Tag Archive for: Attempt

Russian-based LockBit ransomware hackers attempt a comeback | Cybercrime

/in


The LockBit ransomware gang is attempting a comeback days after its operations were severely disrupted by a coordinated international crackdown.

The Russian-based group has set up a new site on the dark web to advertise a small number of alleged victims and leak stolen data, as well as releasing a rambling statement explaining how it had been hobbled by the UK’s National Crime Agency, the FBI, Europol and other police agencies in operation last week.

The group said law enforcement had hacked its former darkweb site using a vulnerability in the PHP programming language, which is widely used to build websites.

“All other servers with backup blogs that did not have PHP installed are unaffected and will continue to give out data stolen from the attacked companies,” said the statement, which was published in English and Russian.

The statement also referred to “my personal negligence and irresponsibility”, declared an intention to vote for Donald Trump in the US presidential election and offered a job to whoever hacked LockBit’s main site.

LockbitSupp, the group’s administrator and presumed author of the statement, does not live in the US, according to law enforcement. The agencies involved in the LockBit operation have also added that “LockbitSupp has engaged with law enforcement”.

In a statement, the NCA said LockBit remains “completely compromised”. A spokesperson said: “We recognised LockBit would likely attempt to regroup and rebuild their systems. However, we have gathered a huge amount of intelligence about them and those associated to them, and our work to target and disrupt them continues.”

The US this month charged two Russian nationals with deploying Lockbit ransomware against companies and groups around the world. Police in Poland made an arrest, and in Ukraine police arrested a father and son they said carried out attacks using Lockbit’s malicious software.

The message on the new LockBit site also threatened to attack US government sites more often. Its revamped website, launched on Saturday, showed a number of purported hacking victims.

Rafe Pilling, director of threat research at the cybersecurity firm Secureworks, said the statement and website showed…

Source…

Ubisoft Thwarts Hacking Attempt Weeks After Insomniac Data Breach

/in


Ubisoft has apparently thwarted an attempted hack during which an individual gained access to the company’s systems for 48 hours. The company has said that it’s currently investigating the security breach, and a full statement will likely come after the holiday.

Ubisoft hack could have resulted in a theft of 900 GB of data

First reported by Bleeping Computer, Twitter user vx-underground posted screenshots that purportedly show an individual attempting to steal 900 GB of data from Ubisoft’s systems on December 20 — not long after a devastating ransomware attack on Insomniac Games. It’s unclear if the individual is affiliated with a group or was acting solo.

The hacker had access to Ubisoft’s systems for roughly 48 hours when the breach was detected and they were thrown out, seemingly unsuccessful in their attempt to lift the data.

Bleeping Computer reached out to Ubisoft who acknowledged reports of the infiltration. “We are aware of an alleged data security incident and are currently investigating,” the statement reads. “We don’t have more to share at this time.”

While Ubisoft managed to fight off the hacker, Insomniac Games wasn’t so lucky. The studio is still reeling from the impact of the ransomware attack, and is assessing the damage.

The post Ubisoft Thwarts Hacking Attempt Weeks After Insomniac Data Breach appeared first on PlayStation LifeStyle.

Source…

iPhone Hacking: Notice sent to Apple, CERT-In has started probe: IT Secretary on hacking attempt threat notification row

/in


iPhone Hacking: The government’s cybersecurity agency CERT-In has started its investigation into the issue of the Apple threat notification received by several opposition MPs, and a notice has been sent to the company, IT Secretary S Krishnan said on Thursday.

The move assumes significance as the Minister of State for Electronics and IT Rajeev Chandrasekhar had earlier this week said that the government wants Apple to clarify if its devices are secure and why ‘threat notifications’ were sent to people in over 150 countries, given the company’s repeated claims about its products being designed for privacy.

The government will investigate the threat notifications and also Apple’s claims of being secure and privacy-compliant devices, Chandrasekhar had penned in a post on X (formerly Twitter) on Tuesday, after several opposition leaders claimed ‘state-sponsored’ attack notification were sent to them from Apple and the government ordered a probe.

IT Minister Ashwini Vaishnaw has categorically rejected the opposition’s attack on the government, saying “compulsive critics” were indulging in the politics of “distraction”, as they could not tolerate the country’s progress under the PM’s Narendra Modi leadership.
On Thursday, S Krishnan, Secretary, IT Ministry confirmed that notice has been sent to Apple.

“CERT-In has started its probe… They (Apple) will cooperate in this probe,” Krishnan told reporters on the sidelines of an event related to the Meity-NSF research collaboration.

Indian Computer Emergency Response Team or CERT-In is the national nodal agency for responding to computer security incidents as and when they occur.

Asked if a notice has been sent to Apple, the IT Secretary answered in the affirmative. Apple did not reply to an email by PTI seeking comments on the notice.

Several opposition leaders on Tuesday claimed they have received an alert from Apple warning them of “state-sponsored attackers trying to remotely compromise” their iPhones and alleged hacking by the government.

Those who received such notifications included Congress chief Mallikarjun Kharge, party leaders Shashi Tharoor, Pawan Khera, K C Venugopal, Supriya Shrinate, T S Singhdeo and Bhupinder S Hooda; Trinamool…

Source…

Ransomware Gang Leaks Plastic Surgery Pics In Extortion Attempt

/in


A ransomware gang released what it says are nude patient photos as part of an effort to extort a Beverly Hills-based plastic surgeon.

The group, known as Hunters International, shared four sample photographs to its site on the dark web along with a post about the targeted doctor and his privacy policy.

“Patients of Mr. Schwartz’s clinics are top management of various organizations, bloggers, businessmen, influencers and other ‘not ordinary’ individuals,” the post said. “Mr. Schwartz charges $500 for the initial appointment. ‘As our patient, we want you to know that we respect the privacy of your personal medical information and will do all we can to secure and protect your privacy.’”

In a follow-up post, the group stated that it was preparing to release patient emails before calling on the surgeon to “contact us ASAP.”

The post also suggests that the hack could include more than 248,000 files in total. The clinic has offices in both Beverly Hills and Dubai,

The Daily Dot located what appears to be the website for the doctor in question but did not receive a response after reaching out for questioning. Examination of the doctor’s social media profiles do not mention the alleged hack.

As noted by Brett Callow, a threat analyst for the cybersecurity firm Emsisoft, the FBI cautioned just last week that cybercriminals are increasingly targeting plastic surgery clinics.

“The FBI is warning the public about cybercriminals who target plastic surgery offices, surgeons thereof, and patients to harvest personally identifiable information and sensitive medical records, to include sensitive photographs in some instances,” the FBI said. “Once successful, cybercriminals use social engineering techniques to enhance the harvested data and extort individuals for cryptocurrency.”

The alleged hack by Hunters International would not be the first such clinic to be extorted by ransomware gangs.

The cybercrime group ALPHV, commonly referred to as BlackCat, threatened in June to release photos from another clinic in Beverly Hills as well. And in late 2020, the cybercrime gang REvil similarly threatened to release patient photos after…

Source…