‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Credit to Author: BrianKrebs| Date: Wed, 27 Sep 2023 11:48:37 +0000

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.

Read more

Child health data stolen in registry breach

Categories: Exploits and vulnerabilities

Categories: News

Categories: Ransomware

Tags: MOVEit

Tags: vulnerability

Tags: Cl0p

Tags: ransomware

Tags: BORN

Tags: NSC

Tags: privacy

Tags: identity theft

Canadian healthcare organization Better Outcomes Registry & Network (BORN) has disclosed a data breach affecting client data.

(Read more…)

The post Child health data stolen in registry breach appeared first on Malwarebytes Labs.

Read more

Who’s Behind the 8Base Ransomware Website?

Credit to Author: BrianKrebs| Date: Tue, 19 Sep 2023 02:12:53 +0000

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website’s code was written by a 36-year-old programmer residing in the capital city of Moldova.

Read more

Ransomware group steps up, issues statement over MGM Resorts compromise

Categories: Business

Tags: MGM Resorts

Tags: hotel

Tags: casino

Tags: ransomware

Tags: blackcap

Tags: ALPHV

We take a look at a ransomware group’s claims that they were the ones responsible for the MGM Resorts attack.

(Read more…)

The post Ransomware group steps up, issues statement over MGM Resorts compromise appeared first on Malwarebytes Labs.

Read more

Europol lifts the lid on cybercrime tactics

Categories: News

Categories: Ransomware

Tags: Europol

Tags: Phishing

Tags: RDP

Tags: VPN

Tags: Exchange

Tags: LOTL

Tags: BEC

Tags: ransomware

Tags: IAB

Tags: crypter

Tags: Flubot

A Europol report discusses developments in cyberattacks, new methodologies, and threats as observed by Europol’s operational analysts.

(Read more…)

The post Europol lifts the lid on cybercrime tactics appeared first on Malwarebytes Labs.

Read more

The main causes of ransomware reinfection

Categories: News

Categories: Ransomware

Tags: ransomware

Tags: reinfection

Tags: stolen credentials

Tags: vulnerabilities

Tags: infected backups

Tags: logging

Tags: forensic investigation

Tags: backdoors

The main causes for getting reinfected with ransomware can be prevented by performing a forensic analysis.

(Read more…)

The post The main causes of ransomware reinfection appeared first on Malwarebytes Labs.

Read more

A history of ransomware: How did it get this far?

Categories: News

Categories: Ransomware

Tags: history

Tags: ransomware

Tags: bulletproof hosting

Tags: cryptocurrency

Tags: encryption

Tags: fast internet

Tags: government protection

Tags: RaaS

Tags: LockBit

Tags: pentester tools

Tags: code

We tell you about the origin of ransomware and what factors contributed to making it the most feared type of malware.

(Read more…)

The post A history of ransomware: How did it get this far? appeared first on Malwarebytes Labs.

Read more

Qakbot botnet infrastructure suffers major takedown

Categories: News

Categories: Ransomware

Tags: Qakbot

Tags: FBI

Tags: law enforcement

Tags: takedown

Tags: removal tool

Tags: HIBP

Tags: Spamhaus

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies.

(Read more…)

The post Qakbot botnet infrastructure suffers major takedown appeared first on Malwarebytes Labs.

Read more