Tag: extortion
-
DOJ: Scattered Spider took $115 million in ransoms, breached a US court system
The Scattered Spider cybercriminal operation was able to extort at least $115 million in a three-year spree that also included the breach of a federal court network, U.S. authorities said in unsealing charges against one suspect. First seen on therecord.media Jump to article: therecord.media/scattered-spider-unsealed-charges-115million-extortion-breached-courts-system
-
Scattered Spider teen cuffed after buying games and meals with extortion bitcoin
Tags: extortionBad opsec First seen on theregister.com Jump to article: www.theregister.com/2025/09/19/scattered_spider_teen_cuffed/
-
Mit Ransomware: Teenager sollen 115 Millionen US-Dollar erbeutet haben
Im Vereinigten Königreich wurden zwei junge Männer verhaftet. Sie sollen als Mitglieder von Scattered Spider unzählige Unternehmen erpresst haben. First seen on golem.de Jump to article: www.golem.de/news/mit-ransomware-teenager-sollen-115-millionen-us-dollar-erbeutet-haben-2509-200260.html
-
Ransomware-Lage verschärft sich drastisch
Zscaler gewährt Einblicke in das globale Ransomware-Ökosystem. JLStockDer jährliche ThreatLabz Ransomware-Report (PDF) von Zscaler hält auch 2025 eher keine guten Nachrichten bereit. Demnach:ist die Zahl der Ransomware-Angriffe im Jahresvergleich um 146 Prozent gestiegen, währendparallel auch die exfiltrierte Datenmenge um 92 Prozent gewachsen ist.Zweitgenannte Entwicklung schreiben die Studienmacher dem Trend zu, dass die Ransomware-Akteure ihren Fokus…
-
Ransomware-Lage verschärft sich drastisch
Zscaler gewährt Einblicke in das globale Ransomware-Ökosystem. JLStockDer jährliche ThreatLabz Ransomware-Report (PDF) von Zscaler hält auch 2025 eher keine guten Nachrichten bereit. Demnach:ist die Zahl der Ransomware-Angriffe im Jahresvergleich um 146 Prozent gestiegen, währendparallel auch die exfiltrierte Datenmenge um 92 Prozent gewachsen ist.Zweitgenannte Entwicklung schreiben die Studienmacher dem Trend zu, dass die Ransomware-Akteure ihren Fokus…
-
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Emerging Yurei Ransomware Claims First Victims
The cybercrime group, named after Japanese ghosts but believed to be from Morocco, uses a modified version of the Prince-Ransomware binary that includes a flaw allowing for partial data recovery. However, an extortion threat remains. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/emerging-yurei-ransomware-claims-first-victims
-
Anthropic Report Shows Bad Actors Abusing Claude in Attacks
A recent report from AI giant Anthropic outlined multiple instances where threat actors abused its Claude LLM in their nefarious activities, including one in which a hacker automated every aspect of a data extortion campaign, from initial reconnaissance to stealing credentials and penetrating networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/anthropic-report-shows-bad-actors-abusing-claude-in-attacks/
-
Anthropic Report Shows Bad Actors Abusing Claude in Attacks
A recent report from AI giant Anthropic outlined multiple instances where threat actors abused its Claude LLM in their nefarious activities, including one in which a hacker automated every aspect of a data extortion campaign, from initial reconnaissance to stealing credentials and penetrating networks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/anthropic-report-shows-bad-actors-abusing-claude-in-attacks/
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
US national charged in Finnish psychotherapy center extortion
Tags: extortionFinnish prosecutors allege that a U.S. national, Daniel Lee Newhard, played a role in extorting the psychotherapy center Vastaamo. Until now the case had centered on Aleksanteri Kivimäki. First seen on therecord.media Jump to article: therecord.media/finland-vastaamo-hack-us-national-charged
-
Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September 5, 2025, this Go-based ransomware employs the ChaCha20 encryption algorithm and PowerShell commands to compromise victim systems, marking another evolution in the ransomware-as-a-service ecosystem. Flow…
-
FBI warns of UNC6040, UNC6395 hackers stealing Salesforce data
The FBI has issued a FLASH alert warning that two threat clusters, tracked as UNC6040 and UNC6395, are compromising organizations’ Salesforce environments to steal data and extort victims. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-unc6040-unc6395-hackers-stealing-salesforce-data/
