Ransomware

Welcome to the Precious Metals Bug Forums

Welcome to the PMBug forums - a watering hole for folks interested in gold, silver, precious metals, sound money, investing, market and economic news, central bank monetary policies, politics and more. You can visit the forum page to see the list of forum nodes (categories/rooms) for topics.

Why not register an account and join the discussions? When you register an account and log in, you may enjoy additional benefits including no Google ads, market data/charts, access to trade/barter with the community and much more. Registering an account is free - you have nothing to lose!

searcher

morning
Moderator
Benefactor
Messages
13,466
Reaction score
2,801
Points
238
From the link:

WASHINGTON (AP) — A man who authorities say participated in a ransomware campaign that extracted tens of millions of dollars from victims has been charged in the United States, the Justice Department announced Thursday.

Mikhail Vasiliev, a dual national of Russia and Canada, was arrested Wednesday. He is currently in custody in Canada and is awaiting extradition to the U.S. on charges that accuse him of involvement in the Lockbit ransomware operation.


*Edited because original link no longer worked.
 
Last edited:
...
Mikhail Vasiliev, a dual national of Russia and Canada, was arrested Wednesday. He is currently in custody in Canada and is awaiting extradition to the U.S. on charges that accuse him of involvement in the Lockbit ransomware operation.
...
Deputy Attorney General Lisa Monaco said in a statement that the arrest was the “result of over two-and-a-half-years of investigation into the LockBit ransomware group.”
...

31441_800.jpg
 
You'd think they would have hit one place, maybe two and called it good.

Pigs get fat, hogs get slaughtered.
 
I will say that share point has put an end to the ransomware risk once and for all in my opinion,

have been hit multiple times - never paid, just rebuilt. Sister company paid 1mm from insurance and they unlocked them.

was starting to restrict who,could send attachments, was blocking inbound emails from non company sources etc

now anyone can get themselves in a virus or ransomware situation and you just pull a backup from before they were hit and keep moving. Because everyone is isolated it’s doesn’t propagate as easy
 

Interpol’s seizes over $130m in virtual assets in operation HAECHI III​

The international police force closed a worldwide operation this week which covered over 1,600 cases.

By Claudia Glover
November 25, 2022

Interpol has seized $130m of virtual assets as part of an operation which concluded this week. Known as HAECHI III, it resolved 1,600 cases and saw the launch of a new anti-money laundering rapid response tool (ARRP) that enables countries to reclaim stolen money and digital assets.

Operation HAECHI III ran over a five-month period from June-November, targeting money and online currencies linked to cyber enabled financial crime and money laundering.

More:

 
So, what comes next? Asset forfeiture? More donations from Interpol to local crypto-Marxist political parties worldwide?

I no longer trust ANYTHING within Western governments. As we've seen, their political police are now enablers - for pedophile trafficking, child grooming, Depopulation, suppression of political opposition or of Rights movements by ordinary citizens.
 
So, what comes next? Asset forfeiture? More donations from Interpol to local crypto-Marxist political parties worldwide?

I no longer trust ANYTHING within Western governments. As we've seen, their political police are now enablers - for pedophile trafficking, child grooming, Depopulation, suppression of political opposition or of Rights movements by ordinary citizens.


You got that right.
 
That was nice of them to apologize and give them a decryptor. And they even got rid of the peeps who attacked the hospital. Shows they do have some scruples.
 
I seriously doubt that "the Hive" used a single point communication structure of a website (easily commandeered by authorities) to coordinate/operate. I could be wrong, but this seems more like window dressing than effective action.
 
I seriously doubt that "the Hive" used a single point communication structure of a website (easily commandeered by authorities) to coordinate/operate. I could be wrong, but this seems more like window dressing than effective action.
A fictional takedown.

Remember Fahrenheit 451? When the robotic salamander of the Fire Department, went out from burning a hidden library to pursue the perp. A vagrant was grabbed on the street and obliterated; and the Screens all announced that the dangerous radical was "apprehended."

Likewise, here. You don't believe the story, because it's illogical and too pat. But we're dealing with DUMMPFUX here...government bureaucrats, fat, dumb and happy; but pressured to show "results."
 
In February, attackers from the Russia-based BlackCat ransomware group hit a physician practice in Lackawanna County, Pennsylvania, that's part of the Lehigh Valley Health Network (LVHN). At the time, LVHN said that the attack “involved” a patient photo system related to radiation oncology treatment. The health care group said that BlackCat had issued a ransom demand, “but LVHN refused to pay this criminal enterprise.”

After a couple of weeks, BlackCat threatened to publish data stolen from the system. “Our blog is followed by a lot of world media, the case will be widely publicized and will cause significant damage to your business,” BlackCat wrote on their dark-web extortion site. “Your time is running out. We are ready to unleash our full power on you!” The attackers then released three screenshots of cancer patients receiving radiation treatment and seven documents that included patient information.

