Tag: ransom
-
Paying Ransom Won’t Help as VECT 2.0 Ransomware Destroys Data Irreversibly
VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide. First seen on hackread.com Jump to article: hackread.com/paying-ransom-vect-2-0-ransomware-destroys-data/
-
Buggy Vect ransomware is effectively a data wiper, researchers find
Due to a bug in the ransomware, affiliates of the Vect Ransomware-as-a-Service operation are irretrievably encrypting victims’ data. >>Victims who pay the ransom … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/vect-ransomware-bug/
-
Vect 2.0 RaaS Expands Attacks Across Windows, Linux, and ESXi
Vect 2.0 Ransomware”‘as”‘a”‘Service (RaaS) operation is rapidly evolving into a multi”‘platform threat that can encrypt Windows, Linux, and VMware ESXi environments across modern hybrid infrastructures. The group runs a classic affiliate model, renting out its ransomware and TOR”‘based infrastructure to partners in exchange for a share of ransom payments. Its operators are strongly suspected to be…
-
Don’t pay Vect a ransom – your data’s likely already wiped out
‘Full recovery is impossible for anyone, including the attacker’ First seen on theregister.com Jump to article: www.theregister.com/2026/04/28/dont_pay_vect_a_ransom/
-
BlackFile actively extorting data-theft victims in retail and hospitality sector
Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands. First seen on cyberscoop.com Jump to article: cyberscoop.com/blackfile-data-theft-extortion-retail-unit-42-rh-isac/
-
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/
-
Ransomware Negotiator Pleads Guilty to BlackCat Scheme
A cautionary tale illustrates why the person negotiating should never be involved with any part of the ransom payment process, experts noted. First seen on darkreading.com Jump to article: www.darkreading.com/insider-threats/ransomware-negotiator-pleads-guilty-blackcat-scheme
-
Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies. First seen on cyberscoop.com Jump to article: cyberscoop.com/digitalmint-ransomware-negotiator-angelo-martino-guilty-plea/
-
Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords
Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million First seen on theregister.com Jump to article: www.theregister.com/2026/04/21/yet_another_ex_ransomware_negotiator_pleads/
-
Seiko USA website defaced as hacker claims customer data theft
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/seiko-usa-website-defaced-as-hacker-claims-customer-data-theft/
-
Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand
Vercel confirms a security incident after a threat actor claims internal access and demands a $2M ransom, raising concerns about API keys, CI/CD pipelines, and cloud security. The post Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-vercel-security-incident-ransom-claims/
-
Hacker group threatens to release Grand Theft Auto VI data in Rockstar Games attack
The group named ShinyHunters have accessed a third party server and have given the company a deadline of 14 April to enter ransom negotiations Rockstar Games, the studio behind Grand Theft Auto, has been the target of a cyberattack for the second time in three years. A hacker group called ShinyHunters said it would release…
-
Hackers claim breach of Rockstar Games via cloud analytics platform
The ShinyHunters cybercrime group has claimed responsibility for breaching systems linked to video game developer Rockstar Games, threatening to release stolen data if a ransom is not paid. First seen on therecord.media Jump to article: therecord.media/rockstar-hackers-cyberattack-cloud
-
ShinyHunters Claims Rockstar Games Snowflake Breach via Anodot
ShinyHunters claims access to Rockstar Games Snowflake data via Anodot breach, threatening a data leak on April 14 if ransom demands are not met. First seen on hackread.com Jump to article: hackread.com/shinyhunters-rockstar-games-snowflake-breach-anodot/
-
Threat Actors Get Crafty With Emojis to Escape Detection
When 🤖 means bot available, 🧰 signifies toolkit, or 💰💰💰 translates to big ransom, bad actors can evade filters and keep it all on the down-low. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/emojis-power-covert-threat-actor-communications
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
