Tag Archive for: Notorious

Notorious ransomware provider LockBit taken over by law enforcement

/in


Washington — A ransomware service provider that has targeted over 2,000 systems across the globe, including hospitals in the U.S., with demands for hundreds of millions of dollars was taken down Monday, and Russian nationals were charged as part of an international plot to deploy the malicious software, the Justice Department announced Tuesday. 

Known as LockBit, the network of cybercriminals targets critical components of manufacturing, healthcare and logistics across the globe, offering its services to hackers who deploy its malware into vulnerable systems and hold them hostage until a ransom is paid. The attackers have so far extorted more than $120 million from their victims, officials said, and their program has evolved into one of the most notorious and active.

As part of this week’s operation, the FBI and its law enforcement partners in the United Kingdom seized numerous public-facing platforms where cybercriminals could initiate contact with and join LockBit. Investigators also seized two servers in the U.S. that were used to transfer stolen victim data. 

The front page of LockBit’s site has been replaced with the words “this site is now under control of law enforcement,” alongside the flags of the U.K., the U.S. and several other nations, the Associated Press noted.

A screenshot from Feb. 19, 2024 shows a take down notice that a group of global intelligence agencies issued to a dark web site called Lockbit.

Handout via Reuters


According to Attorney General Merrick Garland, the U.S. and its allies went “a step further” by obtaining the “keys” that can unlock attacked computer systems to help victims “regain access to…

Source…

US Takes Down Notorious Warzone RAT Malware Operation, Arrests 2

/in


One suspect from Malta managed the Warzone Rat distribution network, while another from Nigeria developed and maintained the malware.

In a major blow to cybercrime, the US Department of Justice, along with international partners and private companies, has dismantled the infrastructure behind the infamous Warzone RAT malware. Two individuals believed to be key players in the operation have also been arrested, while the website used in the operation has been seized as well.

What Was Warzone RAT?

Warzone RAT, short for Remote Access Trojan, was a powerful and versatile tool used by cybercriminals to gain complete control over infected devices since 2018.

This malware granted attackers access to steal sensitive data like passwords and financial information, spy on victims through webcams and microphones, lock them out of their devices for ransom, and even launch further attacks. Its widespread use and sophisticated capabilities made it a major threat to individuals and organizations alike.

US Takes Down Notorious Warzone RAT Malware Operation, Arrests 2
The website that sold Warzone RAT (Screenshot: Hackread.com)

Operation Shut Down:

On February 9, 2024, the US Department of Justice announced a coordinated effort involving the FBI, international law enforcement agencies, and private cybersecurity firms that successfully dismantled the Warzone RAT infrastructure. This action effectively crippled the malware’s distribution and operation, significantly disrupting cybercriminal activities relying on it.



Arrests Made:

As part of the operation, two individuals were arrested and charged with their involvement in the Warzone RAT scheme. One suspect, residing in Malta, was accused of managing the malware distribution network. The other, based in Nigeria, was allegedly responsible for developing and maintaining the malware itself. Both face serious charges related to computer fraud and abuse.

Impact and Significance:

The takedown of Warzone RAT represents a significant victory for law enforcement and cybersecurity experts. It demonstrates the effectiveness of collaboration between international partners and the private sector in combating large-scale cybercrime. While this specific threat has been…

Source…

Russia’s Notorious Troll Farm Disbands

/in


When Yevgeny Prighozin, the head of the notorious mercenary army known as the Wagner Group, staged an aborted coup against the Russian government, his brief revolt led to the deaths of 13 Russian fighter pilots and a serious blow to Vladimir Putin’s sense of invulnerability. Now the fallout of that strange story has also apparently taken another casualty: the most notorious troll farm in the world, known as the Internet Research Agency.

But we’ll get to that. First, Elon Musk is having a tough week. After Twitter’s baffling decision to temporarily limit the number of tweets users can read each day, Mark Zuckerberg sucker-punched the self-sabotaged platform with the launch of Threads. The Instagram-linked microblogging app surged to the top of the app store charts, gaining a staggering 30 million users in 24 hours—a clear sign that many people are willing to ignore Meta’s privacy-invading ways.

If you want to get in on the Threads action but don’t want to share all your data with Meta, there’s a better way: Don’t join. Instead, wait until Threads connects to the broader decentralized social media ecosystem enabled by the ActivityPub protocol, which is also used by Mastodon. It should enable you to interact with Threads without signing up for an account or downloading the app. And if you’re still trying to pick which Twitter alternative to jump on—or just want to see what data each platform collects—we’ve broken down the privacy policies of Threads, Bluesky, Mastodon, and more.

Even if you don’t share your data with Meta, the information about you that’s already out there is likely up for sale. But it’s not just companies buying up your personal details—cops and spies are purchasing that data too. That is, unless the US Congress puts a stop to it. A bipartisan group of lawmakers has submitted an amendment to the National Defense Authorization Act, which Congress must pass each year, that would forbid intelligence agencies from buying sensitive data about Americans. The amendment has to survive a long debate before it can become law, but if Congress keeps it intact, US spies will no longer be able to buy your location data and search histories on the open market.

Finally,…

Source…

Silicon Heist: Notorious LockBit 3.0 Ransomware Gang Targets World’s Biggest Chip Maker TSMC in a Daring $70M Ransom

/in


The LockBit 3.0 ransomware group is shaking the tech world, aiming a $70M ransom gun at TSMC, the world’s largest dedicated chip foundry. Non-payment threats include publishing network entry points, passwords, and logins – a potential Armageddon for the semiconductor behemoth and its mega-clients, including Apple, Qualcomm, and Nvidia.

Updated Jun 30, 2023 | 11:32 AM IST

The Silicon Underworld Rises: A Sinister 70M Ransom

KEY HIGHLIGHTS

  • LockBit 3.0 targets TSMC, world’s largest chip foundry, demanding a staggering $70M digital ransom.
  • A TSMC data breach could send shockwaves across the tech industry, impacting major clients including Apple, Qualcomm, and Nvidia.
  • LockBit 3.0 threatens to expose network access points, passwords, and logins if the ransom is not paid.
In an audacious cyber stunt, the LockBit 3.0 ransomware group has set its sights on the colossal titan of the semiconductor industry , the Taiwan Semiconductor Manufacturing Company Limited ( TSMC ). Notoriously shaking up the digital underworld, the group has demanded an eye-watering $70 million to avoid leaking sensitive data and network details. The startling news has sent tremors through the global tech industry, given the immense repercussions this could have for TSMC’s high-profile clientele, including tech behemoths like Apple , Qualcomm , and Nvidia .

LockBit 3.0 DarkWeb Leaksite

LockBit 3.0: The DarkWeb’s Demanding Deities

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing & Analysis Center (MS-ISAC) define LockBit 3.0 operations as a Ransomware-as-a-Service (RaaS) model. This model follows a trajectory from previous versions of the ransomware, LockBit 2.0, and LockBit. The rapid adaptation and diversified tactics of LockBit affiliates pose a significant challenge for network defense and mitigation.

The Dreadful Digital Drill

The cyber villains gain initial access via a range of invasive tactics, including remote desktop protocol (RDP) exploitation, drive-by compromise, phishing campaigns, and the abuse of valid accounts. Once they’ve breached the perimeter, they…

Source…