Tag: Ransomware

LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

50 GB of Boeing Data Leaked Days After Attack LockBit Ransomware

In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes of sensitive data. The breach came to light on November 15, 2023, as LockBit made good on its threat. They published Boeing’s confidential information after… Continue reading LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked

Boeing Hack Confirmed, LockBit Group Resposible

6 days past the listing on the Darknet site, Boeing confirms the ransomware attack

Boeing, a major aircraft manufacturer and aerospace & defence contractor in the US, has confirmed the ransomware attack. A week before, on October 27, it was listed by LockBit ransomware on their Darknet site. Now, Reuters agency has confirmed that the incident was real. Boeing Hacked by LockBit On October 27, 2023, LockBit cybercrime group… Continue reading Boeing Hack Confirmed, LockBit Group Resposible

Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Octo Tempest stands as one of the most perilous financial hacking groups in the cybersecurity landscape, posing significant threats to organizations worldwide.

Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?

Ragnar Locker Ransomware Shutdown, Infrastructure Seized

RagnarLocker ransomware group have likely faced their Ragnarok, arranged by Europol

On October 19, 2023, a group of international law enforcement orgs claimed the seizure of server infrastructure of the Ragnar ransomware gang. This appears to be a new trend, as it is the third widely-discussed infrastructure seizure over the last 2 months. What is the Ragnar ransomware group? Ragnar a.k.a.Ragnar_Locker or RagnarLocker is a cyber… Continue reading Ragnar Locker Ransomware Shutdown, Infrastructure Seized

Trigona Ransomware Hacked by Ukrainian Cyber Alliance

Hackers rarely expect a threat from other hackers - and that's a pretty hazardous misconception

Trigona ransomware, a novice threat actor active since late 2022, got its servers “exfiltrated and wiped” by Ukrainian Cyber Alliance (UCA). White hat hackers also claim about the backups of Trigona’s network infrastructure being wiped. What is Trigona Ransomware? Trigona is a relatively new ransomware actor, active for around a year at the moment (since… Continue reading Trigona Ransomware Hacked by Ukrainian Cyber Alliance

Redline and Vidar Stealers Switch to Ransomware Delivery

In addition to spreading stealer malware, hackers started to deploy ransomware through the same channels

Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer… Continue reading Redline and Vidar Stealers Switch to Ransomware Delivery

3AM Ransomware Backs Up LockBit In Cyberattacks

LockBit cybercrime group introduced the backup malware for their cyberattacks

Cybersecurity researchers have discovered a new family of ransomware called 3AM. Attackers attempted to use it as an alternative attack method during the failed LockBit deployment. 3AM Ransomware – The Fallback Variant of LockBit According to a recent report, cybersecurity experts have discovered a new type of ransomware known as 3AM. Since this ransomware has… Continue reading 3AM Ransomware Backs Up LockBit In Cyberattacks

Qakbot Botnet Hacked, Removed from Over 700,000 Machines

FBI's Operation 'Duck Hunt' dismantles Qakbot botnet, ending a reign of cyber terror

Qakbot, a notorious botnet, has been taken down by a multinational law enforcement operation spearheaded by the FBI, Operation “Duck Hunt”. The botnet, also called Qbot and Pinkslipbot, that considered one of the largest and longest-running botnets to date. According to conservative estimates, law enforcement officials have linked Qakbot to at least 40 ransomware attacks.… Continue reading Qakbot Botnet Hacked, Removed from Over 700,000 Machines

Conti Members Are Back in Action as Part of Akira Ransomware

Hackers from the extinct Conti ransomware gang now allegedly work for Akira extortion group

Experts are intestigating activity of the ransomware group Akira, which has compromised at least 63 organizations since March 2023, mostly targeting small and medium-sized businesses. Analysts at Arctic Wolf believe that Akira may be backed by several people associated with the ceased Conti group. Conti Hackers Work in Akira Ransomware Group As mentioned above, Akira… Continue reading Conti Members Are Back in Action as Part of Akira Ransomware

FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

FIN8 cybercriminals group using a new type of malware called Noberus to avoid detection.

FIN8, an infamous group of cybercriminals, has updated its backdoor malware to avoid being detected. They made improvements and prepared to release a new type of crimeware called Noberus. This threat actor has returned after inactivity, using a modified version of their Sardonic backdoor to distribute the Noberus ransomware. This is a part of their… Continue reading FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware