A Dissatisfied Developer Leaked the LockBit Ransomware Builder to the Public

lockbit ransomware builder

Information security specialists reported that the builder of the well-known encryptor LockBit was published in the public domain. Apparently, LockBit 3.0 was leaked by a dissatisfied developer or a competitor of the group. Let me remind you that the LockBit hack group released version 3.0 of the LockBit malware in June 2022 and at the same time introduced its own …

Read more

North Korean Hackers Attack Small and Medium Businesses with H0lyGh0st Ransomware

North Korean hackers H0lyGh0st

Microsoft spoke about a new group of North Korean hackers H0lyGh0st, which it tracks under the identifier DEV-0530. For about six months, these attackers have been carrying out ransomware attacks on small and medium-sized businesses around the world. Let me remind you that we also reported that IS-specialists Discovered a New Interesting Malware Quantum Lnk Builder, and also that Raspberry …

Read more

WannaFriendMe Ransomware Operators Are Selling the Key for the Internal Currency of the Roblox Game

WannaFriendMe and Roblox ransomware

The unusual WannaFriendMe ransomware was discovered by cybersecurity researchers. The malware does not require a ransom in cryptocurrency, but is selling the decryptor on the Roblox gaming platform using the in-game currency Robux. The well-known information security researcher MalwareHunterTeam was the first to notice the WannaFriendMe malware. Let me remind you that we also reported that SVCReady Malware Loader Uses …

Read more

Hundreds of Elasticsearch Databases Hit by Ransomware Attacks

Elasticsearch databases

According to Secureworks, hackers are attacking poorly protected Elasticsearch databases and have already replaced at least 450 indexes with ransom notes. Let me remind you that recently we also wrote that Experts Found More Than 3.6 million Unprotected MySQL Servers. Attackers extort $620 from their victims for data recovery, that is, the group is demanding $279,000 in total. The researchers …

Read more

Onyx Malware Destroys Large Files Instead of Encrypting Them

Onyx destroys large files

Security researchers warned about an unpleasant feature of the Onyx ransomware (although what kind of malware can have nice features?): the ransomware destroys large files (more than 2 MB in size) instead of encrypting them. Unfortunately, it will not be possible to decrypt the data, even if the victim paid the ransom. Let me remind you that we also wrote …

Read more

Quantum Ransomware Operators Carried Out the Attack in Less Than 4 Hours

Quantum ransomware attack

The Quantum ransomware, first discovered in August 2021, was used in a fast network attack. The attackers used the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remote access and leads to data theft and encryption with Quantum. By the way, our website has instructions on how to remove malware and decrypt files after …

Read more