BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks Germany's Federal Criminal Police Office (BKA) identified the REvil affiliate known as "UNKN" as 31-year-old Daniil Maksimovich Shchukin and added alleged developer Anatoly Sergeevitsch Kravchuk to its wanted list, linking them to a string of high-impact ransomware attacks. The BKA said the suspects are tied to 130 attacks in Germany causing...

Germany’s BKA identifies REvil leader “UNKN” as Daniil Maksimovich Shchukin and adds Anatoly Kravchuk to its wanted list. Linked to 130 ransomware attacks with €35.4M in damages, tied to REvil/GandCrab campaigns. #Germany #RansomwareGang

Yanluowang Access Broker Gets 81 Months in Prison  A Russian national has been sentenced to 81 months in prison for acting as an initial access broker for Yanluowang ransomware attacks, in a case that highlights how criminal access markets fuel major extortion campaigns . Prosecutors said the defendant targeted at least eight U.S. companies, sold stolen access to ransomware operators, and helped enable ransom demands that ranged from hundreds of thousands of dollars to millions.  Aleksey Olegovich Volkov, also known online as “chubaka.kor” and “nets,” pleaded guilty in November and admitted to hacking into corporate networks, stealing data, and passing that access along to the Yanluowang ransomware-as-a-service group . According to the report, the gang encrypted victims’ data, demanded payment in cryptocurrency, and shared the proceeds among participants.  The investigation was built from a wide set of digital evidence, including chat logs, stolen files, victims’ credentials, and records recovered after the FBI seized a server linked to the ransomware operation. Investigators also traced Volkov through Apple iCloud data, cryptocurrency exchange records, social media accounts, and other identifiers tied to his passport and phone number.  Court records showed that Volkov negotiated a share of ransom proceeds in exchange for delivering access to victim networks, and the FBI said his cut of collected ransoms reached $1.5 million. Prosecutors also noted that a screenshot recovered from his Apple account suggested a possible additional connection to the LockBit ransomware gang.  Volkov was extradited to the United States after being arrested in Italy in January 2024, and he now must pay more than $9 million in restitution to victims . The Justice Department said he agreed to cover at least $9,167,198.19 in losses and forfeit equipment used in the crimes, underscoring the financial damage caused by ransomware support roles beyond the attackers who deploy the malware .

Yanluowang Access Broker Gets 81 Months in Prison #DataBreach #RansomwareGang #RussianCitizen

Ransomware gang uses ISPsystem VMs for stealthy payload delivery control panels for hosting companies read more about Ransomware gang uses ISPsystem VMs for stealthy payload delivery

Ransomware gang uses ISPsystem VMs for stealthy payload delivery reconbee.com/ransomware-g...

#ransomware #ransomwaregang #ISPsystem #VM #payload #cybersecurity #cyberattacks

Ukrainian Hacker Admits Nefilim Role
Read More: buff.ly/ayTvXF3

#NefilimRansomware #RansomwareGang #CyberCrimeProsecution #Extradition #InfosecLaw #ThreatActors

Ransomware gangs turn to Shanya EXE packer to hide EDR killers Shanya their harmful payloads, and the service uses encryption read more about Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Ransomware gangs turn to Shanya EXE packer to hide EDR killers reconbee.com/ransomware-g...

#ransomwareattack #ransomwaregang #ransomwaregroup #shanyaEXE #EDR #cyberattack

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks Akira ransomware operations read more about Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks reconbee.com/russian-rans...

#russian #ransomwaregroup #RansomwareGang #opensource #AdaptixC2 #cyberattack

Royal and BlackSuit ransomware gangs hit over 450 US companies ransomware scams employed double-extortion techniques read more about Royal and BlackSuit ransomware gangs hit over 450 US companies

Royal and BlackSuit ransomware gangs hit over 450 US companies reconbee.com/royal-and-bl...

#Royalransomware #Blacksuitransomware #ransomwaregang #Unitedstates #departmentofhomelandsecurity

Weak Password Let Ransomware Gang Destroy 158-Year-Old Company
potatosecuritynews.com/weak-passwor...

#Infosec #Security #Potatosecurity #CeptBiro #WeakPassword #RansomwareGang

Weak Password Let Ransomware Gang Destroy 158-Year-Old Company A single compromised password brought down KNP Logistics, putting 730 employees out of work and highlighting the devastating impact of cyber attacks on British businesses.

Weak Password Let Ransomware Gang Destroy 158-Year-Old Company
cybersecuritynews.com/weak-passwor...

#Infosec #Security #Cybersecurity #CeptBiro #WeakPassword #RansomwareGang

Fake KeePass password manager leads to ESXi ransomware attack which can subsequently be stolen via the beacon read more about Fake KeePass password manager leads to ESXi ransomware attack

Fake KeePass password manager leads to ESXi ransomware attack reconbee.com/fake-keepass...

#keepasspasswordmanager #ESXi #ransomwareattack #ransomware #ransomwaregang

Ransomware gangs increasingly use Skitnet post-exploitation malware target system to initiate the Skitnet infection read more about Ransomware gangs increasingly use Skitnet post-exploitation malware

Ransomware gangs increasingly use Skitnet post-exploitation malware reconbee.com/ransomware-g...

#ransomware #ransomwaregang #skitnetpost #malware #malwareattack #ransomwareattack

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion Prophet Spider and Gold Melody read more about ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion reconbee.com/toymaker-use...

#Toymaker #LAGTOY #CACTUS #ransomwaregang #doubleextortion #ransomwareattack #cyberattacks

Ransomware gang creates tool to automate VPN brute-force attacks The Black Basta ransomware operation created an automated brute-forcing framework dubbed 'BRUTED' to breach edge networking devices like firewalls and VPNs.

