Tag Archive for: arrest

U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders

/in


Hive Ransomware

The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation.

It is also giving away an additional $5 million for specifics that could lead to the arrest and/or conviction of any person “conspiring to participate in or attempting to participate in Hive ransomware activity.”

The multi-million-dollar rewards come a little over a year after a coordinated law enforcement effort covertly infiltrated and dismantled the darknet infrastructure associated with the Hive ransomware-as-a-service (RaaS) gang. One person with suspected ties to the group was arrested in Paris in December 2023.

Hive, which emerged in mid-2021, targeted more than 1,500 victims in over 80 countries, netting about $100 million in illegal revenues. In November 2023, Bitdefender revealed that a new ransomware group called Hunters International had acquired the source code and infrastructure from Hive to kick-start its own efforts.

There is some evidence to suggest that the threat actors associated with Hunters International are likely based in Nigeria, specifically an individual named Olowo Kehinde, per information gathered by Netenrich security researcher Rakesh Krishnan, although it could also be a fake persona adopted by the actors to cover up their true origins.

Blockchain analytics firm Chainalysis, in its 2023 review published last week, estimated that ransomware crews raked in $1.1 billion in extorted cryptocurrency payments from victims last year, compared to $567 million in 2022, all but confirming that ransomware rebounded in 2023 following a relative drop off in 2022.

“2023 marks a major comeback for ransomware, with record-breaking payments and a substantial increase in the scope and complexity of attacks — a significant reversal from the decline observed in 2022,” it said.

Cybersecurity

The decline in ransomware activity in 2022 has been deemed a statistical aberration, with the downturn attributed to the Russo-Ukrainian war and the disruption of Hive. What’s more, the total number of victims posted on data leak sites in 2023 was 4,496, up from 3,048 in 2021 and 2,670 in 2022.

Palo Alto Networks Unit…

Source…

Ukrainian Police Arrest Cryptojacking Hacker

/in


The Ukrainian National Police said on Friday that they had arrested a hacker in the southern city of Mykolaiv in connection with a sophisticated scheme to hijack cloud computers to mine cryptocurrencies, a ploy known as “cryptojacking.”

Ukraine HackerUkrainian police seized electronic devices, SIM and bank card from the suspected hacker. (Photo: Національна поліція України, License)Over the last two years, the 29-year-old suspect allegedly managed to mine nearly US$2 million in cryptocurrencies. The authorities did not release either the suspect’s name or the name of the U.S. company whose server was allegedly misused.

The suspect is accused of infecting that server with malware, known as a “miner virus” — malicious software that steals a computer’s resources to generate cryptocurrency, allowing the hacker to steal money and transfer it to controlled electronic wallets.

According to the police, the suspect hacked 1,500 accounts belonging to the unnamed company’s clients, using a technique known as brute force—self-developed software for automatic password selection.

He then used the compromised accounts to gain access to the cloud computing provider, secretly infecting the company’s server with the malicious software.

The suspect used its computational power to mine cryptocurrencies, allowing him to avoid paying for server time and power.

The stolen computer time typically cost more than the profits mined, so that compromised account holders were left with substantial cloud bills.

During the search of the suspect’s home, the police seized “computer equipment, bank and SIM cards, electronic media, and other evidence of illegal activity.”

The investigation into the case continues, with authorities targeting potential accomplices of the suspect and examining his possible connections with a pro-Russian hacker group, according to Ukrainian police.

Europol, the European Union Agency for Law Enforcement Cooperation, which supported the operation, said that the arrest followed “months of intensive collaboration between Ukrainian authorities, Europol and a cloud provider, who worked tirelessly to identify and locate the individual behind the…

Source…

Chinese authorities arrest four in ransomware case involving ChatGPT

/in


Four alleged cyberattackers have been arrested in mainland China for developing ransomware with the help of ChatGPT, the first case of its sort in the country.

The South China Morning Post reported Friday that the suspects were arrested in November following a ransomware attack on an unidentified company in Zhenjiang Province, just south of Shanghai. The ransomware attack reportedly blocked the company’s systems with a ransom of 20,000 Tether ($20,000) demanded to restore access.

Upon arrest, the four accused admitted to “writing versions of ransomware, optimizing the program with the help of ChatGPT, conducting vulnerability scans, gaining access through infiltration, implanting ransomware and carrying out extortion.”

ChatGPT is banned in China, blocked by the country’s firewall and censorship regime because it can discuss verboten topics. The country has at various times announced crackdowns on citizens trying to access the service, but access is only a virtual private network away, be it the government tries to block VPNs as well.

The SCMP notes that it’s not clear whether the accused were charged over illegally accessing ChatGPT. In a separate report, China’s Global Times says that four accused possessed qualifications related to network security and had previous experience working for large-scale internet technology companies. The suggestion is that ChatGPT was simply used as a tool as part of the ransomware operation versus being key to the attack.

The arrests are not the first time ChatGPT has been involved in an arrest in China. A man arrested in Gansu Province in May allegedly generated a fake story about a train crash using ChatGPT.

The fake story alleged that nine construction workers in a city in Gansu had been killed in a train crash, with the story spreading across 25 social media accounts before being intercepted by China’s censorship regime. The man was arrested for concocting false information.

Chinese companies are developing homegrown rivals to ChatGPT. The most notable among them is Baidu Inc., the “Google of China,” which disclosed last week that its Ernie Bot service, revealed in March, has now surpassed more than 100 million…

Source…

Spain’s police report arrest of leader of world’s largest hacking group

/in


(MENAFN) In the coastal city of Alicante, Spanish police have reported the arrest of an individual believed to be one of the leaders of the hacktivist group Kelvin Security.

As reported by Spanish authorities, Kelvin Security has engaged in hacking activities targeting more than 300 organizations across more than 90 countries in the last three years. The group is alleged to have extracted sensitive information, subsequently selling it on the dark web.

The arrested individual, considered the head of finances within Kelvin Security, is accused of being responsible for money laundering related to the proceeds obtained from the group’s hacking operations.

Police assert that the detainee primarily utilized cryptocurrency trading for money laundering purposes. Hailing from Venezuela, the individual faces charges such as belonging to a criminal organization, revealing secrets, as well as money laundering.

Spanish law enforcement notes that Kelvin Security’s most recent cyber-attack targeted an energy company last month, resulting in a significant extraction of confidential information from over 85,000 clients of the company.

The investigation in Spain began in 2021 after Kelvin Security hacked the computer systems of several Spanish entities, including the cities of Getafe, Camas, La Haba, in addition to the regional government of Castille-La Mancha.

MENAFN12122023000045015839ID1107576067


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.

Source…