Perpetrators identifying themselves as the Rhysida group demanded a staggering $2 million from Insomniac – the video game studio behind ‘Spider-Man 2’ – as part of a huge ransomware attack.
Amid an ongoing class-action lawsuit related to a $100-million hack in June, the developer of Atomic Wallet has launched a $1-million bug bounty program aimed at identifying security flaws in its wallet software.
In an announcement on December 18, the development team invited ethical hackers and security experts globally to scrutinize the open-source code for potential vulnerabilities.
White hat hackers who discover the most severe vulnerabilities, defined as those allowing an over-the-internet attack without physical access, installed malware, or social engineering, stand to earn $100,000 under the program.
The bug bounty program is designed to enhance the security of the wallet and minimize the risk of future cyber threats.
The bounty program also offers compensation ranging from $500 to $10,000 for hackers who identify bugs or flaws not meeting the criteria of the most serious vulnerabilities.
The reward depends on the severity of the vulnerability, with $5,000 allocated for a “high-risk” discovery and $10,000 for a “critical-risk” one.
The total bounty pool for all discoveries is set at $1 million.
Konstantin Gladych, founder of Atomic Wallet, expressed confidence in the bug bounty program’s ability to harness global expertise and creativity to bolster cybersecurity.
“Recent events in the blockchain industry have once again reminded us that cybersecurity is a dynamic field, and the best way to stay ahead is by harnessing the creativity and expertise of the global community,” he said.
Atomic Wallet in June this year suffered a $100 million hacking incident.
About 5,500 users of the non-custodial cryptocurrency wallet were affected by the hack which has been linked to the North Korean Lazarus Group.
Two months later, the incident led victims to launch a class action lawsuit against Atomic Wallet for compensation.
According to reports at the time, the claims rest on the company’s inaction to share proper information about…
A week after ransomware group Rhysida published that it had successfully hacked into Insomniac Games and taken information, the group has published over 1.3 million files online for anyone to grab.
The full leak took place on Monday night after the group said that no buyer was willing to pay the $2 million asking price. In total, the data came in at nearly 1.7 terabytes in size.
As far as information leaked in the Insomniac hack, it ranged from game release dates and spoilers for the upcoming Wolverine game to sensitive employee information. According to Cyber Daily, that sensitive information includes internal employee HR documents, tax information, internal company messages, computer information, termination forms, and even passport details.
Also included in the data leak are contracts signed between Sony and Marvel regarding the development and publishing of X-Men games, starting with the aforementioned Wolverine title. The document was signed by both Sony’s Jim Ryan and Marvel’s Isaac Perlmutter, and went into effect as of July 2021.
In a message given to Cyber Daily, the organization said it had intentionally targetted the company, and said that it “knew developers making games like this were an easy target”. They added that it didn’t take much effort to get into the studio’s network for the data.
Insider Gaming has reached out to both Sony and Insomniac Games for comment on the leaks. As of writing, neither party has responded.
CLEVELAND, Ohio — A Russian man on Thursday admitted to his role in the cybergang Trickbot that attacked millions of computers around the world with ransomware, including those in hospitals during the coronavirus pandemic.
Vladmir Dunaev, 40, pleaded guilty in federal court in Cleveland to conspiracy to commit computer fraud and conspiracy to commit bank and wire fraud.
He faces between five and six-and-a-half years in prison when U.S. District Judge Solomon Oliver sentences him. Oliver set a sentencing date for March 20, but said he could move that date up.
Dunaev is the second person to plead guilty in the United States to working for the Russia-based gang, which authorities say stole at least $33 million from Americans and $180 million worldwide.
He worked as a malware developer for the gang, and he was not a high-level planner, authorities said. He helped devise ways for the malware to avoid detection by cybersecurity software programs and developed tools to mine data on hacked computers, among other roles, Assistant U.S. Attorney Dan Riedl said.
Dunaev was arrested in 2021 in South Korea.
The case was prosecuted in Cleveland because some of Trickbot’s victims were in Northeast Ohio, including Avon schools, which lost about $471,000, and a North Canton business that lost about $750,000.
A co-defendant, Alla Witte, was the first Trickbot member to plead guilty in the case and was sentenced in June to two years and three months in prison.
Trickbot and other malware convictions are rare because many of its members live in Russia or other countries that do not have extradition agreements with the United States.
In September, prosecutors in Cleveland and elsewhere charged 14 more members of the gang and its offshoot, Conti. Another gang member was charged in February. None of the 15 has been arrested.
The U.S. Treasury Department and United Kingdom have also issued sanctions, including travel bans and asset freezes, against 18 gang members.
Officials in both countries have said Trickbot has direct ties to Russian intelligence.
The group grew to have as many as 400 members and infected millions of computers across the globe, including in Italy, Australia, Belgium and Canada.
The malware…