Researchers noticed that the darknet is discussing exploits as a service

Analysts at Digital Shadows have prepared a report on the exploit market on the darknet – it is noticed that the criminals have come up with an “exploits as a service” scheme. Some cybercriminals have multimillion-dollar budgets to acquire 0-day exploits. The researchers explain that attackers, financially motivated cybercriminals and “government hackers” are rapidly adopting… Continue reading Researchers noticed that the darknet is discussing exploits as a service

Hackers broke into FBI mail server and sent fake cyberattack alerts

Last weekend, unknown hackers managed to broke into the mail server of the Federal Bureau of Investigation (FBI). Hackers used the access to send letters that imitated FBI alerts about cyberattacks and data theft. Spamhaus, a non-profit spam-tracking organization, reported that such emails were delivered to tens of thousands of recipients in two waves. At… Continue reading Hackers broke into FBI mail server and sent fake cyberattack alerts

Operators of the BlackMatter ransomware announced the termination of activity

The hackers behind the BlackMatter ransomware the termination of activity experiencing pressure from local authorities. The group announced it was “shutting down” on November 1, 2021, in the backend part of its darknet site, which is usually used by attackers’ partners. Representatives of the group did not explain what kind of pressure they are talking… Continue reading Operators of the BlackMatter ransomware announced the termination of activity

Free decryptor for BlackByte ransomware published

Experts from Trustwave have released a free decryptor utility for victims of the BlackByte ransomware that they can use to recover damaged files. The decryptor already available on GitHub works thanks to the exploitation of a bug in the ransomware code. The researchers published a detailed technical analysis of the malware in two parts, in… Continue reading Free decryptor for BlackByte ransomware published

Facebook explained reasons for the global failure

Yesterday, Facebook, Instagram and WhatsApp did not work for more than five hours around the world and after fixing the problems, representatives of the social network explained the reasons for the global outage. The failure was caused by a BGP routing issue. Currently, all services are already operating normally. Amid problems with access, rumours of… Continue reading Facebook explained reasons for the global failure

Added utility for decrypting data after REvil attacks

The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However, the company has so far refused to provide any details, citing an ongoing investigation. Let me remind you that on July 13 of this year… Continue reading Added utility for decrypting data after REvil attacks

REvil ransomware resumed attacks

Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group went offline without giving any reason. Then it was a question of shutting down an entire network of conventional and darknet sites that were used… Continue reading REvil ransomware resumed attacks

US authorities accused Ukrainian citizen of running a brute force botnet

The US authorities accused the Ukrainian citizen of hacking: namely, they reported that 28-year-old Ukrainian citizen Gleb Ivanov-Tolpintsev had been extradited from Poland and accused of selling access to hacked computer systems through a specialized darknet marketplace. According to court documents, the suspect had been running a botnet for more than four years, which he… Continue reading US authorities accused Ukrainian citizen of running a brute force botnet

Servers of the hack group REvil are back online

In July 2021, the infrastructure of REvil (Sodinokibi) was turned off without explanation, but now the information security specialists have noticed that the REvil servers are back online. It was about a whole network of conventional and darknet sites that were used to negotiate a ransom, leak data stolen from victims, as well as the… Continue reading Servers of the hack group REvil are back online

Clop ransomware continues to work even after a series of arrests

The media reported that Clop ransomware continues to work: its operators have again begun posting data stolen from victims on their website. The fact is that last week, as a result of a joint operation carried out with the assistance and coordination of Interpol by the law enforcement agencies of Ukraine, South Korea and the… Continue reading Clop ransomware continues to work even after a series of arrests