RaaS Archives - Cyber Security Minute

Global Law Enforcement Disrupts LockBit Ransomware Gang

Issued by: Dark Reading

Global law-enforcement authorities including the FBI have disrupted the activities of the formidable LockBit ransomware gang, taking control of its platform and seizing data associated with its global ransomware-as-a-service (RaaS) operation. Information obtained by the operation — called Operation Cronos — includes source code, details of ransomware victims, stolen data, decryption keys, and the amount…

Malware & Threats

BlackCat Ransomware ‘Unseizing’ a Dark Web Stunt

Issued by: DataBreach Today

The BlackCat ransomware-as-a-service operation’s putative “unseizing” of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Monday. The stunt was a “tactical error” that could alienate affiliates. U.S. authorities as part of an international law enforcement operation announced Monday morning that they…

Malware & Threats

Ransomware Mastermind Uncovered After Oversharing on Dark Web

Issued by: Dark Reading

When researchers responded to an ad to join up with a ransomware-as-a-service (RaaS) operation, they wound up in a cybercriminal job interview with one of the most active threat actors in the affiliate business, who turns out to be behind at least five different strains of ransomware. Meet “farnetwork,” who was unmasked after giving over…

Malware & Threats

FBI, CISA Issue Joint Warning on ‘Snatch’ Ransomware-as-a-Service

Issued by: Dark Reading

Cybersecurity advisories from the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) are usually a good indication that a particular threat merits priority attention from organizations in the crosshairs. That would appear to be the case with “Snatch,” a ransomware-as-a-service (RaaS) operation that has been active since at least 2018 and is the…

Malware & Threats

Why Criminals Keep Reusing Leaked Ransomware Builders

Issued by: DataBreach Today

When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware. Blame a variety of factors, including law enforcement crackdowns on big-name brands, evolving ransomware business models and at least one case of a ransomware group leader with poor people…

Malware & Threats

Clop ransomware dominates ransomware space after MOVEit exploit campaign

Issued by: CSO Online

The number of ransomware attacks in July rose over 150% compared to last year and the actors behind the Clop ransomware were responsible for over a third of them. The gang took the lead from LockBit as the top ransomware threat after exploiting a zero-day vulnerability in a managed file transfer (MFT) application called MOVEit…

Malware & Threats

Alleged Babuk Ransomware Hacker ‘Wazawaka’ Indicted in US

Issued by: DataBreach Today

A Russian man the U.S. federal government says has been a key actor in Russian ransomware hacking faces indictment in two American jurisdictions, economic sanctions and a $10 million reward for information leading to his arrest. The man, Mikhail Matveev, 31, aka Wazawaka, was a central figure of the Babuk ransomware-as-a-service gang. Babuk became inactive…

News

RA Ransomware Group Emerges With Custom Spin on Babuk

Issued by: Dark Reading

A newly discovered ransomware gang dubbed RA Group is ramping up its cyberattacks — the latest in a line of threat actors leveraging the leaked Babuk source code. The group distinguishes itself from the rest of the Babuk pack, however, with a highly customized approach. According to an analysis from Cisco Talos this week, RA…

Malware & Threats

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Issued by: The Hacker News

Cybersecurity researchers have detailed the tactics of a “rising” cybercriminal gang called “Read The Manual” (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. “The ‘Read The Manual’ Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang’s…

News

BlackCat Leaking Patient Data and Photos Stolen in Attack

Issued by: DataBreach Today

Russian-speaking ransomware gang BlackCat is leaking data stolen from a Pennsylvania-based healthcare group, including photos of breast cancer patients. On Saturday, the ransomware group posted on its dark leak site a message taunting Lehigh Valley Health Network. “We have been in your network a long time and have had time to study your business,” the…