Tag Archive for: media

US indicts botnet operator | SC Media

/in


Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, was indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.

Aside from leveraging malware to facilitate the exfiltration of credentials and the theft of cash from their victims through infiltrating financial, retail, and payment processing accounts, Lefterov and his co-conspirators also enabled other threat actors to target victims’ networks with ransomware and other malicious payloads by providing botnet access through a hidden virtual network computing server, according to the Justice Department.

Lefterov could be imprisoned for two to 10 years for each of the charges included in his nine-count indictment.

“Protecting Americans in cyber space is a top priority, and we will aggressively pursue anyone, no matter if they’re on U.S. soil or overseas, who believes our population is an easy target,” noted FBI Special Agent Kevin Rojek.

Source…

Round 2: Change Healthcare targeted in second ransomware attack – HealthLeaders Media

/in



Round 2: Change Healthcare targeted in second ransomware attack  HealthLeaders Media

Source…

MarineMax confirms data breach | SC Media

/in


MarineMax has disclosed having employee and customer data stolen from its systems following a cyberattack last month, BleepingComputer reports.

“…[O]ur ongoing investigation has identified that this organization exfiltrated limited data from this environment that includes some customer and employee information, including personally identifiable information,” said the major U.S. global recreational boat, yacht, and superyacht retailer in an updated filing with the U.S. Securities and Exchange Commission.

No additional details regarding the perpetrator of the breach have been provided but the Rhysida ransomware-as-a-service operation already laid claim on the incident, demanding more than $1 million worth of bitcoin as ransom for financial documents and other data, which MarineMax denied.

MarineMax’s confirmation comes nearly a month after Rhysida leaked all of the data it purportedly stole from Chicago-based Lurie Children’s Hospital after it refused to pay the ransom. Sony-owned video game developer Insomniac Games also had 1.67 TB of files exposed by the ransomware gang as a result of not paying the $2 million ransom.

Source…

Hackers steal database of Russian convicts to avenge Navalny’s death – media

/in


After Russian opposition leader Alexei Navalny died in prison, a group of anti-Kremlin hackers gained access to the computer network run by the Federal Penitentiary Service (FSVP of Russia) and claimed they had snatched data on hundreds of thousands of prisoners.

This was reported by CNN, Ukrinform reports.

According to hackers, they got hold of the agency’s database, which contains information on approximately 800,000 Russian prisoners, their families and contacts, including data on prisoners held in the colony where Navalny died on February 16.

Hackers posted a photo of the politician alongside his wife Yulia at a political rally on the penitentiary service’s website.

Read also: Canada expanding Russia sanctions over Navalny’s death

The hackers, who claim to be of various ethnic backgrounds, including Russian expatriates and Ukrainians, are sharing the data “in the hope that somebody can contact them and help understand what happened to Navalny,” a hacker claiming to be involved in the breach told CNN.

An analysis by CNN found several duplicate entries in the database, but it still contains information on hundreds of thousands of people. CNN was able to match several names seen in the snapshots shared by hackers with people currently in a Russian prison as per public records.

The group also gained access to the prison’s online store, where families of convicts can purchase food for them, and changed the prices of some goods to just one ruble. This is evidenced by screenshots and videos published by hackers.

Read also: Defense Ministry developing legislative definition for term ‘cyberwarfare’

The group also posted Navalny’s photo on the store’s website. They sent a warning to the administrators of the prison’s online store not to remove the image and went on to destroy one of the servers when the admins failed to heed to the warning.

The hackers “clearly had full blown access to get it all,” says Tom Hegel, who is principal threat researcher at U.S. cybersecurity company SentinelOne. “The amount of images captured and data provided is quite thorough.”

Read also: Ukraine’s counterintelligence exposes 1,700 attempts at…

Source…