leesacardillo, Author at The News Max

A timeline of the biggest ransomware attacks

leesacardillo — Sat, 06 Jan 2024 23:04:16 +0000

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

The history of technology is riddled with unintended consequences. As William Gibson wrote in Burning Chrome, “…the street finds its own uses for things.” Though Bitcoin may not have been originally conceived as a medium for ransom payments, it’s quickly become a central tool for online criminals.

Ransomware, a category of “,” blocks access to a computer or dark web market web darknet market list network until a ransom is paid. Despite the evolving efforts of governments to and , the attacks keep coming.

Cryptocurrency ransomware payments totaled roughly $350 million in 2020, — an annual increase of over 300% from 2019. And because US companies are legally required to report cyberattacks only if customers’ is compromised, that estimate may be far too conservative.

Read more:

Below, we tally up the damage of some of the highest-profile episodes.

Kaseya (2021)

On July 2, 2021, Kaseya announced its systems had been . Kaseya provides IT solutions for other companies — an ideal target which, in a domino effect, ended up impacting approximately in multiple countries. REvil, a cybercriminal outfit, claimed responsibility for the attack and demanded ransoms ranging from a few thousand dollars to multiple millions, .

It’s unclear how many individual businesses paid up, but REvil demanded from Kaseya. Kaseya declined to pay, opting to cooperate with the FBI and the US Cybersecurity and Infrastructure Agency. On July 21, 2021, Kaseya a universal decryptor key and distributed it to organizations impacted by the attack.

JBS (2021)

On May 31, 2021, JBS USA, one of the largest meat suppliers in the US, a hack that caused it to temporarily halt operations at its five largest US-based plants. The ransomware attack also disrupted the company’s Australia and UK operations. JBS paid the hackers an in Bitcoin to prevent further disruption and limit the impact on grocery stores and restaurants. The the hack to REvil, a sophisticated criminal ring well-known in ransomware attacks.

Colonial Pipeline (2021)

On May 7, 2021, America’s largest “refined products” pipeline after a hacking group called Darkside infiltrated it with ransomware. Colonial Pipeline covers over 5,500 miles and transports more than 100 million gallons of fuel daily. The impact of the attack was significant: In the days that followed, the average price of a gallon of gas in the US increased to more than $3 for as drivers rushed to the pumps.

The pipeline operator said it paid the hackers $4.4 million in cryptocurrency. On June 7, 2021, the DOJ announced it had part of the ransom. US law enforcement officials were able to track the payment and darknet markets links take back $2.3 million using a private key for a cryptocurrency wallet.

Brenntag (2021)

On April 28, 2021, German chemical distributor learned it was the target of a cyberattack by Darkside, which stole 150GB of data that it threatened to leak if ransom demands weren’t met. After negotiating with the criminals, Brenntag ended up negotiating the original ransom of $7.5 million down to , which it paid on May 11.

CNA Financial (2021)

On March 23, 2021, CNA Financial, the commercial insurer in the US, it had “sustained a sophisticated cybersecurity attack.” The attack was by a group called Phoenix, which used ransomware known as Phoenix Locker. CNA Financial eventually paid in May to get the data back. While CNA has been tight-lipped on the details of the negotiation and transaction, but says all of its systems have since been fully restored.

CWT (2020)

On July 31, 2020, US business travel management firm CWT disclosed it had been impacted by a that infected its systems — and that it had paid the ransom. Using ransomware called Ragnar Locker, the assailants claimed to have stolen sensitive corporate files and knocked 30,000 company computers offline.

As a service provider to of S&P 500 companies, the data release could have been disastrous for CWT’s business. As such, the company paid the hackers about $4.5 million on July 28, a few days before Reuters the incident.

University of California at San Francisco (2020)

On June 3, 2020, the University of California at San Francisco that the UCSF School of Medicine’s IT systems had been compromised by a hacking collective called Netwalker on June 1. The medical research institution had been working on a cure for COVID.

Apparently, Netwalker had researched UCFS, hoping to gain insights into its finances. Citing the billions of dollars UCFS reports in annual revenue, Netwalker demanded a $3 million ransom payment. After negotiations, Netwalker the bitcoin equivalent of $1,140,895 to resolve the cyberattack. According to the BBC, Netwalker was also identified as the culprit in at least two other 2020 ransomware attacks targeting universities.

Travelex (2019)

On New Year’s Eve 2019, darknet market markets 2024 London-based foreign currency exchange Travelex was by a ransomware group called Sodinokibi (aka REvil). The attackers made off with 5GB of customer data, including dates of birth, credit card information, and insurance details. Travelex took down its website in 30 countries in an attempt to contain the virus.

