Professionnels en « coup de pression », ces talents que veulent embaucher les cybercriminels
news.movim.eu / Numerama · Yesterday - 17:22
Des groupes de cybercriminels sont à la recherche de profils capables de trouver des informations, négocier et mettre la pression sur les victimes des cyberattaques, en particulier les grands patrons.
chevron_right
Hackers are carrying out ransomware experiments in developing countries
news.movim.eu / ArsTechnica · Yesterday - 13:26
Enlarge (credit: Getty Images)
Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South America before targeting richer countries that have more sophisticated security methods.
Hackers have adopted a “strategy” of infiltrating systems in the developing world before moving to higher-value targets such as in North America and Europe, according to a report published on Wednesday by cyber security firm Performanta.
“Adversaries are using developing countries as a platform where they can test their malicious programs before the more resourceful countries are targeted,” the company told Banking Risk and Regulation, a service from FT Specialist.
Des hackers extorquent des pédophiles pris au piège d’un simple logiciel malveillant
news.movim.eu / Numerama · 3 days ago - 16:27
Des chercheurs en cybersécurité ont détecté la copie malveillante d'une plateforme connue pour être fréquentée par des pédophiles. Le site clone installait un logiciel malveillant qui demandait une rançon à la cible.
chevron_right
Missouri county declares state of emergency amid suspected ransomware attack
news.movim.eu / ArsTechnica · Tuesday, 2 April - 23:59
Enlarge / Downtown Kansas City, Missouri, which is part of Jackson County. (credit: Eric Rogers )
Jackson County, Missouri, has declared a state of emergency and closed key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable.
"Jackson County has identified significant disruptions within its IT systems, potentially attributable to a ransomware attack," officials wrote Tuesday . "Early indications suggest operational inconsistencies across its digital infrastructure and certain systems have been rendered inoperative while others continue to function as normal."
The systems confirmed inoperable include tax and online property payments, issuance of marriage licenses, and inmate searches. In response, the Assessment, Collection and Recorder of Deeds offices at all county locations are closed until further notice.
chevron_right
Member of LockBit ransomware group sentenced to 4 years in prison
news.movim.eu / ArsTechnica · Thursday, 14 March - 23:15
Enlarge (credit: Getty Images | Charles O'Rear)
A dual Canadian-Russian national has been sentenced to four years in prison for his role in infecting more than 1,000 victims with the LockBit ransomware and then extorting them for tens of millions of dollars.
Mikhail Vasiliev, a 33-year-old who most recently lived in Ontario, Canada, was arrested in November 2022 and charged with conspiring to infect protected computers with ransomware and sending ransom demands to victims. Last month, he pleaded guilty to eight counts of cyber extortion, mischief, and weapons charges.
During an October 2022 raid on Vasiliev’s Bradford, Ontario home, Canadian law enforcement agents found Vasiliev working on a laptop that displayed a login screen to the LockBit control panel, which members used to carry out attacks. The investigators also found a seed phrase credential for a bitcoin wallet address that was linked to a different wallet that had received a payment from a victim that had been infected and extorted by LockBit.
chevron_right
Amid paralyzing ransomware attack, feds probe UnitedHealth’s HIPAA compliance
news.movim.eu / ArsTechnica · Thursday, 14 March - 18:35 · 1 minute
Enlarge (credit: Getty | Bloomberg )
As health systems around the US are still grappling with an unprecedented ransomware attack on the country's largest health care payment processor, the US Department of Health and Human Services is opening an investigation into whether that processor and its parent company, UnitedHealthcare Group, complied with federal rules to protect private patient data.
The attack targeted Change Healthcare, a unit of UnitedHealthcare Group (UHG) that provides financial services to tens of thousands of health care providers around the country, including doctors, dentists, hospitals, and pharmacies. According to an antitrust lawsuit brought against UHG by the Department of Justice in 2022, 50 percent of all medical claims in the US pass through Change Healthcare's electronic data interchange clearinghouse . (The DOJ lost its case to prevent UHG's acquisition of Change Healthcare and last year abandoned plans for an appeal .)
As Ars reported previously , the attack was disclosed on February 21 by UHG's subsidiary, Optum, which now runs Change Healthcare. On February 29, UHG accused the notorious Russian-speaking ransomware gang known both as AlphV and BlackCat of being responsible. According to The Washington Post , the attack involved stealing patient data, encrypting company files, and demanding money to unlock them. The result is a paralysis of claims processing and payments, causing hospitals to run out of cash for payroll and services and preventing patients from getting care and prescriptions. Additionally, the attack is believed to have exposed the health data of millions of US patients.
« On débarque dans cet état de panique », au cœur d’une cyberattaque contre une administration
news.movim.eu / Numerama · Saturday, 9 March - 19:02
Les cyberattaques par ransomware sont particulièrement redoutées compte tenu de leur effet destructeur dans une organisation. Une entreprise de cybersécurité nous raconte de l'intérieur l'attaque contre une collectivité territoriale.
Un gang de pirates fait croire qu’il a été arrêté pour ne pas partager le magot avec les autres hackers
news.movim.eu / Numerama · Friday, 8 March - 08:36
Des hackers du groupe BlackCat ont reçu une rançon d'environ 20 millions d'euros provenant d'une société d'assurance, puis ont disparu avec l'argent pour ne pas avoir à partager les gains avec les autres malfrats.
chevron_right
After collecting $22 million, AlphV ransomware group stages FBI takedown
news.movim.eu / ArsTechnica · Tuesday, 5 March - 22:28
Enlarge (credit: Getty Images )
The ransomware group responsible for hamstringing the prescription drug market for two weeks has suddenly gone dark, just days after receiving a $22 million payment and standing accused of scamming an affiliate out of its share of the loot.
The events involve AlphV, a ransomware group also known as BlackCat. Two weeks ago, it took down Change Healthcare , the biggest US health care payment processor, leaving pharmacies, health care providers, and patients scrambling to fill prescriptions for medicines. On Friday, the bitcoin ledger shows , the group received nearly $22 million in cryptocurrency, stoking suspicions the deposit was payment by Change Healthcare in exchange for AlphV decrypting its data and promising to delete it.
Representatives of Optum, the parent company, declined to say if the company has paid AlphV.
