Europol Busts Major Cybercrime Ring, Arrests Over 100 Online Fraudsters – Tempemail

Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was involved in online fraud, money laundering, drug trafficking, and property crime, netting the gang about €10 million ($11.7 million) in illegal proceeds in just a year. “The suspects defrauded hundreds Continue Reading

Incident response analyst report 2020- Tempemail

 Download full report (PDF) The Incident response analyst report provides insights into incident investigation services conducted by Kaspersky in 2020. We deliver a range of services to help organizations when they are in need: incident response, digital forensics and malware analysis. Data in the report comes from our daily practices Continue Reading

Cybercrime Group Asking Insiders for Help in Planting Ransomware – Tempemail

A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in bitcoins to deploy Black Kingdom ransomware on companies’ networks as part of an insider threat scheme. “The sender tells the employee that if they’re able to deploy ransomware on a company Continue Reading

IT threat evolution Q2 2021- Tempemail

Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools and methodologies: one such example is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be side-loaded by it and an encoded payload, generally dropped from a self-extracting archive. Continue Reading

New Ransomware Gangs — Haron and BlackMatter — Emerge on Cybercrime Forums – Tempemail

Two new ransomware-as-service (RaaS) programs have appeared on the threat radar this month, with one group professing to be a successor to DarkSide and REvil, the two infamous ransomware syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya over the past few months. “The project Continue Reading

Analytical report on DDoS attacks in the second quarter of 2021- Tempemail

News overview In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the active distribution of a new DDoS botnet called Simps — the name under which it introduced itself to owners of infected devices. The malware creators promoted their brainchild on a specially Continue Reading

Dutch Police Arrest Two Hackers Tied to “Fraud Family” Cybercrime Ring – Tempemail

Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what’s known as a “Fraud-as-a-Service” operation. The apprehended suspects, a 24-year-old software engineer, and a 15-year-old boy, Continue Reading

Arrests of members of Tetrade seed groups Grandoreiro and Melcoz- Tempemail

Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz (also known as Mekotio) cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe. Grandoreiro is Continue Reading

REvil ransomware attack against MSPs and its clients around the world- Tempemail

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims have reportedly been compromised through a popular MSP software which led to encryption of their customers. The total number of encrypted businesses could run Continue Reading

Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets – Tempemail

As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets. “Ransomware operators often buy access from independent cybercriminal groups who infiltrate Continue Reading