Tag Archive for: Web’

Cheap, independently produced ‘Junk Gun’ ransomware infiltrates dark web: Sophos

/in


Sophos, a global leader of innovative security solutions that defeat cyberattacks, recently released a new report titled, “‘Junk Gun’ Ransomware: Peashooters Can Still Pack a Punch,” which offers new insights into an emergent threat in the ransomware landscape.

Since June 2023, Sophos X-Ops has discovered 19 ‘junk gun’ ransomware variants—cheap, independently produced and crudely constructed ransomware variants—on the dark web, reads a press release.

The developers of these junk gun variants are attempting to disrupt the traditional affiliate-based ransomware-as-a-service (RaaS) model that has dominated the ransomware racket for nearly a decade.


The Business Standard Google News
Keep updated, follow The Business Standard’s Google news channel

Instead of selling or buying ransomware to or as an affiliate, attackers are creating and selling unsophisticated ransomware variants for a one-time cost—which other attackers sometimes see as an opportunity to target small and medium-sized businesses (SMBs), and even individuals.

As noted in the Sophos report, the median price for these junk-gun ransomware variants on the dark web was $375, significantly cheaper than some kits for RaaS affiliates, which can cost more than $1,000. The report indicates that cyber attackers have deployed four of these variants in attacks. While the capabilities of junk-gun ransomware vary widely, their biggest selling points are that the ransomware requires little or no supporting infrastructure to operate, and the users aren’t obligated to share their profits with the creators.

Junk gun ransomware discussions are taking place primarily on English-speaking dark web forums aimed at lower-tier criminals, rather than well-established Russian-speaking forums frequented by prominent attacker groups. These new variants offer an attractive way for newer cybercriminals to get started in the ransomware world, and, alongside the advertisements for these cheap ransomware variants, are numerous posts requesting advice and tutorials on how to get started.

To learn more about junk gun ransomware and the latest change in the ransomware ecosystem, read “Junk Gun Ransomware: Peashooters Can Still Pack a Punch” on Sophos.com.

Source…

‘Disable iMessage ASAP’—‘High-Risk’ Alert Issued Over ‘Credible’ iPhone Dark Web Exploit

/in


Trust Wallet, a crypto wallet owned by the crypto exchange Binance, has issued a warning that hackers may be targeting iPhone’s iMessage.

Subscribe now to Forbes’ CryptoAsset & Blockchain Advisor and “uncover blockchain blockbusters poised for 1,000% plus gains” ahead of bitcoin’s looming halving earthquake!

The so-called “zero-day” exploit could allow attackers to steal users information, messages and cryptocurrency—though the exploit itself could be a scam.

Sign up now for the free CryptoCodexA daily five-minute newsletter for traders, investors and the crypto-curious that will get you up to date and keep you ahead of the bitcoin and crypto market bull run

MORE FROM FORBES‘It’s Going To Zero’-Legendary Billionaire Predicts ‘Rapid, Cataclysmic’ U.S. Dollar Collapse And A $5 Trillion Post-Halving Bitcoin Price BoomBy Billy Bambrough

“We have credible intel regarding a high-risk, zero-day exploit targeting iMessage on the dark web,” Trust Wallet’s X account posted. “This can infiltrate your iPhone without clicking any link. High-value targets are likely. Each use raises detection risk.”

So-called zero-day exploits mean the developer, in this case Apple, has no time to fix the vulnerability.

Trust Wallet recommended users take “action to guard against this iMessage exploit,” advising people to “disable iMessage ASAP until Apple patches this.”

However, the hacking software is being sold on a dark web site called CodeBreach Lab for $2 million worth of bitcoin. There is no evidence that it works or that anyone has bought it, as TechCrunch pointed out.

“Threat intel detected an iOS iMessage zero-day exploit for sale in the dark web,” Trust Wallet’s chief executive Eowyn Chen posted to X.

“It is a zero-click exploit to take over control of the phone via iMessages. Its asking price is $2 million. This would make sense for very high value individual targets, as more the zero-day is used, more likely it is caught in the wild by…

Source…

AT&T data breach: Millions of customers caught up in major dark web leak

/in


Manage consent settings on AMP pages

These settings apply to AMP pages only. You may be asked to set these preferences again when you visit non-AMP BBC pages.

The lightweight mobile page you have visited has been built using Google AMP technology.

Strictly necessary data collection

To make our web pages work, we store some limited information on your device without your consent.

Read more about the essential information we store on your device to make our web pages work.

We use local storage to store your consent preferences on your device.

Optional data collection

When you consent to data collection on AMP pages you are consenting to allow us to display personalised ads that are relevant to you when you are outside of the UK.

Read more about how we personalise ads in the BBC and our advertising partners.

You can choose not to receive personalised ads by clicking “Reject data collection and continue” below. Please note that you will still see advertising, but it will not be personalised to you.

You can change these settings by clicking “Ad Choices / Do not sell my info” in the footer at any time.

Source…

Is the IDF weaponizing blockchain? Are cartels paying ransomware on the dark web? #hearsay

/in


Disclosure: The views and opinions expressed here belong solely to the author and do not represent the views and opinions of crypto.news’ editorial.

Welcome to #hearsay, Dorian Batycka’s weekly crypto gossip column. This week’s edition brings you a small dose of dark web cartels, a potential blockchain interface for the Israel Defense Force (IDF), and one NFT collector’s hilarious flex fail.

Every week, crypto.news brings you #hashtag hearsay, a gossip column of scoops and stories shaping the crypto world. If you have a tip, email Dorian Batycka at [email protected]

Question: what if Sam Bankman was actually fried?

That’s the thought that immediately sprang to mind when I learned about a recent exit scam involving one of the world’s largest darknet vendors of illegal drugs.

On March 5, users of the site Incognito Marketplace, a site like Reddit where buyers and sellers can get everything from a gram of weed to kilos of coke, were awakened to a message from one of its administrators, an admin known as Pharaoh.

The message read:

We have accumulated a list of private messages, transaction info and order details over the years. You’ll be surprised at the number of people that relied on our auto-encrypt functionality. And by the way, your messages and transaction IDs were never actually deleted after the expiry.

Anyway, if anything were to leak to law enforcement, I guess nobody never slipped up. We’ll be publishing the entire dump of 557k orders and 862k crypto transaction IDs at the end of May… whether or not you and your customers’ info is on that list is totally up to you. Yes, this is an extortion.

Pharaoh, Incognito Marketplace admin

Holding the site’s BTC and Monero (XMR), Pharaoh stated that vendors on the site would be asked to pay large ransoms, lest they have their data leaked online.

What’s more, Pharaoh also revealed that the “auto-encrypt” button, made available to vendors on the darknet marketplace, actually exposed them to a data breach.

Worries about the Incognito Marketplace began to circulate the week before when users were unable to withdraw BTC and Monero (a privacy-focused cryptocurrency) from the platform.

Source…