Last weekend, unknown hackers managed to break into the mail server of the Federal Bureau of Investigation (FBI). Hackers used the access to send letters that imitated FBI alerts about cyberattacks and data theft. Spamhaus, a non-profit spam-tracking organization, reported that such emails were delivered to tens of thousands of recipients in two waves. At… Continue reading Hackers broke into FBI mail server and sent fake cyberattack alerts
Tag: Darknet
Operators of the BlackMatter ransomware announced the termination of activity
The hackers behind the BlackMatter ransomware the termination of activity experiencing pressure from local authorities. The group announced it was “shutting down” on November 1, 2021, in the backend part of its darknet site, which is usually used by attackers’ partners. Representatives of the group did not explain what kind of pressure they are talking… Continue reading Operators of the BlackMatter ransomware announced the termination of activity
Free decryptor for BlackByte ransomware published
Experts from Trustwave have released a free decryptor utility for victims of the BlackByte ransomware that they can use to recover damaged files. The decryptor already available on GitHub works thanks to the exploitation of a bug in the ransomware code. The researchers published a detailed technical analysis of the malware in two parts, in… Continue reading Free decryptor for BlackByte ransomware published
Facebook explained reasons for the global failure
Yesterday, Facebook, Instagram and WhatsApp did not work for more than five hours around the world and after fixing the problems, representatives of the social network explained the reasons for the global outage. The failure was caused by a BGP routing issue. Currently, all services are already operating normally. Amid problems with access, rumours of… Continue reading Facebook explained reasons for the global failure
Added utility for decrypting data after REvil attacks
The Romanian company Bitdefender has published a universal utility for decrypting data affected by REvil (Sodinokibi) ransomware attacks. The tool works for any data encrypted before July 13, 2021. However, the company has so far refused to provide any details, citing an ongoing investigation. Let me remind you that on July 13 of this year… Continue reading Added utility for decrypting data after REvil attacks
REvil ransomware resumed attacks
Last week, the infrastructure of REvil (Sodinokibi) returned online after months of downtime, and now the ransomware has resumed attacks. The fact is that in July 2021, the hack group went offline without giving any reason. Then it was a question of shutting down an entire network of conventional and darknet sites that were used… Continue reading REvil ransomware resumed attacks
US authorities accused Ukrainian citizen of running a brute force botnet
The US authorities accused the Ukrainian citizen of hacking: namely, they reported that 28-year-old Ukrainian citizen Gleb Ivanov-Tolpintsev had been extradited from Poland and accused of selling access to hacked computer systems through a specialized darknet marketplace. According to court documents, the suspect had been running a botnet for more than four years, which he… Continue reading US authorities accused Ukrainian citizen of running a brute force botnet
Servers of the hack group REvil are back online
In July 2021, the infrastructure of REvil (Sodinokibi) was turned off without explanation, but now the information security specialists have noticed that the REvil servers are back online. It was about a whole network of conventional and darknet sites that were used to negotiate a ransom, leak data stolen from victims, as well as the… Continue reading Servers of the hack group REvil are back online
Clop ransomware continues to work even after a series of arrests
The media reported that Clop ransomware continues to work: its operators have again begun posting data stolen from victims on their website. The fact is that last week, as a result of a joint operation carried out with the assistance and coordination of Interpol by the law enforcement agencies of Ukraine, South Korea and the… Continue reading Clop ransomware continues to work even after a series of arrests
Cyber police of Ukraine arrested persons linked with the Clop ransomware
As a result of a joint operation carried out with the assistance and coordination of Interpol by law enforcement agencies and the cyber police of Ukraine, South Korea and the United States, six suspects linked with the notorious Clip ransomware were arrested. Sources close to the investigation told The Record that South Korean police launched… Continue reading Cyber police of Ukraine arrested persons linked with the Clop ransomware