WASHINGTON – The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The…
Cybercrime forum advertises alleged database, source code from Russian firm that helped Parler
Tim Starks reports: A seller on a popular cybercrime forum appears to be offering up source code and a database they say belongs to DDoS-Guard, the Russia-based hosting site that helped right-leaning social media company Parler get back online after Amazon Web Services banished it. […] Security vendor Group-IB, which noticed the listing, said that while…
Anti-ransomware biz ExaGrid ‘paid $2.6m ransomware demand’
Chris Mellor reports: Computer storage supplier ExaGrid has attempted to downplay a report that it paid nearly $3m to criminals who infected its corporate network with ransomware. ExaGrid supplies backup disk storage equipment that features so-called retention time-lock technology with immutable deduplication objects. This is supposed to thwart ransomware attacks in which malware infects not just an…
UK: Police investigate ‘serious cyber attack’ at Brechin school
James Simpson reports: Police Scotland have launched an investigation after personal details of hundreds of Angus pupils were released during a cyber attack. Exam results and “pupils profiles” outlining learning difficulties and mental health issues of Brechin High School students were released in the breach. […] Documents containing emergency contact details for more than 1,800…
Jp: Fujifilm refuses to pay ransomware demand, restores network from backups
Robert Scammell reports: Japanese multinational conglomerate Fujifilm said it has refused to pay a ransom demand to the cyber gang that attacked its network in Japan last week and is instead relying on backups to restore operations. The company’s computer systems in the US, Europe, the Middle East and Africa are now “fully operational and…
New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions
Lawrence Abrams reports: The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC). The Evil Corp gang, also known as Indrik Spider and the Dridex gang, started as an affiliate for the ZeuS botnet. Over time,…