Tag Archive for: tied

Ransomware attacks tied to significant increase in cyber insurance claims

/in


Cyberinsurance claims have significantly increased during the first six months of 2023, mostly due to ransomware attacks, according to The Record, a news site by cybersecurity firm Recorded Future.

Almost 20% of cybersecurity incidents involving claims were attributed to ransomware attacks, most of which were linked to the Royal, BlackCat, and LockBit 3.0 ransomware strains, a Coalition report revealed. Average ransomware losses during the first half of 2023 exceeded $365,113, which is the highest on record, while average ransom demands reached $1.62 million, which is 74% higher than the previous year.

While business email compromise claims declined during the first half of the year, funds transfer fraud claims rose by 15% over the same period, yielding losses of below $300,000, which was lower than $410,000 during the same period in 2021.

“The growing sophistication of threat actors and their tactics is a contributing factor in the upward trend in FTF claims severity,” said researchers.

Source…

Blockchain data shows Conti gang tied to Akira and spate of ransomware attacks  

/in


Remnants of the notorious and now defunct Conti ransomware gang have reassembled as Akira, a fast-growing criminal enterprise behind a bevy of recent cyberattacks.

A review of blockchain data reveals that remnants of the once-powerful Conti ransomware group are tied to Akira. The connection is noteworthy, given Conti’s past. Conti, which collapsed in disarray last year, was a ransomware kingpin in 2021, executing 600 successful campaigns that year and generating total revenue of around $2.7 billion in cryptocurrency.

The Conti threat group fell apart shortly after a Ukrainian security researcher infiltrated its infrastructure and leaked screeds of information, including its ransomware encryptor source code and records of internal chats.

Akira’s ascension

A blockchain leger analysis, by Arctic Wolf Labs, uncovered how Akira’s cryptocurrency transactions link former Conti operatives with the newcomer ransomware gang. Akira is believed responsible for 63 attacks since it was first observed in March 2023, according to researchers.

Arctic Wolf researchers Steven Campbell, Akshay Suthar and Connor Belfiore said that, like other threat groups leveraging the ransomware-as-a-service model, Akira exfiltrated data before encrypting victim devices so it could double-extort its targets.

“The group does not insist on a company paying for both decryption assistance and the deletion of data. Instead, Akira offers victims the opportunity to pick and choose what they would like to pay for,” researchers said.

Akira’s ransom demands ranged from $200,000 to over $4 million and if payment is not agreed, the victim’s name and data are published on the group’s leak site. Akira predominantly targeted small to medium-sized businesses, with 53 of the 63 victims named on its site employing less than 1000 employees.

Typical targets

The researchers described Akira as an “opportunistic” ransomware group. “In nearly every incident response case Arctic Wolf investigated, the threat actors claimed that they needed time to review the exfiltrated data to determine a ransom demand.”

The group generally used compromised credentials – presumably bought via illicit online markets – to gain initial…

Source…

Ransomware attack at New York county tied to major cyber gaps

/in



Officials at Suffolk County, New York, have disclosed that significant cybersecurity lapses have brought upon the major ransomware attack last September, which compromised nearly 500,000 residents’ …

Source…

NYC Scion Carter Burden III Says He Was Hoodwinked by Russian Oligarchs Tied to Putin

/in


The scion of a venerable New York family descended from 19th century railroad and shipping tycoon Cornelius Vanderbilt says he was bamboozled by a U.S. private equity firm secretly fronting for a cabal of wealthy Russian oligarchs with direct ties to Vladimir Putin.

A group of financiers that Carter Burden III thought were providing a much-needed financial boost to his successful cloud services provider, Logicworks, were in fact responsible for its eventual collapse, forcing a fire sale for a fraction of the company’s worth, according to a newly filed fraud lawsuit.

What Burden didn’t know, and about which he says he was fed an ongoing string of lies by intermediaries, was that Pamplona Capital Management, the outfit that in 2016 bought a majority stake in Logicworks, was “less than a proper investment fund and more of a shell company” created to invest the personal fortunes of Mikhail Fridman, Petr Aven, German Khan, and Alexey Kuzmichev, according to him. The four oligarchs are all said to be connected to the Kremlin, and at least one has been credibly accused of international money laundering. (None of them are named as defendants in Burden’s suit.)

“For years, Pamplona’s representatives lied to and obscured the truth from Mr. Burden to prevent him from learning the truth,” states the 22-page lawsuit, which was filed in Manhattan Supreme Court on Friday and added to the public docket Saturday morning. “Fights with regulators were conveniently explained away. Concerns from banks and outside investors were swept aside. And questions from Mr. Burden were either deflected or simply falsely answered.”

Unaware of his new business partners’ true identities, Burden’s Logicworks continued to thrive—until Russia invaded Ukraine early last year, the suit says.

Soon, the four oligarchs with whom Burden, 55, had unwittingly gone into business became international pariahs cut off from the global banking system. Suddenly, Burden found his company had become kryptonite to banks, investors, and government regulators, according to his lawsuit.

On Feb. 28, 2022, Fridman, founder of the U.S.-blacklisted Alfa Bank, along with Alfa Bank president Aven— who served as…

Source…