BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown

Threat Score:
55
The Register Security
4 days ago
BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown

Overview

Cyber-crime BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown US cops yank servers, domains, and crypto from the Russia-linked gang - but the crooks remain at large In a display of bureaucratic bravado, US law enforcement agencies say they've “disrupted” the BlackSuit ransomware gang (also known as Royal), freeing millions of dollars in virtual currency from its clutches. On July 24, the US Department of Homeland Security Investigations (HSI) - with help from the FBI,...

Related Articles

5 articles
1

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

The Hacker News 4 hours ago

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.iosaidin a report. ERMAC wasfirst documentedby ThreatFabric in September 2021, detailing its ability to cond

Score
86
Read more
3

ERMAC v3.0 Banking Malware Source Code Exposed via Weak Password ‘changemeplease’

Cybersecurity News 1 hour ago

Researchers at Hunt.io have made a significant discovery in the cybersecurity field by obtaining and analyzing the complete source code of ERMAC V3.0. This advanced Android banking trojan targets over 700 financial applications worldwide. This unique insight into an active malware-as-a-service platform offers a valuable understanding of modern cybercriminal operations and highlights critical vulnerabilities that could assist […]

Score
78
Read more
4

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages

GB Hackers 4 hours ago

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by ReversingLabs’ automatedthreat detectionsystem, highlights critical vulnerabilities in modern software development practices, particularly the r

Score
77
Read more
5

New Gmail Phishing Attack With Weaponized Login Flow Steals Login Credentials

Cybersecurity News 53 minutes ago

A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins with deceptive “New Voice Notification” emails that appear to come from legitimate voicemail services. These emails contain spoofed sender information and feature prominent “Listen to Voicemail” […]

Score
76
Read more