Tag Archive for: coop

Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

/in


Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop

Pierluigi Paganini
January 01, 2024

The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Coop is one of the largest retail and grocery providers in Sweden, with approximately 800 stores across the country. The stores are co-owned by 3.5 million members in 29 consumer associations. All surplus that is created in the business goes back to the members or is reinvested in the business, which creates a circular cycle.

The Cactus ransomware group claims to have hacked Coop and is threatening to disclose a huge amount of personal information, over 21 thousand directories.

The Cactus ransomware group added Coop to the list of victims on its Tor leak site.

Cactus ransomware operation Coop

Threat actors have published ID cards as proof of hack.

In July 2021, the Swedish supermarket chain Coop was the first company to disclose the impact of the supply chain ransomware attack that hit Kaseya.

The supermarket chain Coop shut down approximately 500 stores as a result of the supply chain ransomware attack that hit the provider Kaseya.

Coop doesn’t use Kesaya software, anyway, it was impacted by the incident because one of their software providers does.

According to BleepingComputer, the impacted provider was the Swedish MSP Visma who manages the payment systems for the supermarket chain.

Visma confirmed they were affected by the Kaseya cyber attack that allowed the REvil ransomware to encrypt their customers’ systems.

The Cactus ransomware operation has been active since March 2023, despite the threat actors use a double-extortion model, their data leak site has yet to be discovered.

Kroll researchers reported that the ransomware strain outstands for the use of encryption to protect the ransomware binary.

Cactus ransomware uses the SoftPerfect Network Scanner (netscan) to look for other targets on the network along with PowerShell commands to enumerate endpoints. The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool.

The Cactus ransomware relies on multiple legitimate…

Source…

Hackers doxxed, Pornhub probs, and Co-op security measures • Graham Cluley

/in



Smashing Security podcast #286: Hackers doxxed, Pornhub probs, and Co-op security measures

Pornhub has a problem, the UK’s Co-op supermarket is accused of big brother tactics, and we take a look at how a security researcher is revealing the true identify of hackers.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.




Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Maria Varmazis – @mvarmazis

Show notes:

Sponsored by:

  • Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
  • Gigamon – Gigamon’s latest report into the state of ransomware.

Follow the show:

Follow the show on Twitter at @SmashinSecurity, on the Smashing Security subreddit, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.


Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.

Follow him on Twitter at @gcluley, or drop him an email.




Source…

Hadoop coop thrown for loop by malware snoop n’ scoop troop? Oh poop – The Register

/in

Hadoop coop thrown for loop by malware snoop n’ scoop troop? Oh poop  The Register

Hadoop databases haven’t been getting much interest from hackers so far, compared to other data silos, but that’s changing, according to a new study. Security …

“malware news” – read more