Category: RANSOMEDVC

“Ukraine Cyber Alliance Takes Down Trigona Ransomware Gang, Wipes Their Data Clean”

In recent times, we’ve witnessed numerous headlines about ransomware groups wreaking havoc on corporate networks. However, this time, the ‘Ukraine Cyber Alliance,’ a group of activists, managed to infiltrate the Trigona Ransomware gang’s database and completely obliterate their operations. Notably, they absconded with sensitive information, including source code, decryption keys, and some cryptocurrency earnings acquired by the gang during the month of September this year.

A technical analysis released to the media indicates that the gang exploited a known vulnerability, CVE-2023-22515, to breach the Confluence database and gain access to this critical information. As our analysis team continues to investigate, we will provide updates as soon as further details are confirmed.

“Data Deletion Hack Targets Facebook Users”

For the first time in the history of hacking, a hacker or hacking group successfully took control of a Facebook account belonging to a photographer. They systematically deleted images and customer orders that had been stored on the account for the past seven years. The account holder, Doug Bazley from Queensland, expressed deep disappointment at the data wipe and reported the incident to Meta’s subsidiary, which subsequently launched an inquiry into the matter.

The hack appears to have occurred after Doug clicked on a phishing link that arrived in his inbox, cleverly disguised as a Meta company communication. The perpetrator(s) assumed control of the web page, altering the profile photo, changing the account holder’s name, and systematically erasing all the data that had been stored for years. Doug also voiced his dissatisfaction with the security measures Facebook imposes on user accounts. As the issue remains under investigation, it may take some time for all the facts to be revealed. Notably, deleted data often remains stored in the archival database of the social media giant for a certain period.

“Criminal Gang RansomedVC Compromises District of Columbia Board of Elections”

The District of Columbia Board of Elections (DCBOE) fell victim to a criminal gang known as RansomedVC, infamous for data extortion and their hefty demands for decryption keys. The attack followed an unconventional path, with the criminals initially targeting the hosting provider DataNet before gaining control of the online platform housing Washington DC Election Authority data.

To substantiate their claims, the gang leaked approximately 60,000 lines of voter information belonging to Washington DC voters and listed the data for sale on the dark web. The exposed information includes Social Security Numbers, driver’s license details, dates of birth, phone numbers, and email addresses. Law enforcement agencies such as the FBI and DHS have taken note of the data breach and are actively investigating these claims.

It is noteworthy that this same criminal gang, RansomedVC, was previously involved in the server hack of Sony and was confirmed to have stolen over 260GB of files in that incident.

The post Interesting cyber attack headlines trending on Google for this day appeared first on Cybersecurity Insiders.

Investigation Deepens into MGM Resorts Hack and Caesars Entertainment Ransomware Attack

Recent developments in the ongoing investigation into the MGM Resorts hack and the Caesars Entertainment ransomware attack have shed new light on the culprits behind these cybercrimes. Law enforcement agencies working on the case have revealed that the individuals responsible for these attacks are likely to be between the ages of 17 and 22. This revelation is substantiated by the research findings of Unit 42, the cybersecurity division of Palo Alto Networks.

The sequence of events that led to these cyberattacks commenced with a deceptively simple phone call. The attackers managed to persuade senior staff members to divulge their login credentials, thereby gaining unauthorized access to the corporate networks of these major gaming and casino giants. What’s particularly intriguing about these hackers is that they appear to be quite young, possibly as young as 17, and their voices were identified as being native English speakers. They were tasked with infiltrating these networks through a technique known as Vishing, which involves manipulating individuals over the phone.

As the Scattered Spider group, also known as UNC3944, breached the systems of two of the world’s largest gaming and casino corporations, concerns are mounting about the evolving sophistication of cyber threats in the future.

RANSOMEDVC Claims to Infiltrate Sony Corporation Computer Network

A ransomware group known as RANSOMEDVC has allegedly infiltrated the computer networks of Sony Corporation with the aim of acquiring valuable intelligence and exfiltrating sensitive information for later sale on the dark web.

Interestingly, RANSOMEDVC has refrained from making any ransom demands to the victimized Sony Systems firm. Instead, they intend to monetize their ill-gotten gains by selling the stolen data on the dark web to turn a profit.

In a show of their intent, the ransomware group has released the initial batch of stolen data, including PDFs and screenshots, as evidence of their capabilities. They claim that the senior management of the Japanese conglomerate has shown no interest in negotiating with the criminals regarding the data breach, leaving them with no recourse but to profit from the sale of the compromised information. This decision is motivated by the belief that the stolen data could yield substantially more revenue than any potential ransom payment.

Russian LockBit Ransomware Targets The Weather Network Servers

In a surprising and unprecedented move, the Russian-speaking ransomware group known as LockBit has issued a threat to release data associated with “The Weather Network” if their ransom demands are not met. This notorious group has a history of targeting corporate and government networks. However, this marks their first reported breach of a server network belonging to a weather reporting organization. Further details on this incident are eagerly awaited as the situation unfolds.

The post Trending Ransomware News headlines on Google appeared first on Cybersecurity Insiders.