rEvil

May 18, 2020

This Service Helps Malware Authors Fix Flaws in their Code

This post was originally published on this siteAlmost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. It is not uncommon for crooks who sell malware-as-a-service offerings such as trojan horse programs and botnet […]
October 28, 2020

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

This post was originally published on this siteIn March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of customers globally, including banks, government agencies, airports, casinos, […]
April 5, 2021

Ransom Gangs Emailing Victim Customers for Leverage

This post was originally published on this siteSome of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up. This letter is from the Clop ransomware gang, putting pressure on a recent victim named on Clop’s dark web shaming site. “Good day! If you received this letter, you are a customer, buyer, partner or employee of [victim],” the missive reads. “The company […]
May 14, 2021

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

This post was originally published on this siteThe DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. “Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. “A few hours […]