LockBit thieves have become victims of robbery themselves
Cybercriminals have become increasingly sophisticated, complete with Ransomware-as-a-Service models and coveted proprietary software. Now, one of the problems that legitimate organizations face has also surfaced for criminal enterprises: IP theft. The source code of the prominent LockBit 3.0 leaked... Read more
How ransomware has become cybercrime’s star player
In 2023, ransomware is still the most fear-inducing term for Internet users and organizations. After years of relative obscurity, the popularity of this collection of malicious software exploded between 2015 and 2017. Since then, revenues have grown, and the cybercrime market has professionalized. ... Read more
Ransomware attacks increase by 40 percent, encryption usage decreases
Research by Zscaler has shown that the number of ransomware attacks has increased by 40 percent over the past year. The biggest cause of this rise is the wide availability of Ransomware-as-a-service (RaaS) services on offer. However, Zscaler does see a shift in the type of ransomware attacks: namel... Read more
‘VMware ESXi ransomware problem worsening’
CrowdStrike reports that ransomware criminals are increasingly attacking VMware's ESXi hypervisor. Many systems are susceptible, mainly due to a lack of security tools.
CrowdStrike's blog is the third in the series on so-called hypervisor jackpotting. In February, thousands of attacks on ESXi se... Read more
‘Hackers breach Microsoft SQL servers to deploy Trigona ransomware’
The malware exploits a Windows vulnerability to "perform malicious behaviours".
Hackers are distributing Trigona ransomware via internet-exposed Microsoft SQL (MS-SQL) servers, according to a report in BleepingComputer. The externally accessible or poorly protected servers are being breached vi... Read more
‘FBI and Europol take down ransomware group Hive’
Hive's infrastructure is down. Europol claims the ransomware group was tackled by a partnership of Dutch, German and US authorities.
"The FBI seized this site as part of a coordinated law enforcement action", reads the banner referred to by Hive's website since Thursday. The statement is signed ... Read more
Rust is popular among ransomware-as-a-service groups
Hive, one of the most prevalent ransomware-as-a-service variants, was rewritten in Rust. The malware sees more updates than previously thought, allowing attacks to slip under the radar.
Ransomware-as-a-service groups work like professional developers. One or more members develop and sell a malwa... Read more
Escobar malware steals Google Authenticator MFA codes
The 'Escobar' banking trojan is available for 2,750 euros a month on the dark web. Cybercriminals are professionalizing with revenue models, marketing and infrastructure.
One or more cybercriminals distribute the 'Escobar' banking trojan under the guise of legitimate Android apps. On March 3, se... Read more