[ad_1]
Whereas final week was stuffed with arrests and regulation enforcement actions, this week has been a lot quieter, with largely new analysis launched.
Safety corporations launched reviews on the varieties of cryptomixers utilized by ransomware gangs, an in depth report on Conti, and the way Russian ransomware gangs are beginning to work with Chinese language hackers.
Immediately, US regulators additionally ordered banks to report cyber assaults inside 36 hours in the event that they influence their operations, the flexibility to ship banking services, or the US monetary sector’s stability.
Lastly, a Tor negotiation website for the Conti ransomware gang was taken down, seemingly as a result of launch of its IP tackle within the PRODAFT report.
Contributors and those that supplied new ransomware data and tales this week embrace: @DanielGallagher, @fwosar, @struppigel, @FourOctets, @malwrhunterteam, @billtoulas, @Seifreed, @Ionut_Ilascu, @serghei, @jorntvdw, @PolarToffee, @demonslay335, @VK_Intel, @LawrenceAbrams, @malwareforme, @BleepinComputer, @intel_bo7, @_aftrdrk, @thepacketrat, @SophosLabs, @FlashpointIntel, @sucurisecurity, @Intel471Inc, @_CPResearch_, @BrettCallow, @emsisoft, @PRODAFT, @joetidy, @RepMaloney, @siri_urz, @fbgwls245, @pcrisk, @Amigo_A_, and @AdvIntel.
November thirteenth 2021
Ransomware makes use of IRC for negotiations
dnwls0719 discovered a brand new ransomware that appends the .dst extension and expects customers to make use of IRC over Tor to barter.
November 14th 2021
US Schooling Dept urged to spice up Ok-12 colleges’ ransomware defenses
The US Division of Schooling and Division of Homeland Safety (DHS) had been urged this week to extra aggressively strengthen cybersecurity protections at Ok-12 colleges throughout the nation to maintain up with an enormous wave of assaults.
New RansomNow ransomware
Amigo-A discovered a brand new ransomware in our boards referred to as RansomNow that drops the HELP – README TO UNLOCK FILES.txt ransom notice and doesn’t append a brand new extension.
November fifteenth 2021
Moses Workers hackers wreak havoc on Israeli orgs with ransomless encryptions
A brand new hacker group named Moses Workers has just lately claimed accountability for quite a few assaults in opposition to Israeli entities, which seem politically motivated as they don’t make any ransom fee calls for.
New STOP Ransomware variant
PCrisk discovered a brand new STOP ransomware variant that appends the .futm extension.
November sixteenth 2021
These are the cryptomixers hackers use to wash their ransoms
Cryptomixers have all the time been on the epicenter of cybercrime exercise, permitting hackers to “clear” cryptocurrency stolen from victims and making it onerous for regulation enforcement to trace them.
WordPress websites are being hacked in pretend ransomware assaults
A brand new wave of assaults beginning late final week has hacked near 300 WordPress websites to show pretend encryption notices, attempting to trick the location homeowners into paying 0.1 bitcoin for restoration.
Evil Corp: ‘My hunt for the world’s most wished hackers’
Most of the individuals on the FBI’s cyber most wished record are Russian. Whereas some allegedly work for the federal government incomes a traditional wage, others are accused of constructing a fortune from ransomware assaults and on-line theft. In the event that they left Russia they’d be arrested – however at house they look like given free rein.
Forward of Listening to, Committee Releases New Workers Memo on Ransom Assaults on U.S. Corporations
Immediately, Carolyn B. Maloney, Chairwoman of the Committee on Oversight and Reform, launched a supplemental memo offering new insights into how the high-profile ransomware assaults on CNA Monetary Company (CNA), Colonial Pipeline Firm (Colonial), and JBS Meals USA (JBS) unfolded, and the way laws and insurance policies responses could also be developed to counter the specter of ransomware.
New ChiChi Ransomware
dnwls0719 discovered a brand new ransomware that appends the .chichi extension.
New STOP Ransomware variant
PCrisk discovered a brand new STOP ransomware variant that appends the .utjg extension.
November seventeenth 2021
Russian ransomware gangs begin collaborating with Chinese language hackers
?There’s some uncommon exercise brewing on Russian-speaking cybercrime boards, the place hackers seem like reaching out to Chinese language counterparts for collaboration
November 18th 2021
[Conti] Ransomware Group In-Depth Evaluation
PRODAFT Risk Intelligence (PTI) Staff has obtained worthwhile insights on theinner workings of the Conti ransomware group. The PTI crew accessed Conti’s infrastructure and recognized the true IP addresses of the servers in query. This report supplies unprecedented element into the way in which the Conti ransomware gang works, how they choose their targets, what number of targets they’ve breached, and extra.
New Memento ransomware switches to WinRar after failing at encryption
A brand new ransomware group referred to as Memento takes the weird method of locking recordsdata inside password-protected archives after their encryption methodology saved being detected by safety software program.
New HelloKitty variant
S!Ri discovered a brand new HelloKitty ransomware variant that appends the .boombye extension and drops a ransom notice named _read_me_bro.txt.
November nineteenth 2021
US regulators order banks to report cyberattacks inside 36 hours
US federal financial institution regulatory companies have authorised a brand new rule ordering banks to inform their main federal regulators of serious computer-security incidents inside 36 hours.
Emotet botnet comeback orchestrated by Conti ransomware gang
The Emotet botnet is again by fashionable demand, resurrected by its former operator, who was satisfied by members of the Conti ransomware gang.
Conti’s Tor negotiation website briefly shut down by hijack
The Conti Tor negotiation websites had been shut down for roughly 24 hours after the Prodaft report revealed its IP tackle, and regulation enforcement reportedly took the server offline.
That is it for this week! Hope everybody has a pleasant weekend!
[ad_2]
