APT28 Attacked Ukrainian and Polish Organizations

Recorded Future, in collaboration with CERT-UA researchers, has unveiled a recent cyber offensive orchestrated by Russian-speaking hackers affiliated with the APT28 Group (also known as Fancy Bear, BlueDelta, Sednit, and Sofacy). Their target: Roundcube mail servers of various Ukrainian organizations, including government entities. As a reminder, we previously reported on the divergence of hacker groups,… Continue reading APT28 Attacked Ukrainian and Polish Organizations

BlackMatter ransomware attacks companies with revenues above $100 million

Recorded Future analysts have discovered a new hack group accompanying the BlackMatter ransomware that attacks large companies and combines the “best” features of the now defunct DarkSide and REvil. Researchers say the group is currently recruiting “partners” through announcements on hacker forums Exploit and XSS. Although any advertising related to ransomware has been banned on… Continue reading BlackMatter ransomware attacks companies with revenues above $100 million

FonixCrypter ransomware stopped working and published a key to decrypt data

The authors of the FonixCrypter ransomware announced that they had removed the source code of their malware and after this FonixCrypter stopped working. Along with this statement, they published a tool for decrypting files, instructions for it and a master key for malware. Therefore, former victims of the ransomware can now recover their data for… Continue reading FonixCrypter ransomware stopped working and published a key to decrypt data