Tag: extortion
-
‘Everest Group’ Extorts Global Orgs via SAP’s HR Tool
In addition to Coca-Cola, entities in Abu Dhabi, Jordan, Namibia, South Africa, and Switzerland are experiencing extortion attacks, all involving stolen SAP SuccessFactor data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/everest-group-extorts-global-orgs-hr-tool
-
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore
An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware.Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are said to have breached the computer networks of various organizations in the United States and encrypted files with Robbinhood ransomware to demand Bitcoin…
-
Hacker stehlen Coca-Cola-Daten
Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem Datenleck betroffen.Cyberkriminelle behaupten in einem Darknet-Post, mehr als 64 Gigabyte Daten mit 23 Millionen Einträgen von Coca-Cola Europacific Partners gestohlen zu haben. Darunter befinden sich demnach Kundendaten und Kontaktinformationen, Verkaufsfälle und Produktdaten, Lieferadressen und Telefonnummern sowie Bestellnummern und Zusammenfassungen.Der Coca-Cola-Produzent hat sich bisher noch nicht offiziell zu…
-
Iranian pleads guilty to launching Baltimore ransomware attack, faces 30 years behind bars
Sina Gholinejad admitted to using the Robbinhood ransomware variant to extort ransom payments from dozens of victims. First seen on therecord.media Jump to article: therecord.media/iranian-years-decades-guilty-ransomware
-
Cancer Center Pays Patients $11.5M in Double-Extortion Hack
Some Patients Threatened Directly by Hackers; Center to Spend $13.5M on Security. A Seattle cancer center has agreed to pay $11.5 million to settle a proposed class action lawsuit involving a 2023 double-extortion ransomware attack that affected 2.1 million people, with some patients directly threatened by hackers with swatting attacks if they didn’t pay a…
-
Iranian pleads guilty to RobbinHood ransomware attacks, faces 30 years
An Iranian national has pleaded guilty to participating in the Robbinhood ransomware operation, which was used to breach the networks, steal data, and encrypt devices of U.S. cities and organizations in an attempt to extort millions of dollars over a five-year span. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iranian-pleads-guilty-to-robbinhood-ransomware-attacks-faces-30-years/
-
FBI: Silent Ransom Group Adopts Vishing Campaign Against Law Firms
The non-ransomware extortion group has switched up tactics and victimology in a deliberate and focused campaign similar to those of other attackers focused on stealing sensitive data. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/fbi-silent-ransom-group-vishing-law-firms
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack How a Trusted IT Tool Became a Malware Delivery Vector Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts […]…
-
BKA gelingt Schlag gegen Cyberkriminelle
Im Rahen der “Operation Endgame” wurden die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen. BKASicherheitsbehörden ist ein Schlag gegen die weltweite Cyberkriminalität gelungen. Im Laufe dieser Woche seien dank der “Operation Endgame” die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen und die dahinterstehenden Täter identifiziert worden, teilte das Bundeskriminalamt (BKA) mit.Von den insgesamt 37 identifizierten Akteuren werden…
-
19-Year-Old Admits to PowerSchool Data Breach Extortion
A 19-year-old college student faces charges after pleading guilty to cyber extortion targeting PowerSchool, exposing data of 60… First seen on hackread.com Jump to article: hackread.com/19-year-old-admits-powerschool-data-breach-extortion/
-
US teen to plead guilty to extortion attack against PowerSchool
The 19-year-old and a partner first tried to extort an unnamed telco, but failed First seen on theregister.com Jump to article: www.theregister.com/2025/05/21/teenager_extortion_powerschool/
-
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses
A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people. First seen on therecord.media Jump to article: therecord.media/concern-domestic-survivors-breach-london
-
US Teen to Plead Guilty in PowerSchool Extortion Campaign
The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/us-teen-plead-guilty-powerschool/
-
PowerSchool hacker pleads guilty to student data extortion scheme
A 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for not leaking the personal data of millions of students and teachers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/powerschool-hacker-pleads-guilty-to-student-data-extortion-scheme/
-
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
Cybersecurity Observatory of the Unipegaso’s malware lab published a detailed analysis of the Sarcoma ransomware. It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege…
-
Google Reveals Hackers Targeting US Following UK Retailer Attacks
The Google Threat Intelligence Group (GTIG) recently revealed that the well-known hacker collective UNC3944, which also overlaps with the widely publicized Scattered Spider, is a persistent and dynamic cyberthreat. Initially focused on telecommunications for SIM swap operations, UNC3944 has since pivoted to ransomware and data theft extortion tactics since early 2023, casting a wider net…
-
‘Would rather pay bounty than ransom’: Coinbase on $20M extortion attempt
Hackers are demanding a ransom of the same amount: According to the filing, the email communication by the threat actor demanded $20 million in exchange for not publicly disclosing the information. It remains to be seen how threat actors respond to Coinbase refusing to pay the ransom.”Coinbase’s decision to publicly counter-extort with a $20 million…
-
Coinbase flips $20M extortion demand into bounty for info on attackers
The largest cryptocurrency exchange in the U.S. said cybercriminals bribed insiders to steal data on customers, some of whom were duped into handing over crypto assets. First seen on cyberscoop.com Jump to article: cyberscoop.com/coinbase-cyberattack-extortion-counter-reward/
-
Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty
The major data breach of cryptocurrency exchange Coinbase could cost the company as much as $400 million, it told the SEC. However, rather than pay the $20 million extortion demand, Coinbase issued a $20 million bounty on the hackers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/coinbase-says-breach-may-cost-400-million-issues-20-million-bounty/
-
Scattered-Spider mischt den britischen Einzelhandel auf
Check Point Software Technologies analysiert die Hacker-Gruppe Scattered-Spider, die als Teil des Dragonforce-Ransomware-Kartells agiert, das sich zu einer Reihe von Angriffen auf britische Einzelhandelsunternehmen im April und Mai 2025 bekannt hat. Während Dragonforce sich für Erpressung und Datenabfluss verantwortlich erklärte, deuten immer mehr Hinweise darauf hin, dass auch Scattered-Spider eine grundlegende Rolle bei der Durchführung…
-
Researchers Replicate Advanced Tactics and Tools of VanHelsing Ransomware
Cybersecurity researchers at AttackIQ have meticulously emulated the intricate tactics, techniques, and procedures (TTPs) of the VanHelsing ransomware, a potent ransomware-as-a-service (RaaS) operation that surfaced in March 2025. This cyber threat has rapidly gained notoriety within the cybercriminal underworld for its advanced cross-platform capabilities and aggressive double extortion model. VanHelsing targets a wide array of…
-
Coinbase disclosed a data breach after an extortion attempt
Coinbase confirmed rogue contractors stole customer data and demanded a $20M ransom in a breach reported to the SEC. Coinbase said rogue contractors stole data on under 1% of users and demanded $20M; the data breach was disclosed in an SEC filing. On May 11, 2025, the company received a ransom demand from a threat…
-
Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers.”Criminals targeted our customer support agents overseas,” the company said in a statement. “They used cash offers to convince a small group of insiders to copy data in our customer support tools…
-
Coinbase offers $20 million bounty after extortion attempt with stolen data
Cryptocurrency trading platform Coinbase said an attacker tried to extort the company for $20 million over stolen data. “We said no,” Coinbase said, and instead offered that amount as a bounty. First seen on therecord.media Jump to article: therecord.media/coinbase-extortion-attempt-company-offers-20million-reward