ransomware

Employees of the Ministry of Internal Affairs of Russia, with the support of specialists from F. A. C. C. T., a Russian developer of technologies to combat cybercrime, identified and detained members of the criminal group of SugarLocker ransomware. The attackers worked under the guise of a...

The Netwalker group disappeared from the radar back in 2021, but researchers noticed suspicious similarities while studying other software. Experts have found disturbing links between the recent Alpha ransomware virus and the Netwalker criminal group, which was eliminated several years ago...

What does RansomHouse hackers have to do with creating a new malware? The RansomHouse group, known for its activities in the field of extortion using specialized programs, has developed a new malicious tool called "MrAgent". It is designed to automate the distribution of the data encryptor...

How did researchers from Seoul manage to solve the secret hacker cipher? Cybersecurity experts have discovered an implementation vulnerability in the Rhysida ransomware that allowed them to recover encryption keys and decrypt data blocked by the malware. The discovery was published by a team of...

The malware feels at home in other people's networks, not sparing the data of victims. Cybersecurity researchers have discovered a new variant of the Phobos ransomware family, called Faust. A report on the latest iteration of the virus was published by FortiGuard Labs researchers from Fortinet...

Which companies pay the buyout first and how much are they willing to pay? A new study by Dutch specialist Tom Moers from the University of Twente has identified factors that affect the likelihood that victims of ransomware will pay ransom to attackers. For the analysis, data from the Dutch...

Southern Water's actions will show how reliable the updated cryptographer is. A major British firm, Southern Water, responsible for water supply and sanitation in the south of England, including the counties of Hampshire, the Isle of Wight, West and East Sussex, as well as parts of Kent, was...

75% of organizations have been affected by at least one ransomware attack in the last 12 months. According to Veeam's Data Protection Trends report, three-quarters (75%) of organizations were affected by at least one ransomware attack in the past year. A survey was conducted among managers and...

CISA warns of a new threat after publishing an exploit to an old vulnerability. Researchers report a serious threat: criminals involved in the distribution of ransomware viruses have obtained a working exploit for a vulnerability in the Microsoft SharePoint system. This bug, which is almost a...

Участники угроз, связанные с программой-вымогателем Medusa, активизировали свою деятельность после запуска в феврале 2023 года специального сайта по утечке данных в dark web для публикации конфиденциальных данных жертв, которые не желают соглашаться с их требованиями. "В рамках своей стратегии...

The Royal and Akira victims were subjected to repeated extortion attacks from a benevolent security researcher. The Arctic Wolf Labs team has discovered a new fraud scheme targeting victims of ransomware. According to Arctic Wolf, those affected by the actions of the Royal and Akira groups were...

Cisco Talos выпустила дешифратор для версии Babuk-вымогателя Tortilla, позволяющий жертвам, на которые нацелено вредоносное ПО, восстановить доступ к своим файлам. Компания по кибербезопасности заявила, что разведданные об угрозах, которыми она поделилась с правоохранительными органами...

All affected users can restore their data without paying a ransom. Specialists of the Cisco Talos division, together with the Dutch police, have made significant progress in the fight against cybercrime, providing decryption of a variation of the Babuk ransomware virus, known as Tortilla. This...

Experts attribute this activity to the termination of QakBot in August. Trend Micro has recorded an active distribution of the PikaBot malware by the Water Curupira group. Operations began in the first quarter of 2023 and continued until the end of June, before resuming in September. PikaBot...

Four cybercriminals in China were arrested for developing and using ChatGPT ransomware, marking the first such case in the country. And this despite the fact that the popular chatbot from OpenAI is not officially available in China, and Beijing is tightening measures against foreign AI. The...

Despite all its shortcomings, the tool allows you to restore the most valuable files without paying a ransom. Security Research Labs (SRLabs) specialists have created a decryptor that exploits a vulnerability in the encryption algorithm of the Black Basta ransomware program and allows victims...

Will hackers fulfill their conditions if you pay them $ 50? Patients at Integris Health in Oklahoma are receiving blackmail emails saying that their data was stolen in a cyberattack on the health care network, and if they do not pay the ransom, the data will be sold to other cybercriminals...

The company's shares are falling, but the employees themselves are optimistic. Indian IT company HCL Technologies informed local regulators about the cyberattack that occurred on December 20. In its appeal to the National Stock Exchange of India, the company notified about the case of...

The international operation helped the victims save $68 million, and the group's competitors attract new customers. The US Department of Justice announced the successful penetration of the FBI into the infrastructure of the ALPHV ransomware group (BlackCat). The operation allowed agents to...

Paris police have arrested a Russian citizen on charges of involvement in the Hive ransomware hacker group. He was found to have more than 570,000 euros in various cryptocurrencies. Hive encrypts the data of infected computers, and hackers extort funds in cryptocurrencies for decrypting the...