group engaged in both cyber-attacks and “a high-risk exchanger” that laundered funds for the Clop ransomware…
Category: Malware
Westfield clerk, mayor battle over spyware installed on city hall computers
Richard Essex reports: Spyware was found on all of the computers in the Westfield clerk treasurer’s office, and now she and the mayor are battling in court about it. This particular software allows remote access to all the data stored in that office, which includes information for a dozen city bank accounts, and personal information…
City of Liege, Belgium hit by ransomware
Catalin Cimpanu reports: Liege, the third biggest city in Belgium, has suffered today a ransomware attack that has disrupted the municipality’s IT network and online services. Following the attack, most of the city’s civil status and population services are down, Liege officials said on a status page today. Read more on The Record.
Brazil medical firm Fleury hit by cyberattack
Jake Spring reports: Brazilian medical lab company Fleury SA (FLRY3.SA) said in a securities filing that a cyberattack had resulted in a partial outage of its information technology systems on Tuesday. Read more on Reuters. Update of June 27: REvil (Sodinokibi) ransomware operators have added Fleury to their leak site. The threat actors claim to have acquired…
LV Ransomware Group Repurposed REvil Binary, Researchers Find
Dennis Fisher reports: Researchers have discovered that the LV ransomware that has been in use since late 2020 is actually a modified version of the REvil ransomware binary that is being distributed by a separate threat group. An analysis of the LV ransomware binary by Secureworks Counter Threat Unit researchers shows that LV is a version of…
Personal information may have been leaked to the dark web after cyberattack on Tulsa’s computer system, officials warn
Aya Elamroussi and Chris Boyette report: Officials in Tulsa, Oklahoma, are warning residents their personal information may have been leaked to the dark web following a ransomware attack on the city last month. The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files, officials…