In a cybersecurity nightmare, Boeing, a global aerospace and defense titan, has fallen victim to the notorious LockBit ransomware group. It resulted in the exposure of a staggering 50 gigabytes of sensitive data. The breach came to light on November 15, 2023, as LockBit made good on its threat. They published Boeing’s confidential information after… Continue reading LockBit Ransomware Exposes Boeing’s 50GB of Data Leaked
Tag: Ransomware
Boeing Hack Confirmed, LockBit Group Resposible
Boeing, a major aircraft manufacturer and aerospace & defence contractor in the US, has confirmed the ransomware attack. A week before, on October 27, it was listed by LockBit ransomware on their Darknet site. Now, Reuters agency has confirmed that the incident was real. Boeing Hacked by LockBit On October 27, 2023, LockBit cybercrime group… Continue reading Boeing Hack Confirmed, LockBit Group Resposible
Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?
Octo Tempest, a financially-motivated hacking group, has been labeled “one of the most dangerous financial criminal groups” by Microsoft. Known as UNC3944 and 0ktapus, the group has gained attention for bold cyber attacks. What is Octo Tempest Cybercrime Gang? Octo Tempest’s journey into the world of cybercrime is an intriguing one. Only a few months… Continue reading Octo Tempest Threat Actor – The Most Dangerous Cybercrime Gang?
Ragnar Locker Ransomware Shutdown, Infrastructure Seized
On October 19, 2023, a group of international law enforcement orgs claimed the seizure of server infrastructure of the Ragnar ransomware gang. This appears to be a new trend, as it is the third widely-discussed infrastructure seizure over the last 2 months. What is the Ragnar ransomware group? Ragnar a.k.a.Ragnar_Locker or RagnarLocker is a cyber… Continue reading Ragnar Locker Ransomware Shutdown, Infrastructure Seized
Trigona Ransomware Hacked by Ukrainian Cyber Alliance
Trigona ransomware, a novice threat actor active since late 2022, got its servers “exfiltrated and wiped” by Ukrainian Cyber Alliance (UCA). White hat hackers also claim about the backups of Trigona’s network infrastructure being wiped. What is Trigona Ransomware? Trigona is a relatively new ransomware actor, active for around a year at the moment (since… Continue reading Trigona Ransomware Hacked by Ukrainian Cyber Alliance
Redline and Vidar Stealers Switch to Ransomware Delivery
Cybercriminals who stand behind RedLine and Vidar stealers decided to diversify their activity. Now, crooks deploy ransomware, using the same spreading techniques as they used to deliver their spyware. Meanwhile, the process of ransomware enrollment is rather unusual and is full of advanced evasion techniques. What are Redline and Vidar Stealers? RedLine is an infostealer… Continue reading Redline and Vidar Stealers Switch to Ransomware Delivery
3AM Ransomware Backs Up LockBit In Cyberattacks
Cybersecurity researchers have discovered a new family of ransomware called 3AM. Attackers attempted to use it as an alternative attack method during the failed LockBit deployment. 3AM Ransomware – The Fallback Variant of LockBit According to a recent report, cybersecurity experts have discovered a new type of ransomware known as 3AM. Since this ransomware has… Continue reading 3AM Ransomware Backs Up LockBit In Cyberattacks
Qakbot Botnet Hacked, Removed from Over 700,000 Machines
Qakbot, a notorious botnet, has been taken down by a multinational law enforcement operation spearheaded by the FBI, Operation “Duck Hunt”. The botnet, also called Qbot and Pinkslipbot, that considered one of the largest and longest-running botnets to date. According to conservative estimates, law enforcement officials have linked Qakbot to at least 40 ransomware attacks.… Continue reading Qakbot Botnet Hacked, Removed from Over 700,000 Machines
Conti Members Are Back in Action as Part of Akira Ransomware
Experts are intestigating activity of the ransomware group Akira, which has compromised at least 63 organizations since March 2023, mostly targeting small and medium-sized businesses. Analysts at Arctic Wolf believe that Akira may be backed by several people associated with the ceased Conti group. Conti Hackers Work in Akira Ransomware Group As mentioned above, Akira… Continue reading Conti Members Are Back in Action as Part of Akira Ransomware
FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware
FIN8, an infamous group of cybercriminals, has updated its backdoor malware to avoid being detected. They made improvements and prepared to release a new type of crimeware called Noberus. This threat actor has returned after inactivity, using a modified version of their Sardonic backdoor to distribute the Noberus ransomware. This is a part of their… Continue reading FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware