This ransomware effort has been recently updated to better evade security. It’s been used more often against Biotech companies recently. Customized versions of MountLocker from Astro Locker and XingLocker are also out there. It’s not reassuring to see the large amount of money going to ransomware, but if you need help making the case of why it’s important to prepare for it, maybe this helps. KREBS STAMOS GROUP RANSOMWHERE 32M PAGETECHCRUNCH CODEĪnd the data itself is useful at getting a handle on what the threats out there are.KREBS STAMOS GROUP RANSOMWHERE 32M PAGETECHCRUNCH HOW TO.KREBS STAMOS GROUP RANSOMWHERE 32M PAGETECHCRUNCH FOR FREE.Ransomware attacks, fueled by COVID-19 pandemic turbulence, have become a major money earner for cybercriminals, with the number of attacks rising in 2020. These file-encrypting attacks have continued largely unabated this year, too. In the last few months alone we’ve witnessed the attack on Colonial Pipeline that forced the company to shut down its systems - and the gasoline supply - to much of the eastern seaboard, the hack on meat supplier JBS that abruptly halted its slaughterhouse operations around the world, and just this month a supply chain attack on IT vendor Kaseya that saw hundreds of downstream victims locked out of their systems. However, while ransomware attacks continue to make headlines, it’s nearly impossible to understand their full impact, nor is it known whether taking certain decisions - such as paying the cybercriminals’ ransom demands - make a difference. Jack Cable, a security architect at Krebs Stamos Group who previously worked for the U.S. Cybersecurity and Infrastructure Agency (CISA), is looking to solve that problem with the launch of a crowdsourced ransom payments tracking website, Ransomwhere. “I was inspired to start Ransomwhere by Katie Nickels’s tweet that no one really knows the full impact of cybercrime, and especially ransomware,” Cable told TechCrunch. ![]() “After seeing that there’s currently no single place for public data on ransomware payments, and given that it’s not hard to track bitcoin transactions, I started hacking it together.” The website keeps a running tally of ransoms paid out to cybercriminals in bitcoin, made possible thanks to the public record-keeping of transactions on the blockchain. As the site is crowdsourced, it incorporates data from self-reported incidents of ransomware attacks, which anyone can submit. However, in order to make sure all reports are legitimate, each submission is required to take a screenshot of the ransomware payment demand, and every case is reviewed manually by Cable himself before being made publicly available. ![]() If an approved report’s authenticity is later called into question, it will be removed from the database. The already-burgeoning database, which doesn’t include any personal or victim-identifying information, is available as a free download for the cybersecurity community and law enforcement officials, which Cable hopes will help give some much-needed public transparency about the current state of the problem. ![]() “As we consider policy proposals to change the state of ransomware economics, we will need data to assess whether these actions are successful,” Cable said. “For law enforcement, as we saw with the Colonial Pipeline hack, law enforcement does have the ability to recover some payments, so it would be great if this can further aid their efforts.”Īt the time of writing, the site is tracking a total of more than $32 million in ransom payments for 2021. The bulk of these payments have been made to the REvil, the Russia-linked ransomware gang that took credit for the JBS and Kaseya hacks. CD Projekt hit by ransomware attack, refuses to pay ransom.Maze, a notorious ransomware group, says it’s shutting down.Kaseya hack floods hundreds of companies with ransomware.Fujifilm becomes the latest victim of a network-crippling ransomware attack.Are we overestimating the ransomware threat?.The group has racked up more than $11 million in ransom payments this year, according to Ransomwhere, an amount that could increase dramatically if its recent demands for $70 million as part of the Kaseya attack are met. Netwalker, one of the most popular ransomware-as-a-service offerings on the dark web, comes in second with more than $6.3 million in payments for 2021, though Ransomwhere’s tally shows that the group has racked up the most ransom payments in total, with roughly $28 million to its name based on the site’s data.
0 Comments
Leave a Reply. |