Tags: access, ai, attack, breach, cisco, data, data-breach, extortion, group, network, ransom, ransomware, saas, supply-chainExtortion boost: The origins and deeper motives of TeamPCP, which emerged in late 2025, remain unclear. The leaking of stolen data suggests it might be styling itself as a sort of initial access broker which sells data and network access on to the highest bidder.However, the fact that stolen data was handed to a major…
-
Akira-Style Ransomware Campaign Hits Windows Users Across South America
A newly identified ransomware campaign is targeting Windows users across South America, leveraging tactics that closely mimic the notorious Akira ransomware group. According to ESET’s findings, the threat actors behind this campaign are attempting to exploit Akira’s reputation by replicating its branding, ransom notes, and dark web infrastructure references. This includes the use of Tor-based…
-
World Leaks data extortion: What you need to know
World Leaks is a cyber extortion operation that steals sensitive data from organizations and threatens to leak it via the dark web if a ransom is not paid. First seen on fortra.com Jump to article: www.fortra.com/blog/world-leaks-data-extortion-what-you-need-know
-
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
A Russian hacker who helped the notorious Yanluowang ransomware gang break into U.S. companies and demand millions of dollars in ransom payments was sentenced to nearly seven years in prison. First seen on therecord.media Jump to article: therecord.media/hacker-russian-ransomware-sentenced-doj
-
North Carolina tech worker found guilty of insider attack netting $2.5M ransom
Cameron Nicholas Curry, also known as “Loot,” stole a trove of corporate data from a D.C.-based tech company as his six-month contract gig came to a close. First seen on cyberscoop.com Jump to article: cyberscoop.com/cameron-curry-insider-attack-washington-tech-company/
-
Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared
Tags: attack, cisco, cve, defense, exploit, firewall, government, group, healthcare, infrastructure, malicious, malware, ransom, ransomware, service, software, tool, update, vulnerability, zero-dayCSO that the “week’s head start” he referred to was the gap between the date of the first exploit that Amazon’s later analysis had unearthed and Cisco’s discovery of the bug.Amazon gained insight into the attacker’s infrastructure by using the honeypot to mimic a vulnerable firewall system. This resulted in an attack on the honeypot,…
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat
Most cloud setup errors, 8 out of 10, happen because people slip up, not because code fails.One out of three cloud setups sits empty, ignored by any oversight. A third of online storage spaces get zero attention from monitors.Almost one out of every two hundred storage units on Amazon’s cloud sits open, per a 2024…
-
Salesforce Sounds Alarm Over Fresh Data Extortion Campaign
CRM-Obsessed ShinyHunters Gang Exploits Misconfigured Customer Experience Portals. A prolific and noisy cybercrime gang with a penchant for stealing Salesforce customers’ data and holding it ransom is taking advantage of misconfigured guest accounts meant to provide public access to services meant to remain private, using a Google scanning tool to identify vulnerable accounts. First seen…
-
ShinyHunters Hackers Threaten 400 Firms Over Stolen Salesforce Data
ShinyHunters claims to have stolen data from 400 firms via Salesforce portals and is threatening to leak the information unless ransom demands are paid. First seen on hackread.com Jump to article: hackread.com/shinyhunters-hackers-threat-stolen-salesforce-data/
-
ShinyHunters Leak 2M Records From Dutch Telecom Odido, Claim 21M Stolen
ShinyHunters hackers leak 2 million records from Dutch telecom Odido after ransom refusal, claiming up to 21 million customer records were stolen in the breach. First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-dutch-telecom-odido-data/
-
Cops back Dutch telco Odido after second wave of ShinyHunters leaks
Company refuses to pay ransom as attackers threaten larger daily dumps First seen on theregister.com Jump to article: www.theregister.com/2026/02/27/odido_shinyhunters_leaks/
-
Windows shortcut weaponized in Phorpiex-linked ransomware campaign
Phorpiex as the distribution layer: Forcepoint attributed the email distribution in this campaign to the Phorpiex botnet, also known as Trik. Phorpiex has been operating for more than a decade and is known for maintaining a large global footprint capable of delivering spam at scale. In this campaign, infected systems within the botnet are used…