Cyber Warfare, Russia uses Ransomware-as-a-Service against Ukraine and partners
Weapons are groups like LockBit, BlackCat (ALPHVM), Karakurt, Hive and Black Basta. Many were born from Conti and do not attack neutral countries.
Cybercrime, ransomware gangs refine their tactics via chirurgical attacks
Coveware cybersecurity experts: The shift is due to the increasing pressing by law enforcements. However, data exfiltration stll remains one of the RaaS most used tactic.
Cybercrime, BlackCat (aka ALPHV) is rapidly spreading worldwide
Palo Alto Unit 42 cybersecurity researchers: The malware is offered on underground forums as a ransomware-as-a-service (RaaS). Affiliates keep 8’-90% of the ransoms.
Cybercrime, DoppelPaymer is back with a new name: Grief
Bleeping Computer: The two Ransomware-as-a-Service operations exploit the same encrypted file format and the distribution channel: the Dridex botnet.
Cybercrime: here it comes BlackMatter, the DarkSide and REvil heir
Recorded Future cybersecurity experts: The Ransomware-as-a-Service will target all big industries, except healthcare and governments.
Cybercrime, MountLocker evolves and count on affiliate programs
Blackberry cybersecurity experts: The new ransomware version has a reduced size and encrypts less files, but with a broaden targeting.
Cybercrime, Phorpiex is back as the most prevalent malware
CheckPoint cybersecurity experts: The botnet is distributing the Avaddon ransomware as a RaaS, and threat actors are recruiting affiliates.
Cybercrime, the UPS campaign from Dridex goes to download Zeppelin-Buran
A doc file is downloaded from the link in the email which, if opened, activates the ransomware infection chain. This,can exfiltrate the data as well as encrypt it.
Cybercrime, REvil operators start a recruitment operation for affiliates
Bleeping Computer cybersecurity experts: The group behind the malware put $1 million on a hacker forum to show its “force”. It looks for skilled penetration testers and hackers.
Cybercrime: here it comes Exorcist, new Ransomware-as-a-service
It has been discover by the cyber security expert Leandro Velasco. It doesn’t attack CIS countries and works without internet connection. The ransom, if it is not paid on time, triples.