‘Ransomware attack’ on surveillance firm, hackers demand Rs 2.19 crore for release of confidential data

A Mumbai-based electronic surveillance start-up recently fell victim to an alleged ransomware attack.

Police said the company’s confidential surveillance data, which was in their computer system, had been hacked and encrypted, and that the hackers were demanding Rs 2.19 crore for its release. The hackers had also threatened to sell the data on the black market if the company did not pay up, police added.

The company has lodged a complaint at Rabale MIDC police station, on the basis of which an FIR has been filed and probe is on.

According to the FIR, the company has a office in Navi Mumbai and, at present, due to Covid-19 lockdown, staff is working from home.

On May 17, around noon, the complainant, a staffer with the company, received a call from the firm’s IT engineer stating that something was wrong with the server system and data had been encrypted and was inaccessible, the FIR states.

“We have registered an FIR under relevant sections of the Indian Penal Code and IT Act for extortion and hacking. It looks like the company’s server was hacked from outside the country and our probe is on to get the internet protocol address,” a police officer said.


Australian Hacker Escapes Jail After Posting Confidential Apple Employee Details on Twitter

An Australian man has been find AU$ 5,000 and given an 18-month “recognisance,” after he was found guilty of extracting employee …
mac hacker – read more

Ransomware gang is auctioning off victims’ confidential data

Ransomware gang is auctioning off victims’ confidential data

Enlarge (credit: RichLegg/Getty Images)

Ransomware operators say they’re auctioning off victims’ confidential data in an attempt to put further pressure on them to pay hefty fees for its safe return.

The Happy Blog, a dark Web site maintained by the criminals behind the ransomware known by the names REvil, Sodin, and Sodinokibi, began the online bidding process earlier on Tuesday. Previously, the group published limited details of selected victim data and threatened to air additional confidential material if the owners didn’t pay. Besides stealing the data, the group also encrypts it so that it’s no longer accessible to the owners.

Combining the threat of publishing the data while simultaneously locking it from its rightful owner is designed to increase the chances of a payout. The new tactic furthers the pressure, possibly because previous practices haven’t yielded the desired results. The ransoms demanded are frequently high, sometimes in the millions of dollars. Affected companies have also been loath to encourage further attacks by rewarding the people behind them. Added to that reluctance are new financial pressures caused by the coronavirus pandemic.

Read 5 remaining paragraphs | Comments

Biz & IT – Ars Technica

Google Pushes Confidential Android Security Update to Pixel User – BleepingComputer

Google Pushes Confidential Android Security Update to Pixel User  BleepingComputer

Google has mistakenly sent out a confidential Google-only dogfood build of their upcoming July 2019 security update to a Pixel owner. These builds are meant …

“android security news” – read more