Blog

Blog

$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers

The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what is believed to be the largest known ransom payment made by a cyber attack victim since records began. Researchers at Zscaler claim in a new report that the record-breaking figure was paid by an undisclosed Fortune 50 company to the Dark Angels ransomware group. The reported payment almost doubles the...
Blog

SEXi / APT Inc Ransomware - What You Need To Know

SEXi? Seriously? What are you talking about this time?Don't worry, I'm not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024.Excuse me for not knowing, but what is VMWare EXSi?EXSi is a hypervisor - allowing businesses who...
Blog

HardBit Ransomware - What You Need To Know

What's happened?A new strain of the HardBit ransomware has emerged in the wild. It contains a protection mechanism in an attempt to prevent analysis from security researchers.HardBit? I think I've heard of that before.Quite possibly. HardBit first emerged in late 2022, and quickly made a name for itself as it attempted to extort ransom payments from corporations whose data it had encrypted.That...
Blog

RansomHub Ransomware - What You Need To Know

What's RansomHub?Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence.It operates a ransomware-as-a-service (RaaS) operation, meaning that a central core of the group creates and maintains the ransomware code and infrastructure, and rents it out to other cybercriminals who act as affiliates.How has RansomHub become such...
Blog

Volcano Demon Ransomware Group Rings Its Victims To Extort Money

What's happening?Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims.So what's different this time?Whereas many ransomware attacks see a company's company's data exfiltrated by attackers, and the threat made that stolen data will be sold to other cybercriminals or released to the public, the...
Blog

Better Resilience Sees More Extorted Companies Refuse To Pay Their Ransomware Attackers

There's some possibly good news on the ransomware front.Companies are becoming more resilient to attacks, and the ransom payments extorted from businesses by hackers are on a downward trend.That's one of the findings of insurance broker Marsh, which conducted an analysis of the more than 1800 cyber claims it received during 2023 from its clients in the United States and Canada.According to Marsh,...
Blog

Qilin Ransomware: What You Need To Know

What is Qilin?Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid.Qilin seems like a strange name. Where does it come from?The Qilin is a creature from Chinese mythology that combines the features of a dragon and a horned beast. Sometimes, it is...
Blog

Watch Out! CISA Warns It Is Being Impersonated By Scammers

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are impersonating its employees in an attempt to commit fraud. In an alert posted on the CISA website, the organisation warned that so-called impersonation scams are on the rise. An impersonation scam is any type of fraud where a criminal pretends to be a trusted individual or organisation to dupe a victim...
Blog

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn't involve paying a ransom? Well, don't fear. The FBI announced this week that it had obtained over 7,000 decryption keys for the LockBit ransomware and is urging victims to come forward for free assistance. In a speech at this week's...
Blog

"Largest Botnet Ever" Disrupted. 911 S5's Alleged Mastermind Arrested

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. The 911 S5 botnet, described as "likely the world's largest botnet ever" by FBI Director Christopher Wray, has had its infrastructure and assets seized and its alleged mastermind arrested and charged. 35-year-old YunHe Wang, a...
Blog

10 Years in Prison for $4.5 million BEC Scammer Who Bought Ferrari to Launder Money

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud scams. Malachi Mullings, a 31-year-old from Sandy Springs, Georgia, was charged with opening 20 bank accounts in the name of a sham company, The Mullings Group LLC, to launder millions of dollars generated...
Blog

"Junk gun" ransomware: the cheap new threat to small businesses

What's going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What's "junk gun" ransomware? It's a name coined by Sophos researchers for unsophisticated ransomware that is...
Blog

37 Arrested as Police Smash LabHost International Fraud Network

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information...
Blog

DragonForce Ransomware - What You Need To Know

What's going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to...
Blog

Notorious Nemesis Market Seized by German Police

Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems. Germany's Federal Criminal Police (known as the BKA) has announced that it has seized the infrastructure of Nemesis and taken down its website. At the same time, cryptocurrency...
Blog

Fraudsters Are Posing As The FTC To Scam Consumers

The United States Federal Trade Commission (FTC) has warned the public to be cautious if contacted by people claiming to be... FTC staff. In a warning published on its website, the FTC said that scammers were using its employees' real names to steal money from consumers. A typical ruse will see the bogus FTC staffer advising someone to wire or...
Blog

LockBit affiliate jailed for almost four years after guilty plea

An affiliate of the LockBit ransomware gang has been sentenced to almost four years in jail after earlier pleading guilty to charges of cyber extortion and weapons charges. 34-year-old Mikhail Vasiliev, who has dual Russian and Canadian nationality, was arrested in 2022 as part of a multinational law enforcement investigation into LockBit that...