TrickBot Hack Group Systematically Attacks Ukraine

IBM Security X-Force experts noticed that from the very beginning of the full-scale Russian invasion, the TrickBot hack group “systematically attacks” Ukraine, which has not been observed before. It is believed that from mid-April to June 2022, hackers have already organized at least six such phishing campaigns. Let me remind you that the TrickBot hack… Continue reading TrickBot Hack Group Systematically Attacks Ukraine

Conti’s blockchain plans: an ominous prospect

Conti's blockchain plans: an ominous prospect

Earlier this year, on February 22, Conti’s gang became popular because of published Twitter information from an account called “Conti Leaks”. Thanks to the published information, the cyber security community was able to analyze the activities of the gang and its complicated cases. So we were able to learn that the group’s goal was to… Continue reading Conti’s blockchain plans: an ominous prospect

Conti vs. LockBit 2.0 – a Trend Micro Research in Brief

Trend Micro, a Japanese IT security company, has published a thorough comparison of behaviors of two major ransomware groups: Conti and LockBit 2.0. Here you can read a shorter summary of what they found out. Conti and LockBit 2.0 are outstanding operators regarding how many targets they managed to attack. The period analyzed is from… Continue reading Conti vs. LockBit 2.0 – a Trend Micro Research in Brief

Conti Ransomware Shutdown, Site Disabled

Conti operators shut down the remnants of the public infrastructure. Two servers on the Tor network that were used to publish victims’ data and negotiate ransoms are down. The Conti News website’s admin panel and the stolen information storage were closed a month ago, and the list of non-payers has not been updated all this… Continue reading Conti Ransomware Shutdown, Site Disabled

NCC Group’s May 2022 Threat Report Reflects Conti’s End

Image: NCC Group.

NCC Group’s monthly report on cyber threats features some curious news, namely the alleged closure of ransomware group Conti and the strengthening of the Lockbit 2.0 gang. Conti, a notorious Russian ransomware gang responsible for the attack on Irish medical institutions last year, is believed to be disbanded after the internal correspondence of the gang… Continue reading NCC Group’s May 2022 Threat Report Reflects Conti’s End

War in Ukraine triggered a Stream of amateurish ransomware

Ransomware, Ransomware attacks, Conti, LockBit

Russia has provoked hackers around the world to focus their attacks on the servers of the largest companies, TV channels, banks, and government agencies. According to the statistics given by ESET, Russia has entered the list of the most attacked countries, which was not relevant earlier. More and more amateur hackers appeared after February, 24… Continue reading War in Ukraine triggered a Stream of amateurish ransomware

The Conti Ransomware Ceases Operations and Breaks Up into Several Groups

Experts report that the Conti ransomware is going out of business, group ceases operations, its infrastructure is disabled, and the group’s leaders have said the brand already does not exist. One of the first to notice the change was Elisey Boguslavsky of Advanced Intel, who tweeted that the group’s internal infrastructure had been shut down.… Continue reading The Conti Ransomware Ceases Operations and Breaks Up into Several Groups

Cybersecurity Experts Analyzed the Methods of a Group of Russian Hackers Wizard Spider

Information security specialists from PRODAFT have published the results of an investigation into the Wizard Spider group, which is allegedly associated with the Grim Spider and Lunar Spider hacker groups. The Wizard Spider group, possibly of Russian origin, manages an infrastructure of “a complex set of sub-commands and groups, controls a huge number of hacked… Continue reading Cybersecurity Experts Analyzed the Methods of a Group of Russian Hackers Wizard Spider

Vulnerability in ransomware can prevent the encryption

Ransomware, REvil, Conti, LokiLocker, LockBit, AvosLocker, Black Basta Ransomware, Vulnerabilities,

Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expert shows this exploit usage on the REvil ransomware sample, but there are half a dozen of ransomware products vulnerable to that thing. The crooks’ weapon… Continue reading Vulnerability in ransomware can prevent the encryption

Experts analysed the conversations of Conti and Hive ransomware groups

Conti, Conti ransomware, Hive ransomware, Ransomware

Analysis of more than 40 chats with victims allowed the specialists to figure out some interesting details about the internal structure and the style of negotiation. Conti and Hive ransomware groups were very active over the last quarter, and the number of their victims grew pretty hard. About Conti and Hive ransomware groups Those two… Continue reading Experts analysed the conversations of Conti and Hive ransomware groups