A recent study revealed that over 15 billion credentials are in circulation via the dark web, representing a 300% increase since 2018. Available information ranges from network access credentials, banking login data, and even streaming services accounts from Netflix. According to research conducted by the cybersecurity firm Digital Shadows, part of the leaked data is even circulating for free. The report warns that the reason that so many account credentials are available online is that people are using non-complex passwords that can be easily brute-forced using hacking tools. Access to corporate networks as an open door for ransomware attacks Among …
As free ransomware decryptor tools begin to enter the market, a wave of fake software that claims to decrypt ransomware-affected files has begun to proliferate. According to a report released by Bleeping Computer on June 5, the creators behind Zorab ransomware released a fake STOP Djvu decryptor. Instead of recovering a victim’s data however, this software appears to encrypt their files further with a second ransomware. When the victim opens one of these tools, the software extracts an executable file called crab.exe. This is the Zorab ransomware itself. Once executed, the tool will encrypt all files present with a .ZRB …
On average, the ransom demanded by cryptocurrency ransomware hackers increased by 200% from 2018 to 2019. According to a report published on June 5 by cybersecurity firm Crypsis Group, the average ransom demanded by cryptocurrency ransomware groups in 2019 reached $115,123. The median ransom, on the other hand, increased by 300% from 2018’s first quarter to the last quarter to 2019, reaching over $21,700. According to Crypsis Group, ransoms have grown as hackers increasingly target enterprises and select victims who are able to pay higher sums. Just yesterday, Cointelegraph reported that ST Engineering Aerospace’s United States subsidiary fell victim to …
ST Engineering Aerospace’s US subsidiary suffered a ransomware attack that managed to extract about 1.5TB of sensitive data from the firm and its partners. According to an article published by The Straits Times on June 6, the Singapore-based company was allegedly attacked by the well-known ransomware gang Maze in March, citing an analysis by cybersecurity firm, Cyfirma. The report details that the data stolen by the criminals is related to contract details with various government, organizations, and airlines across the globe. No additional details were provided on its content. Undetectable for common antiviruses software Cointelegraph had access to an internal …
Malware lab, Emsisoft, released a free decryptor tool on June 4. The tool enables victims to recover files encrypted by Tycoon ransomware attacks without needing to pay the ransom. Researchers from the BlackBerry’s security unit first discovered the ransomware. They stated in TechCrunch that Tycoon uses a Java file format to make it more difficult to detect before deploying its payload that encrypts the files. How does Tycoon work Speaking with Cointelegraph, Brett Callow, threat analyst of Emsisoft, said: “Tycoon is a Java-based, human-operated ransomware that appears to specifically target smaller enterprises and is typically deployed via an attack on …