 
A team of ransomware hackers have published proprietary inside data allegedly obtained the Dutch shipping intelligence agency Royal Dirkzwager, according to cybsersecurity trade press. The leak purportedly include employee passports, contracts and other sensitive information. The hackers claim to have more data that is yet to be released, reports Security Week.

 

Linus Tech Tips channel hacked by crypto currency hackers​

Mar 23, 2023


Sad to see that hackers have erased and destroyed the work of a popular tech YouTuber 4:47
 
Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.…

In a statement shared on Friday, MSI urged users "to obtain firmware/BIOS updates only from its official website," and to avoid using files from other sources.

 

US government agencies hit in global hacking spree​

(Reuters) -The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software but does not expect it to have significant impact, the nation's cyber watchdog agency said on Thursday.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said several federal bodies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency's executive assistant director for cybersecurity, said in a statement.

More:

 

U.S. Energy Dept gets two ransom notices as MOVEit hack claims more victims​

June 16, 20236:29 PM EDT

WASHINGTON, June 16 (Reuters) - The U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign, a spokesperson said on Friday.

The DOE contractor Oak Ridge Associated Universities and the Waste Isolation Pilot Plant, the New Mexico-based facility for disposal of defense-related radioactive nuclear waste, were hit in the attack, which was first reported on Thursday.

More:

 
Man, how much smoother everything works, now that it's all linked into the Internet...

...NOT.
 

How Hackers Swindled Vegas​

In the mid-2010s, cybercriminals shifted their ransomware strategy. Instead of spamming as many individual victims as possible with ransomware, criminals began targeting large organizations: hospitals, governments, hotel chains, pipeline companies—the types of victims who could pay millions, not hundreds, of dollars to regain control of their computer systems. By going after these high-value targets, they could make a lot more money while distributing a lot less malware. It was only a matter of time before the cybercriminals came for Vegas. Earlier this fall, a ransomware attack hit both Caesars and MGM Resorts.

More:

 
Nov 10 (Reuters) - The Industrial and Commercial Bank of China's (ICBC) U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Thursday, the latest in a string of victim's ransom-demanding hackers have claimed this year.

 

MOVEit Global Security Incident​

Information for Maine Residents and Impacted Individuals


Press release

 
LONDON, Nov 10 (Reuters) - Internal data from Boeing (BA.N), one of the world's largest defence and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid.

The hackers in October said they had obtained "a tremendous amount" of sensitive data from the aerospace giant and would dump it online if Boeing didn't pay a ransom by Nov. 2.

 
 

The DOJ says it disrupted the Blackcat ransomware group​

The US Department of Justice says it has disrupted the Blackcat ransomware group. Also called ALPHV or Noberus, the hackers have targeted over 1,000 computer networks and extorted millions of dollars from victims. Bloomberg reports its members were known for speaking Russian. “In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” Deputy Attorney General Lisa O. Monaco wrote in a DOJ news release.

The FBI says it developed a decryption tool, which it has used to help over 500 Blackcat victims recover their data — saving more than $68 million in ransom payments. The agency adds that it has “gained visibility into the Blackcat ransomware group’s computer network” and seized several of its websites.

“With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online,” Monaco wrote. “We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”

More:

 

Law enforcement seizes top ransomware gang's website​

International law enforcement has taken down the dark web site tied to notorious ransomware gang LockBit as part of an ongoing operation, spokespeople for Europol and the U.K.'s National Crime Agency confirmed Monday.

Why it matters: LockBit is one of the most prolific and active ransomware gangs. Taking down its operations is a huge win for law enforcement and cyber defenders fighting ransomware.

  • Most recently, LockBit has claimed responsibility for a ransomware attack on Georgia's Fulton County that has disrupted key county services for weeks.
What's happening: LockBit's dark-web leak site — where the hacking group publicly lists its victims who haven't paid a fee to unlock their systems after a cyberattack — was replaced with a law enforcement notice on Monday.

  • "This site is now under the control of The National Crime Agency of the UK, working in close cooperation with the FBI and the international law enforcement task force [on] 'Operation Cronos,'" according to the notice seen by Axios.
  • The FBI, Europol and other law enforcement organizations from Australia, Japan and across Europe assisted in the operation, per the notice.
What they're saying: "I can confirm that LockBit's services have been disrupted by a law enforcement action," Claire Georges, deputy spokesperon at Europol, told Axios via email. "This is an ongoing and developing operation."

More:

 
^^^^^^

Lockbit cybercrime gang says it is back online following global police bust​

LONDON (Reuters) - Lockbit, the cybercrime gang that was knocked offline by a comprehensive international police operation earlier this month, says it has restored its servers and is back in business.

The group, notorious on the internet's criminal underground for using malicious software called ransomware to digitally extort its victims, was the target of an unprecedented international law enforcement operation last week which saw its members arrested and indicted.

More:

 
Back
Top Bottom