extortion – SSL and internet security news

Criminal Gang Physically Assaulting People for Their Cryptocurrency

July 18, 2024 infossl

bitcoin, crime, cryptocurrency, extortion, law enforcement, physical security, Security technology, torture, Uncategorized

This is pretty horrific: …a group of men behind a violent crime spree designed to compel victims to hand over access to their cryptocurrency savings. That announcement and the criminal complaint laying out charges against St. Felix focused largely on a single theft of cryptocurrency from an elderly North Carolina couple, whose home St. Felix … Read More “Criminal Gang Physically Assaulting People for Their Cryptocurrency” »

Ransomware Gang Files SEC Complaint

November 17, 2023 infossl

cybersecurity, data breaches, disclosure, extortion, ransomware, Security technology, Uncategorized

A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This is over the top, but is just another example of the extreme pressure ransomware gangs put on companies after seizing their data. Gangs are now going through the … Read More “Ransomware Gang Files SEC Complaint” »

Ransomware Payments Are Down

January 31, 2023 infossl

crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »

Hackers Using Fake Police Data Requests against Tech Companies

April 5, 2022 infossl

courts, extortion, forgery, hacking, police, scams, Security technology, Uncategorized

Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data. Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request … Read More “Hackers Using Fake Police Data Requests against Tech Companies” »

FBI Had the REvil Decryption Key

September 22, 2021 infossl

externalities, extortion, fbi, hacking, ransomware, Security technology, tradecraft, Uncategorized

The Washington Post reports that the FBI had a decryption key for the REvil ransomware, but didn’t pass it along to victims because it would have disrupted an ongoing operation. The key was obtained through access to the servers of the Russia-based criminal gang behind the July attack. Deploying it immediately could have helped the … Read More “FBI Had the REvil Decryption Key” »

Double-Encrypting Ransomware

May 21, 2021 infossl

encryption, extortion, malware, ransomware, Security technology, Uncategorized

This seems to be a new tactic: Emsisoft has identified two distinct tactics. In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B. The other path involves what Emsisoft calls a “side-by-side encryption” attack, in which attacks encrypt some of an organization’s systems with ransomware A and others … Read More “Double-Encrypting Ransomware” »

Reasonably Clever Extortion E-mail Based on Password Theft

July 16, 2018 infossl

extortion, passwords, pornography, Security technology

Imagine you’ve gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it’s for isn’t very valuable. How do you use it? You convince the owners of the password to send you money. I recently saw a spam e-mail that ties the password to a porn … Read More “Reasonably Clever Extortion E-mail Based on Password Theft” »

The Future of Ransomware

May 23, 2017 infossl

backups, extortion, internetofthings, malware, nsa, patching, ransomware, Security technology

Ransomware isn’t new, but it’s increasingly popular and profitable. The concept is simple: Your computer gets infected with a virus that encrypts your files until you pay a ransom. It’s extortion taken to its networked extreme. The criminals provide step-by-step instructions on how to pay, sometimes even offering a help line for victims unsure how … Read More “The Future of Ransomware” »

Hackers Threaten to Erase Apple Customer Data

March 23, 2017 infossl

apple, backups, cloudcomputing, crime, cybercrime, extortion, hacking, Security technology

Turkish hackers are threatening to erase millions of iCloud user accounts unless Apple pays a ransom. This is a weird story, and I’m skeptical of some of the details. Presumably Apple has decided that it’s smarter to spend the money on secure backups and other security measures than to pay the ransom. But we’ll see … Read More “Hackers Threaten to Erase Apple Customer Data” »

Virtual Kidnapping

October 17, 2016 infossl

cellphones, extortion, kidnapping, scams, Security technology

This is a harrowing story of a scam artist that convinced a mother that her daughter had been kidnapped. More stories are here. It’s unclear if these virtual kidnappers use data about their victims, or just call people at random and hope to get lucky. Still, it’s a new criminal use of smartphones and ubiquitous … Read More “Virtual Kidnapping” »