Tag: Gang | SpinSafe

Police apprehend global cyber gang implicated in large-scale fraud

April 18, 2024/in Internet Security

The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.

The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.

Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.

In light of this story, the cybersecurity community has been positive in hearing this news:

Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement.

“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.

“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies.

“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.

“One area of particular concern is the increasing tendency to see…

Source…

D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim

March 17, 2024/in Internet Security

D#NUT ransomware gang claims Ready or Not dev Void Interactive as a victim

The developer of a SWAT-based first-person shooter has allegedly lost four terabytes of data including source code to a ransomware attack.

The D#NUT ransomware gang is claiming to have successfully exfiltrated four terabytes of data from Void Interactive, the developer of popular tactical shooter Ready or Not.

“voidinteractive.net you are welcome in our chat,” D#NUT declared on its dark net leak site on March 14.

“You has been pwned. All data related Ready Or Not will be posted here if u will keep silent. We got 4Tb of source code and game related data.”

The gang do not appear to be native English speakers.

“Send us a message via for on that blog as soon as possible. We will provide more profs (list of exfiltrated files).”

To add proof to its claim, the gang shared a link to the Imgur image-hosting site, and a screenshot of a list of various builds of the game in what appears to be a dev environment. More than 20 distinct builds are listed, for both PC and consoles, as well as various performance test builds.

The screenshot appears to be authentic.

D#NUT – whose leak site features a lurid illustration of the gang’s namesake – is a relatively small ransomware operation. Since it was first observed by threat tracker FalconFeeds.io in April 2023, the gang has claimed ten victims, with Void Interactive being the latest. Half of its victims have been North American organisations, with the rest spread across Europe and the UK.

However, the authenticity of the gang’s claims has been questioned by some observers. On February 5 the gang claimed to have successfully hacked the US Department of Defense, stealing documents related to a host of contractors, but one security analyst poured cold water on the claim.

“I would approach this claimed ‘breach’ by donut ransomware with caution and scepticism,” the X account CyberKnow posted on the same day.

“All the claimed US defence contractor victims have been posted to leak sites in the past year or two.”

There are some earlier incidents that D#NUT has taken responsibility for, while in…

Source…

‘Click Here’ podcast interviews self-proclaimed leader of ransomware gang in Fulton County cyberattack – WABE

March 15, 2024/in Internet Security

“Click Here” podcast host Dina Temple-Raston recently interviewed the self-proclaimed leader of the LockBit ransomware, which has been operating for a few years.

The leader, LockBit Supp, is reportedly behind the recent Fulton County cyberattack.

On Friday’s edition of “Closer Look,” Temple-Raston talked with the show host Rose Scott about how her team got LockBitSupp’s contact information and what he revealed during their discussion.

Source…

UnitedHealth Group Confirms ALPHV Ransomware Gang Is Behind Attack

March 1, 2024/in Internet Security

Insurance giant UnitedHealth Group is officially blaming a notorious ransomware group for a major outage that’s been preventing healthcare providers from processing prescriptions.

The company issued the update as its subsidiary Change Healthcare is still struggling to restore services, a week after suffering the attack, which has ensnared IT systems at hospitals and pharmacies across the country.

“Change Healthcare can confirm we are experiencing a cyber security issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat,” the company said on Thursday.

The statement clarifies that the attack isn’t exactly from a “suspected nation-state” actor, as UnitedHealth Group initially said. Instead, ALPHV is more of a cybercriminal group, although its members are likely based in Russia.

The company issued the confirmation a day after ALPHV took to its own site on the Dark Web and claimed responsibility for the attack on Change Healthcare. In some potentially bad news for users, the ransomware gang claims to have stolen 6TB or 6,000GB of data from United Healthcare during the attack.

This Tweet is currently unavailable. It might be loading or has been removed.

“Change Healthcare production servers process extremely sensitive data to all of UnitedHealth clients that rely on Change Healthcare technology solutions. Meaning thousands of healthcare providers, insurance providers, pharmacies, etc,” the group alleged.

As a result, the stolen data encompasses patient medical records, along with other sensitive user information, such as phone numbers, email addresses, and Social Security numbers, the gang claims. Change Healthcare also serves military hospitals, so data on US service members was apparently stolen as well.

Recommended by Our Editors

Interestingly, ALPHV appears to have taken down its original post about stealing data from UnitedHealth Group, which suggests the insurance provider may have paid the ransom.

UnitedHealth Group didn’t respond to a request for comment. In the meantime, the company’s statement notes: “Our experts are working to address the matter and we are working closely with law enforcement and…

Source…

Tag Archive for: Gang

Recommended by Our Editors