bitcoin (18)

12282135297?profile=RESIZE_400xThis Fortiguard article in the Ransomware Roundup covers the Knight ransomware.

Knight Ransomware Overview: 
Knight is a relatively new ransomware group that arrived in August 2023. Like many attackers, the gang behind this variant employs double extortion tactics, where the Knight ransomware encrypts files on victims’ machines and exfiltrates data for extortion purposes.

12282123901?profile=RESIZE_400x

The predecessor of Knight, Cyclops, had multi-OS tools for Windows, Linux, and Mac OS. So, while FortiGuard Labs had only loc

12233630458?profile=RESIZE_400xRetch is a new ransomware variant first discovered in mid-August 2023.  It encrypts files on compromised machines and leaves two ransom notes asking victims to pay a ransom for file decryption.

Infection Vector - Information about the infection vector used by the Retch ransomware threat actor is not currently available.  However, it is unlikely to be significantly different from other ransomware groups.[1]  Retch ransomware samples have been submitted to a public file scanning service from the f

12144719480?profile=RESIZE_400xThe co-founder and CEO of Binance, Changpeng Zhao, the world's largest centralized cryptocurrency exchange by trading volume, cleared the FUD (fear, uncertainty, doubt) making rounds online that the crypto empire is dumping Bitcoin to artificially bolster and stabilize the price of its native token Binance Coin (BNB).

Even before the US Securities and Exchange Commission filed 13 charges against Binance.US, Zhao, and other associated businesses, the crypto empire had been the subject of many spe

11035559075?profile=RESIZE_400xAmericans do not have a lot of faith in cryptocurrency.  Around 75% of those familiar with crypto say they are not confident that the current ways to invest in, trade or use cryptocurrency are reliable and safe, according to Pew Research Center’s April 2023 survey of 10,071 people ages 18 and older living in the US.  The survey found that about 18% say they are somewhat confident, but just 6% feel extremely or very confident.  Confidence varies by age as well. The survey found that about 66% of

10970241056?profile=RESIZE_400xUS banks are backing away from crypto companies, concerned by a regulatory crackdown that threatens to sever digital currencies from the real-world financial system.  Banking regulators are raising concerns about banks’ involvement with crypto clients following last year’s blowup of Sam Bankman-Fried’s FTX. The Securities and Exchange Commission is aggressively pursuing the industry’s bigger players in a crackdown that threatens to narrow their reach.  That move has alarmed bankers who don’t wan

10800975091?profile=RESIZE_400xThe Bolshevik Revolution was a rebellion against the banks, the state, the royals, the industrial class, entrepreneurship, and individualism.  The Bolsheviks saw everything as a class struggle wherein the working class (small blockers would say “the pleb”) was innately moral while essentially everyone else was evil due to their class.  Their worldview assumed that all people should be assumed malicious until vetted as an ally, and upon confirmation would typically adopt (typically red) regalia t

10599272298?profile=RESIZE_400xCryptocurrency storage is one of the most important things that investors should consider when joining the burgeoning digital asset market.  Most people investing in this space have little to no knowledge of the existing options.  Crypto exchanges currently hold the larger share of investors’ capital despite the associated risks, including hacking and regulatory pressures from oversight authorities. 

There are two types of crypto wallets; custodial and non-custodial. The former is offered by cen

10151191090?profile=RESIZE_400xThis is a true story and the names and location of the victim's family have been deleted. A crypto account holder was annoyed when his phone would not stop buzzing. It looked like a robocall, so he tried to ignore it. The calls continued and then his wife’s phone also started to ring. When she picked it up, a banner came across, a notification that read, ‘Your account’s in jeopardy.’”  The warning, which he said was a text message, prompted him to pick up his phone. That was when the couple’s ni

10090318471?profile=RESIZE_400xActivity Summary - Week Ending on 11 February 2022:
✓ Red Sky Alliance identified 14,657 connections from new IP’s checking in with our Sinkholes
✓ Amazon IP hit – this time in France
✓ Analysts identified 6,580 new IP addresses participating in various Botnets
✓ Emotet still being Used
✓ ShuckWorm
✓ Dark Herring
✓ LockBit 2.0
✓ VodaFone Attack
✓ $94,000 Bitcoins Seized
✓ Drones used to Attack Networks
✓ CapraRAT and Earth Karkaddan

