Extortion
Hunters International shifts from ransomware to pure data extortion
The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to data theft and extortion-only attacks. As threat intelligence firm Group-IB revealed this week, the cybercrime group remained active despite announcing on November 17, 2024, that it was shutting down due to declining profitability and increased government scrutiny. Since then, […]
RedCurl cyberspies create ransomware to encrypt Hyper-V servers
A threat actor named ‘RedCurl,’ known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. Previously, RedCurl was spotted by Group-IB targeting corporate entities worldwide, later expanding its operations and increasing the victim count. However, as Bitdefender Labs researchers report, the threat actors have started deploying ransomware […]
Fake BianLian ransom notes mailed to US CEOs in postal mail scam
Scammers are impersonating the BianLian ransomware gang in fake ransom notes sent to US companies via snail mail through the United States Postal Service. The fake ransom notes were first reported by Guidepoint Security today, with GeekFeed later being sent a scan of the note from a CEO who received the same letter. The envelopes for these […]
Hunters International ransomware claims attack on Tata Technologies
The Hunters International ransomware gang has claimed responsibility for a January cyberattack attack on Tata Technologies, stating they stole 1.4TB of data from the company. Tata Technologies provides engineering and digital solutions for manufacturing industries worldwide. Founded in 1989 and based in Pune, it operates in 27 countries with over 12,500 employees, specializing in automotive, aerospace, […]
Qilin ransomware claims attack at Lee Enterprises, leaks stolen data
The Qilin ransomware gang has claimed responsibility for the attack at Lee Enterprises that disrupted operations on February 3, leaking samples of data they claim was stolen from the company. The threat actors have now threatened to leak all the allegedly stolen data on March 5, 2025, unless a ransom demand is paid. Lee Enterprises is […]
Suspected Desorden hacker arrested for breaching 90 organizations
A suspected cyber criminal believed to have extorted companies under the name “DESORDEN Group” or “ALTDOS” has been arrested in Thailand for leaking the stolen data of over 90 organizations worldwide. The suspect was arrested in Bangkok through a law enforcement operation by the Royal Thai Police and the Singapore Police Force, with the help […]
Orange Group confirms breach after hacker leaks company documents
A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a leading French telecommunications operator and digital service provider. The threat actor published on a hacker forum details about the stolen data after trying to extort the company unsuccessfully. Orange confirmed the […]
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. The app falls under a group of malicious Android applications called “SpyLoan,” which pretend to be legitimate financial tools or loan services but […]
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named ‘Sarcoma’ has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. The cybercriminals have published samples of files allegedly stolen from the company’s systems during the attack and threaten to leak everything next week if a ransom is not paid. In a new listing […]
Ransomware payments fell by 35% in 2024, totalling $813,550,000
Payments to ransomware actors decreased 35% year-over-year in 2024, totaling $813.55 million, down from $1.25 billion recorded in 2023. Additionally, only about 30% of victims engaged in negotiations with ransomware actors ended up paying any ransom to them. These figures are reported by blockchain intelligence firm Chainalysis, underlining a significant decline in an otherwise record-breaking year for […]