Cybersecurity firm Symantec blocked a ransomware attack by a group known for demanding payment in Bitcoin (BTC) directed at 30 U.S.-based firms and Fortune 500 companies. The announcement published by the cybersecurity firm claims that the Evil Group, the malware gang behind the attacks, targeted the IT infrastructures of the firms. Still, the companies were alerted in time to prevent deployment of the ransomware. The group used the ransomware WastedLocker and managed to breach the security of the victims' networks and unsuccessfully attempted to laying the ground for staging the attacks. Gang asks for million-dollar payments Cointelegraph reported recently a …

A Russian national behind the cybercriminal enterprise Infraud Organization has pleaded guilty on June 26 to racketeering conspiracy, due to his role as a co-founder and admin of the dark web-based carding portal which generated profits over $568 million. According to the announcement made by the U.S. Department of Justice, or DOJ, 33-year-old Sergey Medvedev, also known under the pseudonyms “Stells,” “segmed,” and “serjbear,” claimed responsibility for his role in the organization created in October 2010 by a Ukraine national, Svyatoslav Bondarenko. Medvedev pleaded guilty before U.S. District Court Judge James C. Mahan in the District of Nevada. What is …

A mammoth global spying and data theft effort currently leaves web surfing citizens at risk, with several Bitcoin and crypto domains included in the mix, according to research from Awake Security. At the heart of the problem — a web domain registration company named CommuniGal Communication, or GalComm. "Of the 26,079 reachable domains registered through GalComm, 15,160 domains, or almost 60%, are malicious or suspicious," Awake wrote in a June 18 blog post. A list of sites at risk Although the nefarious movement uses several different methods, including malware, such activity has passed under the radar of popular security systems, …

A report from the Cyber Security Agency of Singapore, or CSA, shows that the number of ransomware attacks cases rose in 2019, compared to figures recorded in 2018. According to a “Cyber Landscape 2019” study published by the Singaporean government, the entity received 35 reports of ransomware incidents in 2019. This represents a surge compared to the 21 cases that reported in 2018. Most of the attacks targeted the travel, tourism, manufacturing, and logistics industries. Phishing attacks also rose in 2019 Phishing cases also saw a sharp increase. The agency discovered 47,500 related URLs in 2019 — up from 16,100 …

Two ransomware gangs reportedly attacked the electronics giant, LG, and Japanese multinational car manufacturer, Mitsubishi. The hackers are now threatening both companies with data leaks. Screenshots posted to the gang’s blog show several files, as well as source code from the attack. No official statement from LG yet As of press time, the electronics giant has not addressed the incident officially. A statement from the ransomware gang alleges that the hackers managed to steal over 40GB of source code from the manufacturer. However, Brett Callow, threat analyst and ransomware expert at malware lab Emsisoft, stated that the alleged proofs don’t …

On June 24, security experts from Palo Alto Networks’ Unit 42 warned about a new self-propagating malware that launches cryptojacking and DDoS attacks against Windows systems. The software operates under the name “Lucifer”. According to the study, Lucifer is a hybrid of cryptojacking and DDoS malware that leverages old vulnerabilities on the Windows platform. Vulnerabilities exploited After breaking the security infrastructure, attackers execute commands that release DDoS attacks. This allows them to install XMRig Miner, a well-known Monero (XMR) mining app, to launch cryptojacking attacks. Palo Alto Networks claims that a related Monero wallet has received 0.493527 XMR so far. …

The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery. Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000. Two days …

A cybercriminal group has allegedly stolen around $200 million from cryptocurrency exchanges over the past two years. In total, they are believed to have hit 10 - 20 victims across the United States, the Middle East, and Asia. According to research by the cybersecurity firm ClearSky, the gang named “CryptoCore,” known with other pseudonyms like “Dangerous Password” and “Leery Turtle,” has been actively targeting crypto firms since 2018 — specifically exchanges. Source: ClearSky They confirmed that CryptoCore stole $200 million from at least five victims, several of whom were located in Japan. Between 10-20 additional companies could be affected The …

A malware group called Evil Corp is reportedly back in action, having recently launched a new ransomware which asks its victims to pay a million dollar ransom. The group had previously gone quiet after the U.S. Department of Justice charged some of its members in December 2019. According to a report published on June 23 by the cybersecurity firm Fox-IT, a division of NCC Group, Evil Corp has been active since 2007 — the group is considered to be one of the biggest cybercrime teams on the internet. They are known for using the Dridex malware and BitPaymet ransomware. U.S. …

A study by cybersecurity vendor, Cyfirma, warned about a massive phishing campaign that will be launched by the North Korean hacker group, Lazarus, on June 21. The campaign will allegedly target six nations and over 5 million businesses and individuals. According to the report published on June 18, Lazarus will subject Singapore, Japan, India, the United Kingdom, South Korea, and the United States to a massive phishing campaign. Hackers will reportedly attempt to take advantage of people receiving payments established by several countries in an attempt to mitigate the COVID-19 crisis. A campaign to collect cryptocurrencies? Lazarus seems to be …

A study by risk solutions provider, Kroll, indicated that a group of hackers from Russia managed to file fraudulent unemployment claims with the Washington State Employment Security Department, or ESD, through a ransomware attack against a healthcare provider in the US. According to research published on June 17, the firm investigated browser history logs that the cybercriminals reportedly navigated to various Gmail accounts. They then activated two profiles on the ESD site using these email addresses. International organized cybercrime groups appearing in the scene The ransomware attack, launched on May 12, is a Mamba category exploit which uses full disk …

Blockchain cybersecurity firm Unbound Tech launched a new login solution meant to enable businesses to go passwordless. According to an announcement on June 17, Unbound Tech’s new identity solution removes the dependence on traditional authentication methods with a decentralized key management system. The system can also be used to access blockchain wallets. The system is meant to replace hardware tokens, software-powered one-time-passwords and standard passwords. According to the firm, the new solution can secure high-risk operations and authenticate transactions without security, usability or cost trade-offs. Unbound Tech CEO and co-founder Yehuda Lindell told Cointelegraph that there is need for such …