Government Traces Ransomware Payments to Business Address in Moscow

The New York Times writes how the U.S. government has traced ransomware payments to an address in Federation Tower East in Moscow, Russia.

That this high-rise in Moscow’s financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency.

Cuba Ransomware Gang Made $43.9 Million in Ransom Payments

The FBI also said it traced attacks with Cuba ransomware to systems infected with Hancitor. This is a malware operation to access Windows machines.

It is also worth mentioning that Cuba is also one of the ransomware groups that gather and steal sensitive files from compromised companies before encrypting their files. If companies don’t pay, the Cuba group will threaten to dump sensitive files on a website they have been operating on the dark web since January this year.

'REvil' Ransomware Group Taken Down Through Multi-Country Effort

The FBI, working with Cyber Command, the Secret Service, and other countries, took down REvil.

According to three people familiar with the matter, law enforcement and intelligence cyber specialists were able to hack REvil’s computer network infrastructure, obtaining control of at least some of their servers. After websites that the hacker group used to conduct business went offline in July, the main spokesman for the group, who calls himself “Unknown,” vanished from the internet.

Grain Cooperative 'New Cooperative Inc' Hit with BlackMatter Ransomware Attack

Cyber gang BlackMatter has attacked Iowa-based grain cooperative New Cooperative Inc with ransomware, successfully shutting down its systems.

The attack occurred on or around Friday, according to Allan Liska, senior threat analyst at the cybersecurity firm Recorded Future Inc. The ransomware gang, which goes by the name BlackMatter, is demanding a $5.9 million ransom, Liska said.

New Cooperative confirmed that they had been attacked and said they had contacted law enforcement and were working with data security experts to investigate and remediate the situation.

DIY Automation, CarPlay, RAID, and More! — Mac Geek Gab 882

Sometimes the easy way isn’t the fun way, and this week we’ve got lots of do-it-yourself solutions to share from all of you. Listen as John and Dave share your ideas about automation, launch agents, CarPlay, drive arrays and much more. Of course, it wouldn’t be MGG without your two favorite geeks sharing Quick Tips, Cool Stuff Found, and their answers to all your other questions, would it? Listen, learn five new things, and don’t get caught!

JBS USA Pays $11 Million in Ransom After Cyberattack

On Thursday, meat supplier JBS said it paid US$11 million after ransomware attack stopped its operations.

In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.

I wonder if the FBI will recover this ransom as well, like the Colonial Pipeline money.

Fujifilm Fights Ransomware Attack and Works to Restore Servers

Fujifilm was hit by a ransomware attack last week but refuses to pay the ransom. Instead, it’s working to restore its servers with backups.

On 4 June it confirmed a ransomware attack was affecting a “specific network” in Japan and that it shut down “all networks and server systems” while it investigated the “extent and scale” of the attack.

Fujifilm said it would not comment on the amount demanded by the ransomware gang. The company has started bringing its network, servers, and computers in Japan “back into operation” and is aiming to be fully up and running “this week”. It has also restarted some product deliveries, which were particularly hard hit by the cyberattack.

WIN an iPhone 16 Pro Max!