Tag: Mail’s | SpinSafe

How Royal Mail’s hacker became the world’s most prolific ransomware group

January 18, 2023/in Internet Security

As the UK’s Royal Mail grappled with the fallout of a ransomware attack, a purported member of the LockBit hacking group stepped forward on the weekend to take credit for the mayhem.

LockBit has been busy: in just the past month, it has claimed to have compromised 40 organisations, from a private school in Malaysia to a dental group in Sydney, helping it take the mantle of the most prolific ransomware gang in the world.

The group had already hit the City of London, ensnaring Kingfisher Insurance in October 2022. But Royal Mail, part of a £2.2bn delivery business, was its biggest target so far: a crucial part of the UK’s critical infrastructure that was suddenly left unable to send mail outside the British Isles.

The spotlight — both from rival hacking gangs and UK authorities — was finally on LockBit.

“Guys, you can calm down,” said the anonymous post, as it revealed that a LockBit affiliate was behind the attack, made in a private forum and shared with the Financial Times by a security researcher.

The hack, the post said, was carried out by an elite, top ten member of the sprawling LockBit gang, someone who specialised in the important jobs of decrypting and then deleting the stolen data after collecting the ransom.

Royal Mail has yet to officially confirm that LockBit breached its cyber defences, encrypted its data and is now holding it ransom. The company declined to comment on whether it was negotiating with hackers, or how long it expects the disruption to last.

During a parliamentary hearing on Tuesday, Royal Mail chief executive Simon Thompson told MPs he had been informed “that to discuss any fine details . . . would actually be detrimental”.

The week-long disruption to international deliveries comes after 18 days of strikes over the past five months, adding pressure to Royal Mail to resolve the situation. But it is facing off against an evolved version of the ransomware threat — security researchers describe LockBit as the most professional, sleekly efficient gang in the world.

A LockBit tattoo on a person’s arm — LockBit has offered to pay $1,000 to people getting a tattoo with the group’s name © Cyberint

In the past year, the “founding fathers” of the group have taken…

Source…

Royal Mail’s ‘cyber incident’ appears to be a ransomware attack

January 13, 2023/in Internet Security

British postal service Royal Mail’s ongoing cybersecurity incident is the result of an attack carried out using ransomware tools from Russia-linked hacking group LockBit, The Telegraph reports. Royal Mail disclosed the incident on Wednesday, saying that it’s unable to send packages internationally.

A ransomware note circulating on Twitter that was apparently sent to Royal Mail says that its data is “stolen and encrypted,” and threatens to publish it online if a ransom isn’t paid. The note namechecks “LockBit Black Ransomware,” which is thought to be LockBit’s latest encryptor.

BleepingComputer reports that the ransom note contains links to the LockBit’s data leak and negotiation Tor sites. But when contacted for comment by the publication, a spokesperson for the hacking group said that it was not behind the attack, and said someone else might be using its tools after they leaked last September. If this were the case, BleepingComputer notes, then Royal Mail would have no way of communicating with the attacker since the note links to LockBit’s sites.

A service update posted on Royal Mail’s website dated January 13th says it still can’t send packages internationally. “Royal Mail is experiencing severe service disruption to our international export services following a cyber incident,” it reads. “We are temporarily unable to despatch items to overseas destinations. We strongly recommend that you temporarily hold any export mail items while we work to resolve the issue.”

The Telegraph reports that the ransomware has infected critical Royal Mail machines used to print customs labels for international shipments. The postal service, which was publicly owned prior to its privatization in 2013, is considered “critical national infrastructure,” according to BBC News.

“Our teams are working around the clock to resolve this disruption and we will update you as soon as we have more information,” Royal Mail’s notice continues. Its investigation is being assisted by GCHQ’s National Cyber Security Centre and the National Crime Agency. Royal Mail did not immediately respond to The Verge’s request for comment.

Source…

Android Botnet? No, a Much Simpler Flaw in Yahoo! Mail’s App – PC Magazine

July 8, 2012/in Internet Security

AFP

Android Botnet? No, a Much Simpler Flaw in Yahoo! Mail's App
PC Magazine
Lookout has discovered that Yahoo! Mail's Android app- the center of a potential "Android botnet" investigation-doesn't encrypt data in transit, warning hackers could hijack a user's account.
Yahoo Mail bugs may be behind Android 'botnet' spam, says researcherComputerworld
Android botnet claim in disputeCNET
Android Botnet Seen Spewing SpamInformationWeek (blog)
ZDNet (blog) –PCWorld –DailyTech
all 220 news articles »

android botnet – read more

Tag Archive for: Mail’s