DataBreaches.Net – Page 1079

Babuk re-organizes as Payload Bin, offers its first leak

Posted on May 31, 2021 by Dissent

At the end of April, threat actors known as Babuk indicated that they were closing up shop and switching to a different model: Babuk changes direction, we no longer encrypt information on networks, we will get to you and take your data, we will notify you about it if you do not get in touch…

Claiming to be the “new generation,” threat actors declare, “No more discounts or long negotiations”

Posted on May 31, 2021 by Dissent

This week saw the emergence of a new group calling themself “Pay or Grief.” Or maybe they call themselves “Grief” or “Grief_List.” I really am not sure because they haven’t responded to simple questions like “What do we call you?” In any event, DataBreaches.net noted two of their attacks and now SuspectFile was able to…

How to Negotiate with Ransomware Hackers

Posted on May 31, 2021 by Dissent

Rachel Monroe has an interesting profile of a ransom negotiator in The New Yorker. But the piece also provides an answer to a puzzling claim in a blog post by REvil that referred to fraudulent middlemen. When the negotiator hired by a victim entered the chat, they discovered that someone had already been negotiating with…

Ethical disclosures are being ignored: an unchecked security crisis

Posted on May 31, 2021 by Dissent

Ron Nahamias, Cyberpion co-founder and CBO, has a piece in Security Magazine that includes a topic near and dear to my heart — companies that do not provide a way to notify them of a security breach, leak, or vulnerability. He writes, in part: Sometimes the burying of the head in the sand, even if…

Secret Chats Show How Cybergang Became a Ransomware Powerhouse

Posted on May 31, 2021 by Dissent

There’s an interesting piece by Andrew E. Kramer, Michael Schwirtz and Anton Troianovski in the New York Times: Secret Chats Show How Cybergang Became a Ransomware Powerhouse. The reporters obtained access to the internal dashboard that DarkSide customers used to organize and carry out ransom attacks and their piece provides some insights as to how DarkSide “support” dealt with…

CA: Azusa Police reveal ransomware attack in March

Posted on May 30, 2021 by chum1ng0

On March 17, the DoppelPaymer threat actors added Azusa Police Department in California to the leak site where they list ransomware victims who have refused to pay their ransom demands. On April 22, the threat actors increased the pressure on the department — or attempted to — by dumping some files as proof that they…