Tag Archive for: BILLION

Serious New Warning Issued for 1 Billion Google Chrome Users

/in


If you’re one of Chrome’s billion-plus desktop users, there’s a devious threat to your personal data and login credentials that’s now getting worse. Google has plans to fix it, but in the meantime you have just been warned to beware the risks…

Cookies get a bad press—these devilish little tracking files on your PC have a nasty habit of following you around the Internet, reporting back on your activity. Google’s long-delayed killing of such third-party trackers is now underway and long overdue.

But those tracking cookies have helpful little cousins, first-party cookies, that recognize your device as belonging to you, and log you back into accounts and websites as an accreditation shortcut—otherwise you’d spend your day logging in.

All very good—unless they’re stolen of course.

MORE FROM FORBESWhatsApp Deadline-10 Days To Accept New Terms Or Delete Your AccountBy Zak Doffman

“Many users across the web are victimized by cookie theft malware,” Google warns, “giving attackers access to their web accounts. Operators of Malware-as-a-Service (MaaS) frequently use social engineering to spread cookie theft malware.”

Google’s warning comes as part of a proposed update to its Chrome desktop browser to address this, acknowledging that while “fundamental to the modern web… due to their powerful utility, cookies are also a lucrative target for attackers.”

This is mainly a desktop challenge, and Google’s smart answer is to bind such cookies to the user’s device, rendering them useless if stolen absent access to that original device itself. “We’re prototyping a new web capability called Device Bound Session Credentials (DBSC) that will help keep users more secure against cookie theft… By binding authentication sessions to the device, DBSC aims to disrupt the cookie theft industry since exfiltrating these cookies will no longer have any value.”

Put Google’s new beta update to one side for now—take this as a warning to be aware of the risks and to keep those risks in mind—especially when logging into financial sites or enterprise systems belonging to the…

Source…

Ransomware Attack Payments Crossed $1.1 Billion in 2023

/in


Ransomware Attack Payments Crossed $1.1 Billion in 2023

After a slow 2022, ransomware attacks and their payments almost doubled in 2023, hitting $1.1 billion compared to 2022’s $567 million. Major institutions like hospitals, schools, and even government agencies were all victims of the rising number of cases.

Ransom payments considerably fell in 2022 compared to 2020 and 2021 when these miscreants had managed to make $905 million and $983 million respectively.

The year of 2022 brought a ray of hope. Fewer attacks and ransoms led us to believe that all the investments in high-tech security tools, better laws and improved practices of the cybersecurity industry were finally catching up.

And this is just an estimation of the amount lost in extortion. The cost of damages and productivity loss makes the overall impact of these attacks even more serious.

But all that changed when Chainanalysis, a crypto-tracing firm, released a report of the total attacks and income made by ransomware gangs in 2023. And now it’s assumed that the statistics of 2022 were just an anomaly, probably influenced by other geo-political factors like the Russia-Ukraine war or the government breaking down the Hive Operation.

If you keep 2022 aside, it’s clearly evident that cyberattacks have been continuously increasing since 2019.

The numbers aren’t all too surprising. Chainanalysis had warned in July 2023 that the rate at which ransomware attacks were happening (up until July), might break all previous records by the end of the year. And unfortunately, that’s what happened.

Who Were The Top Attacks In 2023?

Out of the thousands of malicious cybercrime gangs, the ones that stood out include Clop, LPHV/Blackcat, LockBit, Play, BlackBasta, Ransomhouse, Royal and Dark Angels

A pattern has also been observed in how these gangs make their money. For example, Phobos’s payments are comparatively lower but the frequency of their attacks is very high. On the other hand, Clop and Dark Angels take larger median payments but the frequency of these extortions is low.

However, according to the attack trends, cyber crimes are about to take a grave turn as these ransomware groups focus more on a “big-game hunting” strategy.

This means that every…

Source…

Big Game Hackers Smash $1 Billion Ransomware Barrier

/in


It has been reported that last year was the worst on record for cryptocurrency payments received by ransomware groups. According to the Chainalysis Crypto Crime Report for 2024, published on February 7, crypto-criminals have finally broken the elusive $1 billion in ransomware barrier for ransoms paid in a single year. Big game hackers played a significant role in beefing up the ransom demands, although they are not solely responsible for this watershed moment in the sad history of ransomware successes. This discovery by Chainalysis sheds light on what it means for the year ahead when it comes to this particular genre of cybercrime activity.

The $1 Billion Ransomware Payment Barrier Smashed In 2023

Blockchain analysts for Chainalysis tallied up the totals in paid ransoms using crypto-currency for 2023 and found it had broken the $1 billion barrier for the first time, reaching $1.1 billion. This compares to $567 million across 2022, a flagship year for law enforcement takedowns. The 2021 total is more comparable as it reached $983 million then. Indeed, the trend line for ransomware payments since 2019 is undoubtedly on an upward trajectory overall.

MORE FROM FORBESWarning As 26 Billion Records Leak: Dropbox, LinkedIn, Twitter NamedBy Davey Winder

Most worryingly, the Chainalysis report expects things to get worse, much worse. “The ransomware landscape is not only prolific but continually expanding, making it challenging to monitor every incident or trace all ransom payments made in cryptocurrencies,” it says, continuing, “It is important to recognize that our figures are conservative estimates, likely to increase as new ransomware addresses are discovered over time.” As to how much that readjustment might be, the totals for 2022 were eventually revised upward by 24.1%.

Ransomware On The Rise For 2024

Much of this upward trend for ransom payments has been driven by what is known as a big game hunting strategy. These big game hackers, perhaps best exemplified by the Cl0p ransomware group, choose bigger targets with average ransoms above $1 million. Although these groups carry out fewer attacks than…

Source…

Ransomware Payments Exceed $1 Billion in 2023, Hitting Record High After 2022 Decline

/in


Chainalysis got everyone’s attention with their new report. They write, in part:

2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022, which we forewarned in our Mid-Year Crime Update.

Ransomware payments in 2023 surpassed the $1 billion mark, the highest number ever observed. Although 2022 saw a decline in ransomware payment volume, the overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem. Keep in mind that this number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over $100 million.

The following figure from their report captures 2023 in terms of the number of different groups, the median ransom payment and frequency of payments per group.  A text description is provided in their report.

Source: Chainalysis

Read more at Chainalysis.

Source…