Tag Archive for: Ring

Zoomer Hackers Shut Down the Biggest Extortion Ring of All


Linda Witzal runs a small independent pharmacy that caters exclusively to about 1,200 residents of New Jersey senior living facilities. Virtually all the revenue she takes in comes, ultimately, from the government. In a simpler time, she billed New Jersey Medicaid directly for most of her patients. “When I started in this business, I was 28 years old, and New Jersey was actually very easy to get on the phone back then,” Witzal, now in her early sixties, recalls.

Three and a half decades later, there’s a whole legalized extortion ring that small pharmacies like Witzal’s need to pay off to access Medicare and Medicaid funds, a symptom of the middleman creep in the pharmaceutical transaction chain. Standing between pharmacies and reimbursement checks for the drugs they dispense include the administrators of managed care programs, the tyrannical triumvirate of dominant pharmacy benefit managers that represent about 85 percent of all health plans, and Change Healthcare, the electronic data clearinghouse—or “switch,” as pharmacists call them—she uses to access the computer ecosystems of these middlemen. Until last week, Witzal viewed Change as one of the least-bad gatekeepers in the pharmacy business, though that was starting to change in the aftermath of its 2022 acquisition by UnitedHealth Group, the $372 billion Minnesota health care leviathan, which axed hundreds of tech and call center employees immediately after closing the deal. “It was getting harder and harder to get someone on the phone,” she says.

Then just over a week ago, Change abruptly shut down for Witzal and 67,000 other pharmacies it services. The company, it turned out, had been attacked by an extortion ring of its own, a hacker UnitedHealth initially identified in a Securities and Exchange Commission filing as a “suspected nation-state-associated cyber security threat actor” but has since emerged as the ransomware gang BlackCat/ALPHV, whose affiliates cybersecurity experts have previously described as native English speakers from predominantly “Western countries” between the ages of 17 and 22.

More from Maureen Tkacik

Ransomware gangs, which brought in a record $1.1 billion in…

Source…

Feds bust Blackcat malware ring


The US Department of Justice has shut down what it claims to be one of the most prolific ransomware operations on the planet.

The Justice Department said that its Southern Florida District Office was leading the charge against operators of the ransomware family that is said to have compromised thousands of victims.

Police used a purpose-built decryption tool to help victims of the malware recover their data without the need to pay the attackers ransom demands and provide cash for cybercrime operations.

“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said deputy attorney general Lisa Monaco.

“With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online.”

Like most modern ransomware operations, Blackcat operates under a service model; the ransomware authors sell off a license to third-party hackers who then do the dirty work of infiltrating networks and running the ransomware code.

“Before encrypting the victim system, the affiliate will exfiltrate or steal sensitive data,” the DOJ said.

“The affiliate then seeks a ransom in exchange for decrypting the victim’s system and not publishing the stolen data. Blackcat actors attempt to target the most sensitive data in a victim’s system to increase the pressure to pay.”

Officials with the DOJ passed credit on to law enforcement in the UK, Spain, Germany, Austria, Australia, and Europol.

According to officials, the crackdown on the Blackcat group (aka ALPHV and Noberus) has lead to some 500 companies being able to regain access to systems that had been locked by ransomware.

“The FBI developed a decryption tool that allowed FBI field offices across the country and law enforcement partners around the world to offer over 500 affected victims the capability to restore their systems,” the DOJ said.

“To date, the FBI has worked with dozens of victims in the United States and internationally to implement this solution, saving multiple victims from ransom demands totaling approximately $68m.”

Source…

How to stop hackers from spying on you through a Ring camera or video doorbell


People who use internet-enabled security camera systems like Amazon Ring or Google Nest to keep their homes safe could be opening up their virtual worlds to hackers, or even employees of the companies.

The devices, typically placed on the outside of homes and aimed at entryways, record live footage of who is approaching the premises, with many residents using the technology to deter package thieves and otherwise monitor their homes. But users who don’t properly secure their devices could be inviting criminals to snoop around their digital networks and potentially gain access to reams of sensitive personal data. 

In a case highlighting such vulnerabilities, Amazon this week agreed to pay $5.8 million to the Federal Trade Commission to settle allegations it gave its Ring surveillance employees “unfettered” access to personal videos. The agency in its lawsuit also claimed that Amazon failed to protect customer security, leading to hackers threatening or sexually propositioning Ring owners.

Gavin Millard, a cybersecurity expert at Tenable, a firm that alerts clients to tech vulnerabilities, said there are ways to leverage video doorbells and cameras’ security features without exposing one’s private lives and information to bad actors. Here are five ways users of the technology can protect themselves.

Reset default username and password

Never keep the username and password that a home security system assigns you by default. Because they can be easily guessed by hackers, they should be changed immediately, Millard said. 

“Often when consumers buy the devices, they don’t change them from their default, insecure configurations,” Millard told CBS MoneyWatch. 

Changing this password is crucial because once hackers breach one device, they can explore others that are connected to the same home network. For example, bad actors can use search engine Shodan to scan the whole internet for any connected devices, from webcams to smart lightbulbs. 

“I can ask it to show me every single internet-connected camera and try ‘Admin’ and ‘Password’ as the username and password, and you could access the video streams of any that are vulnerable,” he explained. 

Two-factor authentication

In…

Source…

Security News This Week: Ring Is in a Standoff With Hackers


What’s more controversial than a popular surveillance camera maker that has an uncomfortably cozy relationship with American police? When ransomware hackers claim to have breached that company—Amazon-owned camera maker Ring—stolen its data, and Ring responds by denying the breach.

But we’ll get to that.

Five years ago, police in the Netherlands caught members of Russia’s GRU military intelligence red-handed as they tried to hack the Organization for the Prohibition of Chemical Weapons in The Hague. The team had parked a rental car outside the organization’s building and hid a Wi-Fi snooping antenna in its trunk. Within the GRU group was Evgenii Serebriakov, who was caught with further Wi-Fi hacking tools in his backpack.

Since then, surprisingly, Serebriakov has only risen in status. This week, Western intelligence sources told WIRED that Serebriakov is now the new leader of one of the world’s most aggressive hacking units. Serebriakov took over Sandworm, which is responsible for some of the worst cyberattacks in history, in the spring of 2022. His elevation to the senior role, experts say, shows how small the pool of skilled nation-state hackers is likely to be and demonstrates Serebriakov’s value to Russia.

Nowhere on the internet is free from threats—and that includes LinkedIn. This week we looked at how spies, scammers, and hackers from Iran, North Korea, Russia, and China are using the professional network to scout and approach intelligence targets. In addition, LinkedIn is plagued with thousands of suspicious accounts; it removed hundreds from WIRED’s profile when we reported them.

The Western clampdown on TikTok is continuing—this week the UK joined the US, Belgium, Canada, and the European Union in banning the social media app from being used on government devices. But in the US, Senator Mark Warner is trying to pass legislation, in the guise of the bipartisan Restrict Act, that will allow officials to ban apps and services from six “hostile” nations: China, Russia, North Korea, Iran, Cuba, and Venezuela. We sat down with Warner and asked about the plans.

A WIRED analysis of “cybercrime” cases across the US shows how vague and…

Source…