ransom (2)

8157844870?profile=RESIZE_400xPreviously, Red Sky Alliance reported on Fancy Bear imposters demanding Bitcoin ransom from a Florida election information website.  These actors send various ransom/scam demands using coronavirus-themed domains covidpapers[.]org and coronaxy[.]com.  In some cases, they threaten with exposure of allegedly hacked personal files, in other cases, with DDoS attack.  They often claim to be Russian government hackers, pretending to be Fancy Bear, Cozy Bear, or Venomous Bear.   Their ransom emails typi

8088194863?profile=RESIZE_400xRed Sky Alliance analysts detected Fancy Bear impersonators targeting a US county election information website. Their DDoS ransom note claims they will take the site down one day before the election if not paid in Bitcoin. This year we see an uptick of similar impersonation emails claiming to be from Fancy Bear, Lazarus Group, or Armada Collective hackers.

 

Details: Florida Vote Case

Election support infrastructure being vulnerable to ransomware attacks is widely discussed.  But sites going dow