Suspected BEC gang arrested in Nigeria amid internet fraud crackdown efforts
Nigerian authorities arrested 18 suspects last week in the province of Ogun on internet fraud-related charges, including malware and business email compromise (BEC) attacks, officials told The Record today.
Ransomware gang demands $50 million from computer maker Acer
Taiwanese computer maker Acer has suffered a ransomware attack over the past weekend at the hands of the REvil ransomware gang, which is now demanding a whopping $50 million ransom payment to decrypt the company’s computers and not leak its data on the dark web.
Verkada hacker charged in the US for hacking more than 100 companies
The US Department of Justice has charged today a Swiss national for hacking into more than 100 companies and leaking proprietary data online on their personal website. The hacker, Till (more commonly known as Tillie) Kottmann, 21, of Lucerne, Switzerland, is also the individual who breached cloud-based surveillance firm Verkada earlier this month and leaked security camera footage from some of its customers —including streams from companies like Tesla, Cloudflare, Okta, but also jails, schools, and hospitals.
Russian who tried to hack Tesla last summer pleads guilty
A Russian national who traveled to the US in order to recruit a Tesla employee for a scheme to plant malware on the carmaker’s network pleaded guilty today, abandoning a jury trial that was planned for July this year. The suspect, named Egor Igorevich Kriuchkov, 26, stood accused of working with a Russian cybercrime gang, which tasked him with traveling to the US to recruit one of Tesla’s employees working at the company’s Reno, Nevada gigafactory.
FBI: Cybercrime losses exceeded $4.2 billion in 2020
The Federal Bureau of Investigation has released its yearly internet crime report, and according to the US government, 2020 was a record year for cybercrime operations. According to the 2020 Internet Crime Report [PDF], the FBI said it received 791,790 internet and cybercrime complaints in 2020, more than 69% than the 467,361 reports it received in 2019.
Missed opportunity: Bug in LockBit ransomware allowed free decryptions
A member of the cybercriminal community has discovered and disclosed a bug in the LockBit ransomware that could have been used for free decryptions. The bug impacts LockBit, a ransomware-as-a-service (RaaS) operation that launched in January 2020 and through which the LockBit gang rents access to a version of their ransomware strain.
Teenage Twitter hacker pleads guilty, will serve 3 years in prison
A teenager who was arrested in July and accused of being the “mastermind” behind a high-profile attack involving Twitter agreed to plead guilty on Tuesday to fraud charges in Florida. Graham Ivan Clark, now 18, will serve a three-year prison sentence, followed by three years of probation. The agreement’s six years of total supervision are the maximum allowed under the state’s “youthful offender” laws, though if Clark violates his probation he could face a minimum ten-year sentence in adult prison…
‘I scrounged through the trash heaps… now I’m a millionaire:’ An interview with REvil’s Unknown
An REvil representative that uses the alias “Unknown” talked to Recorded Future expert threat intelligence analyst Dmitry Smilyanets recently about using ransomware as a weapon, staying out of politics, experimenting with new tactics, and much more. The interview was conducted in Russian and translated to English with the help of a professional translator, and has been edited for clarity…
Double extortion is becoming ransomware’s new normal
According to an analysis of data collected by Recorded Future, the number of victims posted to ransomware extortion sites quadrupled from November to December last year, and has remained at high levels in 2021. What started as a novelty at the beginning of last year has grown into an everyday occurrence that ensnares dozens of companies every week. Some studies suggest that this double extortion trend has reached the point where it’s more common than not in ransomware attacks. A report by cybersecurity firm Coveware found that 70% of ransomware attacks in the fourth quarter of 2020 involved the threat to release stolen data, up from 50% in the third quarter….
France’s lead cybercrime investigator on the Egregor arrests, cybercrime
The Record sat down for an email interview with François Beauvois, the Head of the Computer Security Incident Response Team for the French Judicial Police (CSIRT-PJ) and his role in the Egregor arrests.