Astro Locker Team is a relatively new ransomware group observed over the past few months. Evidence suggests this group may be a rebranding or spin-off of the Mount Locker ransomware team. Astro Locker Team follows the emerging trend of both encrypting victim’s files as well as threatening to publish them online in order to extort payment. Even companies who are not hit directly by this group risk losing sensitive data if a member of their supply chain hosts/stores sensitive data on the supply ch
First spotted in late 2019, Conti is perhaps the most prolific ransomware gang currently operating in the wild. Conti follows the emerging trend of both encrypting victim’s files as well as threatening to publish them online to extort payment. Even companies who are not hit directly by this group risk losing sensitive data if a member of their supply chain hosts/stores sensitive data on the supply chain network.
While there is limited information surround the Conti threat actors, source
After recently announcing the end of the operation, the administrator of Ziggy ransomware is now pledging to give their ransom generated money back. BleepingComputer says that it appears that this is a planned move since the admin shared the "good news" a little over a week ago but gave no details. Ziggy ransomware ceased operations in early February. In a brief announcement, the administrator of the operation said that they were “sad” about what they did and that they “decided to publish all
Previously, Red Sky Alliance reported on Fancy Bear imposters demanding Bitcoin ransom from a Florida election information website. These actors send various ransom/scam demands using coronavirus-themed domains covidpapers[.]org and coronaxy[.]com. In some cases, they threaten with exposure of allegedly hacked personal files, in other cases, with DDoS attack. They often claim to be Russian government hackers, pretending to be Fancy Bear, Cozy Bear, or Venomous Bear. Their ransom emails typi
Red Sky Alliance analysts detected Fancy Bear impersonators targeting a US county election information website. Their DDoS ransom note claims they will take the site down one day before the election if not paid in Bitcoin. This year we see an uptick of similar impersonation emails claiming to be from Fancy Bear, Lazarus Group, or Armada Collective hackers.
Details: Florida Vote Case
Election support infrastructure being vulnerable to ransomware attacks is widely discussed. But sites going dow
Note: this page contains paid content.
Please, subscribe to get an access.