Updated Dec. 5, 20:30 UTC: This article has been updated to include comments provided by CyrusOne. Texas-based data center provider CyrusOne has reportedly fallen victim to an attack from REvil (Sodinokibi) ransomware, business tech-focused publication ZDNet reported on Dec. 5. One of the largest data centers in the United States, CyrusOne has reportedly been exposed to an attack by a variant of the REvil (Sodinokibi) ransomware, which previously hit a number of service providers, local governments and businesses in the country. The scope of the attack In an email to Cointelegraph, CyrusOne confirmed: “Six of our managed service customers, located …
The Finnish Population Register Centre is coordinating a simulated ransomware cyberattack on more than 200 Finnish cities and public organizations. On Nov. 22, Finnish news outlet Yle reported that participating cities and organizations are rehearsing how to respond when a group of hackers demands the participants pay ransomware during a series of simulated cyberattacks. As part of the operation, 235 public organizations were faced with an activist hacker group that threatened to carry out cyberattacks unless it was paid a ransom fee in Bitcoin (BTC) by a certain date. According to the organizers, the aim of the exercise is to …
The European Union Agency for Law Enforcement Cooperation (Europol) released its 2019 Internet Organized Crime Threat Assessment (IOCTA) report. Crypto exchanges continue to be a magnet for hackers On Oct. 9, Europol presented its IOCTA report of the cybercrime threat landscape. According to the EU-focused law-enforcement organization, cybercrime must be approached in a holistic sense, saying: “Countering cybercrime is as much about its present forms as it is about future projections. New threats do not only arise from new technologies but, as is often demonstrated, come from known vulnerabilities in existing technologies.” Europol's fifth edition of its IOCTA report paints …
German programmer Tobias Frömel (also known as “battleck”) has “hacked back” the perpetrators of the Muhstik ransomware who forced him to pay 0.09 Bitcoin (BTC) to recover access to his files. In a Bleeping Computer forum post on Oct. 7, Frömel revealed that he had hacked the attackers’ database, sharing almost 3,000 decryption keys and a free decryptor with fellow victims. Illegal but sweet revenge Bleeping Computer previously reported that publicly exposed QNAP NAS devices have been targeted by ransomware dubbed Muhstik. The attackers extorted a fixed “fee” of 0.09 Bitcoin — roughly $740 at publishing time — from victims …
Cybersecurity firm Emsisoft has released a solution for Bitcoin (BTC)-demanding ransomware WannaCryFake. Pay Bitcoin in return for your data In a Sept. 25 blog post, Emsisoft announced that they are releasing a new free fix for the WannaCryFake ransomware bug. The WannaCryFake is the next version of the WannaCry worm, a type of malicious software program that first began spreading across computer networks in May 2017. When a computer system is infected with the WannaCryFake worm, data is held hostage and a payment in Bitcoin will be requested to decrypt the files and release access to data. Emsisoft explains: “WannaCryFake …
Cybersecurity company McAfee Labs has released its August 2019 threat report, which notes an increase in cryptojacking campaigns and ransomware attacks in Q1 2019. Cryptojacking on the rise McAfee Labs posted their report on the company’s website on Aug. 28. According to the report, crypto jacking — installing and running a cryptocurrency miner without user permission — has been on the rise, with a 29% increase in crypto jacking campaigns in Q1 2019. Additionally, the company discovered new malware families for both Microsoft Windows and Apple users. One crypto jacking campaign they discovered was PsMiner — a crypto jacker for …
United States prosecutors have filed a complaint against now-defunct crypto exchange BTC-e and its suspected operator Alexander Vinnik, according to a document filed in the Northern District of California on July 25. Per the filing, the Financial Crimes Enforcement Network (FinCEN) determined civil penalties for BTC-e and Vinnik last year, who face fines of over $88 million and $12 million, respectively. The filing states outright that BTC-e and Vinnik did not attempt to register with FinCEN, implement Anti-Money Laundering practices, or report suspicious activity generally. Alleged money laundering and lack of regulation The filing also notes that BTC-e and Vinnik …
Tencent Yujian Threat Intelligence Center says that a Ryuk ransomware virus has been spotted in China. The intelligence center released information on the outbreak in a report on July 16. According to the report, Ryuk viruses are a family of malware aimed at infecting government and enterprise machines holding valuable data. According to the report, a Ryuk virus derives from the Hermes virus, with code that is directly modified off of the latter. As noted in the report, Ryuk is the name of a death spirit in the popular manga Death Note. As per its title, Ryuk possesses a notebook …
The city council of Riviera Beach, Florida has agreed to pay nearly $600,000 worth of Bitcoin (BTC) to regain access to data encrypted in a hacker attack, the New York Times reported on June 19. On May 29, the city experienced “a data security event” when a police department employee opened an allegedly infected email attachment, which eventually resulted in the online system breakdown. The hackers allegedly encrypted government records, blocking access to critical information and leaving the city without an ability to accept utility payments other than in person or by regular mail. A city spokeswoman, Rose Anne Brown …
United States-based blockchain intelligence firm Chainalysis claims that 64% of ransomware attack cash-out strategies involve the laundering of funds via cryptocurrency exchanges. The data was revealed in a Chainalysis webinar attended by Cointelegraph on May 30. A ransomware attack involves the infection of a target with malware and the demand of a ransom payment — frequently denominated in cryptocurrencies. The payment is demanded in return for the ostensible delivery of a decryptor tool that can help victims recover access to their data. Chainalysis — which provides blockchain analytics tools that enable firms, governments and law enforcement to monitor blockchain transactions …
An app that claims to give users the chance to earn $45 a day in free bitcoin (BTC) is a scam, according to a tweet by an “independent malware hunter” posted on May 20. The software, known as Bitcoin Collector, is advertised on a website that supposedly enables users to share a unique URL with their friends with payouts of 3 ether (ETH) (worth about $800 at press time) for every 1,000 people who click on it. But according to a security researcher who goes by the nickname Frost on Twitter, the app is a front for attempts to steal …
A global threat report has concluded that the three most common malware variants detected in April were crypto miners, according to a news release on May 14. Check Point Research said Cryptoloot, malware that uses the victim’s computing power to mine for crypto without their knowledge, was last month’s biggest threat. XMRig, open-source software which is used for mining monero (XMR), was in second place. Rounding off the top three was JSEcoin, a JavaScript miner embedded in websites. Despite their prevalence, the company’s researchers believe that criminals are shifting their focus away from crypto mining. Several popular services used to …