Displaying items by tag: Emsisoft

A second lot of data claimed to be from Optus has been advertised for sale on a Web forum, with 100 sample records being linked to as proof that it is genuine.

The government of Costa Rica has declared a state of emergency after a number of state agencies, including the finance ministry, were hit by the Windows ransomware strain known as Conti.

The FBI has ranked ransomware outside the top six online threats to Americans in terms of cost in a 2021 report, but a ransomware researcher claims this is misleading as most ransomware attacks are not reported.

The same group of attackers that leaked source code for Samsung Galaxy devices earlier this month, is now claiming that it has leaked the source of Microsoft products such as Bing and Cortana and also data about the WebXT compliance engineering projects.

Russian security vendor Kaspersky has denied rumours that the source code of its products have been leaked, with the denial coming in the wake of the leak of source code from Samsung's Galaxy devices.

An affiliate of the NetWalker ransomware group has been extradited from Canada to the US on Thursday, following a January indictment issued by the US Department of Justice that alleged he had been part of a group that used this strain of the malware to attack institutions around the world.

Ransomware attacks on Windows systems in the US during 2021 showed a small dip from the previous year, with 2323 local governments, schools and healthcare providers hit, the security firm Emsisoft reports.

Another Windows ransomware group, BlackMatter, appears to have shut down operations, according to a message sent out by the people behind the group.

A ransomware gang known as Groove is claimed to have been an elaborate hoax meant to deceive the security sector and the media, with even a site backed by a CIA-funded threat intelligence firm falling for the spoof.

Security firm Emsisoft has lost the ability to produce keys that could decrypt files encrypted by the BlackMatter Windows ransomware gang, something it has been doing for a while.

A number of Windows ransomware gangs have reacted to the reported takedown of the REvil gang, with one of them, Darkside, now known as BlackMatter, moving some of the bitcoin it holds, according to a statement from the cryptocurrency tracking firm Elliptic.

The REvil ransomware group was taken offline by intelligence agencies and law enforcement from the US and a number of its allies, the news agency Reuters claims.

A seasoned ransomware threat researcher has warned against taking any of the chatter around the disappearance of the Windows REvil ransomware group for a second time seriously, given that the forums on which these posts have appeared are heavily monitored.

Issues have been identified with a decryptor released by security firm Bitdefender for files encrypted by the REvil ransomware group before it temporarily disappeared on 13 July.

A ransomware gang has warned victims that any data that has been exfiltrated from their networks during attacks would be destroyed were they to contact companies to negotiate ransom payments.

The people behind a new ransomware group, Groove, have threatened to start attacking public sector businesses in Ukraine if the government of that country does not stop extraditing citizens to the US.

The chief technology officer of New Zealand-headquartered Emsisoft, a firm well known for its efforts in helping ransomware victims, has poked fun at the "new 'innovative' ways people will claim to be the next big fix for ransomware".

ANALYSIS Claims that the Colonial Pipeline Company paid US$5 million as a ransom to the group behind the DarkSide Windows ransomware after it was attacked on 7 May need to be taken with a pinch of salt, seeing as the report was an "exclusive" from Bloomberg.

Australian healthcare provider UnitingCare Queensland has identified the Windows ransomware that hit its systems on 25 April as the REvil strain, aka Sodinokibi.

Billions of dollars of damage has been caused by ransomware to both business and home users in the last 12 months, the New Zealand-headquartered security firm Emsisoft says in figures released on Tuesday, adding that the average ransom demand increased by more than 80% during the same period, with a total of US$18 billion (A$23.2 billion) paid in ransoms globally.