Tag Archive for: rumours

BlackCat ransomware site down amidst rumours of law enforcement action

/in


The ALPHV data leak site, along with the Tor negotiation URLs shared with victims in ransom notes, went offline on 7th December and have yet to be restored.

Security researchers, including Yelisey Bohuslavkiy, chief research officer at RedSense, have hinted at a possible law enforcement operation targeting the group.

Bohuslavkiy said admins of other top-tier ransomware groups directly linked to ALPHV, including Royal/BlackSuit, BlackBasta and LockBit, confirmed law enforcement involvement in the takedown.

Despite these rumours, BlackCat’s leadership maintains that “everything will work soon.”

When contacted by BleepingComputer, the ALPHV admin mentioned server repairs, but provided no further details.

ReliaQuest, a security operations centre company, notes that BlackCat’s site has a history of intermittent connectivity issues, although the current outage is among the longest faced by the group.

Notably, no law enforcement agency has officially released information about an operation specifically targeting BlackCat.

ALPHV had previously dismissed the possibility of a takedown effort like the one that targeted the Hive ransomware group in January 2023.

Analysts at ReliaQuest speculate that this disruption could prompt hackers associated with BlackCat to seek new affiliations, or even establish their own ransomware gangs.

“The removal of this group from the ransomware landscape will undoubtedly leave a void, with its operators and affiliates likely moving to other ransomware groups or forming new groups,” said Chris Morgan, senior cyber threat intelligence analyst at ReliaQuest.

The company noted that similar law enforcement actions in the past have resulted in the dispersal of affiliates into new programmes, bringing valuable experience from previous operations.

Who is BlackCat?

BlackCat first appeared in in late 2021 as a ransomware-as-a-service enterprise, offering lucrative payouts of up to 90% of…

Source…

Signal debunks online rumours of zero-day security vulnerability

/in


Over the weekend rumours circulated on social networks of an unpatched security hole in the Signal messaging app that could allow a remote hacker to seize control of your smartphone.

The rumours, which rapidly spread further than the cybersecurity community into the wider public, claimed that the Signal encrypted messaging app contained a flaw related to its “Generate Link Previews” feature that could be exploited by hackers.

As someone once said, a lie can travel halfway around the world before the truth has got its boots on. And the situation is even worse in the 21st century, where anyone has the power to post a claim on Twitter, and watch it be retweeted and reshared thousands and thousands of times before anyone takes the time to ask a difficult question.

Some people did bother to respond to the rumours, asking for more details or a source that would confirm there was an issue. Which seems quite reasonable.  After all, an encrypted messaging app like Signal is used by privacy-conscious folks who want to keep their communications secret.

However, in the threads I saw online, anyone asking for more details of the so-called vulnerability were fobbed off with “I heard it from a trusted source” or vague references to unnamed individuals within the US government.

In short, there were no real details of a zero-day vulnerability having been found in Signal at all.

And the idea that the link preview feature of Signal might be linked to the alleged vulnerability seemed unlikely.

Although it’s true that in the past other messaging apps have been found to reveal a user’s location through preview links, it isn’t the case with Signal.

Signal generates link previews (when the feature is enabled) before the link is sent to the other Signal user – not after.

In other words, disabling “link previews” in Signal (the advice being given in the erroneous warnings posted on social media) only prevents creation of link previews on your device, you are still able to receive them from others.

Earlier today, Signal posted a message on Twitter stating that it had seen no evidence that the vulnerability was real.

It went on to say that it had “checked with people across US Government, since the copy-paste report…

Source…

Crazy cryptomining Cooking Mama rumours spread as game pulled from Nintendo Switch online store

/in

This weekend rumours circulated that the Nintendo Switch video game “Cooking Mama: Cookstar” contained code that would secretly hijack the game console’s processing power to mine for cryptocurrency.

Probably not the kind of think you expect as you attempt to conjour up everything from burritos to Baked Alaska.

Graham Cluley

Google Pixel 3 Release Date & Specification Rumours

/in

  1. Google Pixel 3 Release Date & Specification Rumours  Tech Advisor

  2. Dashboards | Android Developers  Android Developers
  3. Google Maps Go shows up on the Play Store for Go phones, but you can give it a try anyway – Android Police  Android Police

    4. Full coverage

android security news – read more