Ransom
New DroidLock malware locks Android devices and demands a ransom
A newly discovered Android malware dubbed DroidLock can lock victims’ screens for ransom and access text messages, call logs, contacts, audio recordings, or even erase data. DroidLLock allows its operator to take complete control of the device via the VNC sharing system and can steal the device lock pattern by placing an overlay on the […]
FBI warns of virtual kidnapping scams using altered social media photos
The FBI warns of criminals altering images shared on social media and using them as fake proof of life photos in virtual kidnapping ransom scams. This is part of a public service announcement published today about criminals contacting victims via text message, claiming to have kidnapped a family member and demanding ransom payments. However, as […]
Kraken ransomware benchmarks systems for optimal encryption choice
The Kraken ransomware, which targets Windows, Linux/VMware ESXi systems, is testing machines to check how fast it can encrypt data without overloading them. According to Cisco Talos researchers, Kraken’s feature is a rare capability that uses temporary files to choose between full and partial data encryption. The Kraken ransomware emerged at the begining of the […]
How a ransomware gang encrypted Nevada government’s systems
The State of Nevada has published an after-action report detailing how hackers breached its systems to deploy ransomware in August, and the actions taken to recover from the attack. The document is one of the few completely transparent technical report from a federal government in the U.S. on a cybersecurity incident, describing all the steps […]
Ransomware profits drop as victims stop paying hackers
The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers’ demands. With some exceptions, the decline in payment resolution rates continues the trend that Coveware has observed for the past six years. In the first quarter of 2024, the payment percentage was […]
Discord discloses data breach after hackers steal support tickets
Hackers stole partial payment information and personally identifiable data, including names and government-issued IDs, from some Discord users after compromising a third-party customer service provider. The attack occurred on September 20 and affected “a limited number of users” who interacted with Discord’s customer support and/or Trust and Safety teams. Discord was created as a communication […]
Malware devs abuse Anthropic’s Claude AI to build ransomware
Anthropic’s Claude Code large language model has been abused by threat actors who used it in data extortion campaigns and to develop ransomware packages. The company says that its tool has also been used in fraudulent North Korean IT worker schemes and to distribute lures for Contagious Interview campaigns, in Chinese APT campaigns, and by […]
IT system supplier cyberattack impacts 200 municipalities in Sweden
A cyberattack on Miljödata, an IT systems supplier for roughly 80% of Sweden’s municipal systems, has caused accessibility problems in more than 200 regions of the country. In addition to the service disruption, there are concerns that attackers also stole sensitive data. Local media report that the threat actor demanded a ransom of 1.5 (currently around $168,000) Bitcoins […]
UK to ban public sector orgs from paying ransomware gangs
The United Kingdom’s government is planning to ban public sector and critical infrastructure organizations from paying ransoms after ransomware attacks. The list of entities that would have to follow the new proposed legislation includes local councils, schools, and the publicly funded National Health Service (NHS). “Ransomware is estimated to cost the UK economy millions of […]
Police disrupt “Diskstation” ransomware gang attacking NAS devices
An international law enforcement action dismantled a Romanian ransomware gang known as ‘Diskstation,’ which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. The law enforcement operation codenamed ‘Operation Elicius’ was coordinated by Europol and also involved police forces in France and Romania. Diskstation is a ransomware operation that targets Synology […]