Intel-Ops tracks Phobos ransomware infrastructure attributed to the 8Base group, detailing a RaaS model and affiliates using Smokeloader and SystemBC in intrusions. The report identifies 45 domains, 22 IPs, and 50 samples (33 Smokeloader, 16 SystemBC, 1 Meterp…
Tag: DARK WEB
The wide availability of generative AI will make synthetic identity fraud even easier. Organizations need a multilayered defense to protect themselves.
Source code fire sale, stiffing affiliates — are BlackCat admins intentionally burning their RaaS business to the ground? Experts say something’s up.
The widespread sale of credentials obtained from AI-based gaming platforms and services is a worrying trend in the cyber underworld, as shown by a new analysis by antivirus company Kaspersky. An astounding 3.6 crore credentials, including login and password information, have been stolen and sold on…
More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show.
These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.
“The number of infected devices decreased slightly in mid- and late
Authorities in Germany last week announced the takedown of the cybercrime marketplace ‘Crimemarket’ and the arrest of six people believed to be linked with its operations. Crimemarket, authorities say, was the “biggest illegal, German-speaking online trading platform”, enabling miscreants to trade n…
Pharmacies and hospitals nationwide are experiencing disruptions as a result of ransomware attacks, which leaves patients with difficulties filling prescriptions or obtaining medical care. UnitedHealth Group, a healthcare provider in the United States, announced on Thursday that it had been hacked b…
Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole […]
Have you or anyone near you became a victim of online scamming? This article will introduce you to online scams, how the waves of scammers target their victims and in which ways, and what damage they inflict. This article’s contents are based on AhnLab’s in-house data as well as externally available…
In a shocking development, the notorious BlackCat/ALPHV ransomware gang has stepped forward to claim responsibility for a devastating cyberattack on Optum, a subsidiary of the healthcare giant UnitedHealth Group (UHG). This malicious breach has triggered an ongoing outage that is currently wre…
The digital sphere has witnessed a surge in AI-fueled tax fraud, presenting a grave threat to individuals and organisations alike. Over the past year and a half, the capabilities of artificial intelligence tools have advanced rapidly, outpacing government efforts to curb their malicious applic…
Georgia’s largest county is still repairing damage inflicted on its government a month ago by hackers who shut down office phone lines, left clerks unable to issue vehicle registrations or marriage licenses and threatened to publicly release sensitive data they claimed to have stolen unless official…
A sophisticated threat actor using an MO similar to Scattered Spider is camouflaging itself with convincing impersonation techniques in targeted attacks.
Patchwork APT is an India-based cyber espionage group identified in 2015 but active since 2009, targeting government, defense, and diplomatic entities primarily in South and Southeast Asia, with operations expanding to Europe and North America. It relies on sp…
FortiGuard Labs details Abyss Locker, a ransomware family based on HelloKitty code that exfiltrates data, disables recovery mechanisms, stops security/backup services, and encrypts files on Windows and Linux hosts. The malware adds extensions like “.abyss” or …