Ransomware gang creates tool to automate VPN brute-force attacks
www.bleepingcomputer.com/news/securit...

#Infosec #Security #Cybersecurity #CeptBiro #RansomwareGang #Tool #Automate #VPN #BruteForceAttacks

Ransomware gang encrypted network from a webcam to bypass EDR the password or using credentials that were obtained read more about Ransomware gang encrypted network from a webcam to bypass EDR

Ransomware gang encrypted network from a webcam to bypass EDR reconbee.com/ransomware-g...

#ransomware #ransomwareattack #ransomwaregang #EDR #cyberattack #webcam

Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks Paragon Partition Manager is not installed read more about Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks

Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks reconbee.com/ransomware-g...

#Ransomware #ransomwareattack #BYOVDattacks #paragonpartitionmanager #ransomwaregang

Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach The Brain Cipher ransomware gang has begun to leak documents stolen in an attack on Rhode Island's "RIBridges" social services platform.

Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach
www.bleepingcomputer.com/news/securit...

#Infosec #Security #Cybersecurity #CeptBiro #RansomwareGang #LeaksData #RhodeIsland #RIBridges #Breach

Black Basta ransomware gang hit BT Group BT Group (formerly British Telecom)'s Conferencing division shut down some of its servers following a Black Basta ransomware attack.

Black Basta ransomware gang hit BT Group
securityaffairs.com/171668/break...

#Infosec #Security #Cybersecurity #CeptBiro #BlackBasta #RansomwareGang #BTGroup

SafePay ransomware gang claims attack on UK's Microlise Fledgling band of crooks says it stole 1.2 TB of data

SafePay ransomware gang claims Microlise attack that disrupted prison van tracking
www.theregister.com/2024/11/22/s...
#Infosec #Security #Cybersecurity #CeptBiro #SafePay #RansomwareGang #MicroliseAttack #PrisonVanTracking

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president.

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office
securityaffairs.com/171257/data-...
#Infosec #Security #Cybersecurity #CeptBiro #Ransomhub #RansomwareGang #MexicanGovernment #LegalAffairsOffice

NoName ransomware gang deploying RansomHub malware in recent attacks The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomH...

NoName ransomware gang deploying RansomHub malware in recent attacks
www.bleepingcomputer.com/news/securit...
#Infosec #Security #Cybersecurity #CeptBiro #NoName #RansomwareGang #RansomHub #Malware

Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor The LockBit ransomware gang leaks data allegedly stolen from government contractor Tyler Technologies.

Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor
www.securityweek.com/ransomware-g...
#Infosec #Security #Cybersecurity #CeptBiro #RansomwareGang #LeaksData #GovernmentContractor

Ransomware gang starts leaking alleged stolen Change Healthcare data The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion pro...

Ransomware gang starts leaking alleged stolen Change Healthcare data
www.bleepingcomputer.com/news/securit...
#Infosec #Security #Cybersecurity #CeptBiro #RansomwareGang #Leak #HealthcareData

Ransomware gang leaks UK city council’s confidential files INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs

Ransomware gang did steal residents' confidential data, UK city council admits
www.theregister.com/2024/04/04/r...
#Infosec #Security #Cybersecurity #CeptBiro #RansomwareGang #ConfidentialData #UKcityCouncil

BlackCat Ransomware Gang Suspected of Pulling Exit Scam The BlackCat ransomware gang announces shutdown as an affiliate accuses theft of $22 million ransom payment.

BlackCat Ransomware Gang Suspected of Pulling Exit Scam
www.securityweek.com/blackcat-ran...
#Infosec #Security #Cybersecurity #CeptBiro #BlackCat #RansomwareGang

Optum Confirms BlackCat Behind Change Healthcare Cyberattack Change Healthcare has confirmed that it has been targeted by a cybercrime threat actor known as Blackcat.

BlackCat Ransomware Gang Behind Change Healthcare Cyberattack, Optum Confirms
thecyberexpress.com/blackcat-beh...
#Infosec #Security #Cybersecurity #CeptBiro #BlackCat #RansomwareGang #Healthcare #Cyberattack #Optum

BlackCat Ransomware Gang Claims Attack on Change Healthcare The Alphv/BlackCat ransomware gang says 6 terabytes of data were stolen from healthcare technology firm Change Healthcare.

BlackCat Ransomware Gang Claims Attack on Change Healthcare
www.securityweek.com/blackcat-ran...
#Infosec #Security #Cybersecurity #CeptBiro #BlackCat #RansomwareGang #Healthcare

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric.

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric
securityaffairs.com/159353/hacki...
#Infosec #Security #Cybersecurity #CeptBiro #Cactus #RansomwareGang #EnergyManagement #IndustrialAutomationFirm #SchneiderElectric

LockBit Ransomware Gang Domains Seized in Global Operation Follow us on Twitter (X) @Hackread - Facebook @ /Hackread

LockBit Ransomware Gang Domains Seized in Global Operation
www.hackread.com/8-lockbit-ra...
#Infosec #Security #Cybersecurity #CeptBiro #LockBit #RansomwareGang

LockBit Ransomware Gang Targets American Boots Icon Original Footwear Original Footwear, a popular American boots maker catering to law enforcement, military, and other professionals, found itself in the spotlight

LockBit Ransomware Gang Targets American Boots Icon Original Footwear
thecyberexpress.com/original-foo...
#Infosec #Security #Cybersecurity #CeptBiro #LockBit #RansomwareGang