Link to full report: IR-22-042-001_weekly042.pdf

9966213096?profile=RESIZE_400xWith Bitcoin recently surpassing $50,000.00, crimes involves that e-currency is getting really expensive.  Recently, more than $154 million in funds stolen from Sony Group Corp., based in Tokyo Japan was recovered after an insider allegedly embezzled money and converted it to Bitcoin.  This reported by the US Department of Justice.  The US government has filed a civil action lawsuit in federal court to return the funds to Sony.  Following an investigation by the FBI, authorities allege that Rei

9929276269?profile=RESIZE_400xRansomware is now a primary threat for businesses, and with the past year or so considered the "golden era" for operators, cybersecurity experts believe this criminal enterprise will reach new heights in the future.  These are only a handful of 2021's high-profile victims of threat groups including DarkSide, REvil, and BlackMatter.  According to Kela's analysis of dark web forum activity, the "perfect" prospective ransomware victim in the US will have a minimum annual revenue of $100 million and

9725351877?profile=RESIZE_400xIn 1963, Agent 007 is seen in the movie From Russian with Love battling a secret crime organization known as SPECTRE. Russians Rosa Klebb and Kronsteen are out to grab a decoding device known as the Lektor, using the beautiful Tatiana to lure James Bond into helping them.  Bond willingly travels to meet Tatiana in Istanbul, Turkey where he must rely on his wits to escape with his life in a series of deadly encounters with the enemy.

Sometime fiction is closer to life than we think.  James Bond a

9208836301?profile=RESIZE_400xLast weekend did not start out so nice.  The hacking group behind what media is calling ‘colossal ransomware attack’ has demanded $70m (£50.5m) paid in Bitcoin in return for a "universal decryptor" that it says will unlock the files of all victims.  The Russian associated REvil group is saying its malware, which initially targeted US IT firm Kaseya, has hit one million "systems." 

This number has not been totally verified and the exact total of victims is unknown.  Yet, victims include 500 Swedi

8989703898?profile=RESIZE_400xA new information stealer is going after cryptocurrency wallets and credentials for applications including NordVPN, Telegram, Discord, and Steam.   Panda Stealer malware uses spam emails and the same hard-to-detect fileless distribution method deployed by a recent Phobos ransomware campaign discovered by investigators.

The attack campaign appears to be primarily targeting users in Australia, Germany, Japan, and the United States.  Panda Stealer was discovered by Trend Micro at the beginning of A

8959863057?profile=RESIZE_400xA coalition of government agencies and security firms has released a framework for how to disrupt ransomware attacks that calls for expanded regulation of the global cryptocurrency market to better track the virtual coins paid to cybercriminals during extortion schemes.

On 29 April 2021, the Institute for Security and Technology's Ransomware Task Force published the framework, which features 48 proposals. It calls for a coordinated, international diplomatic and law enforcement effort to combat t

8324519665?profile=RESIZE_400xActivity Summary - Week Ending 23 December 2020:

  • Red Sky Alliance identified 38,232 connections from new unique IP addresses
  • Analysts observed 32 unique email accounts compromised with Keyloggers
  • 1,979 new IP addresses we seen participating in various Botnets
  • JavaScript RAT
  • Hacker Tactics
  • BitGrail
  • com
  • MetaMax
  • E-commerce up 600%
  • Protesters using Bitcoin more and more
  • City of Detroit suing #BLM

Link to full report: IR-20-358-001_eCommerces_358FINAL.pdf

3794386206?profile=RESIZE_710xFBI Flash Bulletin / TLP GREEN

Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019.  Maze encrypts files on an infected computer’s file system and associated network file shares.  Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data.  After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key.  An international

Below is the Executive Summary regarding the recent email bomb threats sent internationally.  Our good friends from Global Guardian shared their threat assessment for situational awareness.

Summary - On 13 December 2018, hundreds of businesses, law enforcement agencies and public services across the United States and Canada received email threats demanding a bitcoin payment of $20,000 in the early afternoon, prompting evacuations, building sweeps and overloading police call centers. What’s more,