-
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks.”Both groups have recently been observed targeting organizations’ Salesforce platforms via different initial access mechanisms,” the FBI said.UNC6395 is…
-
Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks
Patch, turn on MFA, and restrict access to trusted networks”¦or else First seen on theregister.com Jump to article: www.theregister.com/2025/09/10/akira_ransomware_abusing_sonicwall/
-
LunaLock Ransomware threatens victims by feeding stolen data to AI models
LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and…
-
LunaLock Ransomware threatens victims by feeding stolen data to AI models
LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and…
-
LunaLock Ransomware threatens victims by feeding stolen data to AI models
LunaLock, a new ransomware gang, introduced a unique cyber extortion technique, threatening to turn stolen art into AI training data. A new ransomware group, named LunaLock, appeared in the threat landscape with a unique cyber extortion technique, threatening to turn stolen art into AI training data. Recently, the LunaLock group targeted the website Artists&Clients and…
-
Für spätere Erpressung: Malware erkennt Pornoseiten und zapft Webcams an
Auf der Suche nach Druckmitteln greifen Cyberkriminelle auf die Webcams ihrer Opfer zu, sobald im Browser ein Porno läuft – mit unangenehmen Folgen. First seen on golem.de Jump to article: www.golem.de/news/fuer-spaetere-erpressung-malware-erkennt-pornoseiten-und-zapft-webcams-an-2509-199783.html
-
Scattered Spider-Linked Group Claims JLR Cyber-Attack
JLR said it is investigating following claims by the actor “Scattered Lapsus$ Hunters” that it had stolen data from the firm and had issued an extortion demand First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scattered-spider-claims-jlr-cyber/
-
It looks like you’re ransoming data. Would you like some help?
AI-powered ransomware, extortion chatbots, vibe hacking “¦ just wait until agents replace affiliates First seen on theregister.com Jump to article: www.theregister.com/2025/09/03/ransomware_ai_abuse/
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
Ransomware-Bande erpresst AWO-Karlsruhe-Land
Die AWO-Karlsruhe-Land wurde Ziel einer Ransomware-Attacke. Laut einem Bericht der Regionalzeitung Badische Neueste Nachrichten (BNN) wurde die Arbeiterwohlfahrt (AWO) Karlsruhe-Land am vergangenen Mittwoch (27. August) Ziel einer Cyberattacke. Demnach sorgte der Angriff zunächst für einen Totalausfall der zentralen IT. Alle betroffenen Systeme seien umgehend isoliert und gesichert worden, heißt es.Um den Vorfall aufzuklären hat die…
-
Event Horizon for Vibe Hacking Draws Closer, Anthropic Warns
Cyber Extortion Campaign Automated Efforts to ‘Unprecedented’ Degree, Says AI Giant. Artificial intelligence giant Anthropic said it’s disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an unprecedented extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations. First seen on…
-
AI-Powered Cybercrime Is Here: Massive Breaches Dark Web Dumps
Cyber threats are escalating fast”, and now AI is making them faster, smarter, and more dangerous than ever. As August 2025 wraps up, here’s what you need to know: ✅ Anthropic reports that cybercriminals are using Claude AI to automate data extortion campaigns, targeting at least 17 organizations. AI is no longer just advising on…
-
Organized and Criminal, Ransomware Gangs Run Up Profits
Tags: access, attack, control, cyber, extortion, group, organized, ransomware, tactics, vulnerability, vulnerability-managementRansomware attacks are rising 49% as cyber gangs evolve into organized criminal enterprises. With over 200 groups operating like corporations, recruiting talent, using RaaS models, and deploying multi-extortion tactics, defenders must strengthen foundational controls, limit vendor access, and prioritize vulnerability management to stay ahead. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/organized-and-criminal-ransomware-gangs-run-up-profits-2/
-
Anthropic Warns of AI-Powered Cybercrime in New Threat Report
Anthropic’s August report reveals hackers, North Korean operatives, and state actors misused its Claude AI for extortion, fraud, and espionage. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-anthropic-warns-ai-powered-cyber-crime/