-
Police arrests ransomware affiliate behind high-profile attacks
Romanian law enforcement authorities arrested a ransomware affiliate suspected of hacking and stealing sensitive info from the networks of multiple high-profile companies worldwide, including a large Romanian IT company with clients from the retail, energy, and utilities sectors.
- December 13, 2021
- 07:51 AM
1
-
Alleged ransomware affiliate arrested for healthcare attacks
A 31-year old Canadian national has been charged in connection to ransomware attacks against organizations in the United States and Canada, a federal indictment unsealed today shows.
- December 07, 2021
- 03:37 PM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Yanluowang ransomware operation matures with experienced affiliates
An affiliate of the recently discovered Yanluowang ransomware operation is focusing its attacks on U.S. organizations in the financial sector using BazarLoader malware in the reconnaissance stage.
- November 30, 2021
- 06:56 AM
- 0
-
U.S. offers $10 million reward for leaders of REvil ransomware
The U.S. is offering up to $10 million for identifying or locating leaders in the REvil (Sodinokibi) ransomware operation, including $5 million leading to the arrest of affiliates.
- November 08, 2021
- 07:11 PM
- 2
-
REvil ransomware affiliates arrested in Romania and Kuwait
Romanian law enforcement authorities have arrested two suspects believed to be Sodinokibi/REvil ransomware affiliates, allegedly responsible for infecting thousands of victims.
- November 08, 2021
- 09:51 AM
- 1
-
Translated Conti ransomware playbook gives insight into attacks
Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation.
- September 02, 2021
- 05:10 PM
- 0
-
Angry Conti ransomware affiliate leaks gang's attack playbook
A disgruntled Conti affiliate has leaked the gang's training material when conducting attacks, including information about one of the ransomware's operators.
- August 05, 2021
- 02:29 PM
- 1
-
Watch out: These online casino emails never pay what they promise
Spammers are abusing affiliate programs to promote online casinos, such as Raging Bull Casino, Sports and Casino, Ducky Luck, and Royal Ace Casino, with misleading emails.
- June 05, 2021
- 10:45 AM
- 0
-
DarkSide ransomware will now vet targets after pipeline cyberattack
The DarkSide ransomware gang posted a new "press release" today stating that they are apolitical and will vet all targets before they are attacked.
- May 10, 2021
- 11:40 AM
- 4
-
GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims.
- March 09, 2021
- 10:07 AM
- 0
-
Ransomware is a multi-billion industry and it keeps growing
An analysis from global cybersecurity company Group-IB reveals that ransomware attacks more than doubled last year and increased in both scale and sophistication.
- March 04, 2021
- 07:34 AM
- 1
-
Dozens of ransomware gangs partner with hackers to extort victims
Ransomware-as-a-service (RaaS) crews are actively looking for affiliates to split profits obtained in outsourced ransomware attacks targeting high profile public and private organizations.
- November 16, 2020
- 02:36 PM
- 0
-
DarkSide ransomware is creating a secure data leak service in Iran
The DarkSide Ransomware operation claims they are creating a distributed storage system in Iran to store and leak data stolen from victims. To show they mean business, the ransomware gang has deposited $320 thousand on a hacker forum.
- November 13, 2020
- 03:00 AM
- 0
-
REvil ransomware deposits $1 million in hacker recruitment drive
The REvil Ransomware (Sodinokibi) operation has deposited $1 million in bitcoins on a Russian-speaking hacker forum to prove to potential affiliates that they mean business.
- September 28, 2020
- 01:30 AM
- 0
-
Dharma ransomware created a hacking toolkit to make cybercrime easy
The Dharma Ransomware-as-a-Service (RaaS) operation makes it easy for a wannabe cyber-criminal to get into the ransomware business by offering a toolkit that does almost everything for them.
- August 12, 2020
- 02:46 PM
- 0
-
Netwalker ransomware earned $25 million in just five months
The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee.
- August 03, 2020
- 12:21 PM
- 1
-
Rogue affiliates are running fake antivirus expiration scams
Rogue security software affiliates are sending emails that falsely tell recipients that their antivirus software is expiring and then prompt them to renew their license so that the affiliate can earn a commission from the sale.
- April 28, 2020
- 04:26 PM
- 1
-
GandCrab RaaS Was a Training Ground for Malware Distributors
GandCrab operators changed the ransomware business from the ground up, establishing a model that is embraced and continued by other cybercriminals.
- November 01, 2019
- 12:33 PM
- 0
-
Tools and Tactics of the Sodinokibi Ransomware Distributors
Using a network of honeypots, researchers from McAfee examined the tools and tactics used by the Sodinokibi Ransomware (REvil) affiliates to infect their victims with ransomware and compromise other machines on the network.
- October 21, 2019
- 12:01 AM
- 1
-
Sodinokibi Ransomware: Following the Affiliate Money Trail
After a Sodinokibi ransomware affiliate posted partial transaction IDs for ransomware payments, researchers were able to use that information to follow the money trail for affiliates and in some cases, how they spend their illicit earnings.
- October 14, 2019
- 12:01 AM
- 0
1
