Catalin Cimpanu reports: A 30-year-old Moldovan man pleaded guilty on Friday for creating FastPOS, a strain of malware designed to infect computers processing payment card data from Point-of-Sale (POS) systems. Valerian Chiochiu, known in the hacking world as “Onassis” (after the Greek shipping magnate who married Jacqueline Kennedy), was part of the Infraud criminal organization….
Category: Malware
GandCrab ransomware operator arrested in Belarus
Ionut Ilascu reports: An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to an official release. Authorities were able to identify the individual in cooperation with law enforcement in Romania and the U.K. The cybercriminal’s identity has not been published but Office “K” of the Ministry of Internal Affairs in Belarus says that he…
After ransomware attack, legal services company Epiq faces California privacy lawsuit
Sara Merken reports: Lawyers for Epiq Systems Inc have removed a lawsuit to federal court that alleges the legal services provider failed to adequately protect personal information under California’s consumer privacy law. Read more on Reuters.
WV: Elkins Rehabilitation & Care Center notifies residents and employees of breach first discovered in February 2019
I know some people may think I’m being too harsh, but really — almost 1.5 years from detection to notifications to people of a breach? Their response in terms of preventing more incidents seems reasonable, but the gap to figure out that notification was needed and then whom to notify seems too long. What will…
Athens ISD paid $50k ransom to attackers
Mintie Betts reports: Athens ISD Board of Trustees has agreed to pay a $50,000 ransom for school data that was taken in a criminal ransomware attack. The attack targeted data stored on district servers, backup systems, and hundreds of computers. As a result, access to data has been blocked including teacher communications, student schedules, grades,…
Kaspersky finds Lazarus is now operating its own ransomware
Incident analysis by Kaspersky of two cases in Europe and Asia has uncovered that VHD ransomware – first discussed in public in spring 2020 – is owned and operated by Lazarus, a prominent APT group. The move by Lazarus to create and distribute ransomware signifies a change of strategy and indicates a willingness to engage in big game hunting…