In the wake of the ransomware attack, Travelex struggled with customer services. Sodinokibi initially demanded a payment of $6 million (£4.6 million). After negotiations, Travelex paid the cybercriminals (285 BTC at the time, roughly £1.6 million) to get its data back.

WannaCry (2017)

In May 2017, a ransomware called infected computers across the globe by exploiting a vulnerability in Windows PCs. The WannaCry vulnerability was revealed during a massive leak of NSA documents and hacking tools engineered by a group called Shadow Brokers in .

Though the exact number of WannaCry victims remains unknown, around the world were infected. Victims included Spanish telecommunications company Telefónica and thousands of hospitals in the UK. Computer systems in 150 countries were affected by the attack, with a total estimated loss of around $4 billion globally.

The attackers initially demanded to unlock infected computer systems. The demand was later increased to $600 in bitcoin. However, some researchers claim that no one got their data back, even if they met the demands.

WannaCry attacks to this day. In February 2021, the DOJ three North Korean computer programmers for their alleged role in the WannaCry outbreak.

Locky (2016)

Discovered in February 2016, Locky is notable due to the incredibly high number of infection attempts it’s made on computer networks. Attacks typically come in the form of an email with an invoice attached from someone claiming to be a company employee. On February 16, 2016 identified more than 50,000 Locky attacks in one day.

Locky has , but the goal is largely the same: Lock computer files to entice owners to pay a ransom in cryptocurrency in exchange for a decryption tool, which would allow users to regain access to their locked files. The majority of Locky victims have been in the US, and , but Canada and France experienced significant infection rates as well.

TeslaCrypt (2015)

an earlier program called CryptoLocker, the earliest TeslaCrypt samples were circulated in November 2014 but the ransomware was not widely distributed until March of the following year.

TeslaCrypt initially targeted gamers. After infecting a computer, a pop-up would direct a user to pay a for a decryption key to unlock the infected system. report the requested ransoms ranged from $250 to $1000 in Bitcoin. In May 2016, the developers of TeslaCrypt a master decryption key for affected users to unlock their computers.

CryptoWall (2014)

Widespread reports of computer systems infected from the CryptoWall ransomware emerged in 2014. Infected computers were unable to access files — unless the owner paid for access to a decryption program. impacted systems across the globe. The attackers demanded payment in the form of prepaid cards or bitcoin. CryptoWall caused roughly $18 million in damages, . Multiple versions of CryptoWall were released, with each version making the ransomware more difficult to trace and combat.

CryptoLocker (2013)

The first time much of the world heard the term “ransomware” was during 2013’s outbreak. Discovered early in September 2013, CryptoLocker would cripple more than 250,000 computer systems during the following four months. Victims were instructed to send payments in cryptocurrency or money cards to regain access. The ransomware delivered at least to its perpetrators.

A in 2014 succeeded in taking down the Gameover ZeuS botnet, which was a primary distribution method for CryptoLocker. The DOJ indicted Russian hacker Evgeniy Mikhailovich Bogachev, as the botnet’s ringleader. Bogachev is still at large — and darkmarket url the FBI is currently of up to $3 million for information leading to his arrest and/or conviction.

AIDS Trojan/PC Cyborg (1989)

Widely considered the template for all subsequent attacks, the AIDS Trojan (aka PC Cyborg) is the of a ransomware attack. In 1989, more than a decade before the creation of bitcoin, a biologist named Joseph Popp distributed 20,000 floppy disks at the World Health Organization AIDS conference in Stockholm. The floppy disks were labeled “AIDS Information – Introductory Diskettes” and contained a trojan virus that installed itself on MS-DOS systems.

Once the virus was on a computer, it counted the times the computer booted up. Once the computer booted up 90 times, hid all directories and encrypted filenames. An image on the screen from the ‘PC Cyborg Corporation’ directed users to mail $189 to a PO address in Panama. The decryption process was relatively simple, however, and security researchers released a free tool to help victims.

The post A timeline of the biggest ransomware attacks appeared first on The News Max.

Massive dark web bust seizes $6.5 million from 179 alleged drug dealers

leesacardillo — Sat, 06 Jan 2024 22:04:37 +0000

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

The US Justice Department announced the largest dark web bust it has ever helped carry out, seizing more than 1,100 pounds of drugs from 179 alleged online dealers around the world. The US worked with police in Europe to carry out the investigation, seizing more than $6.5 million in cash and virtual currencies.

Operation DisrupTor — named after the frequently used to access the dark web — was led by police in Germany, along with US law enforcement agencies and dark web market list Europol.

The majority of the arrests took place in the US with 121 cases, followed by 42 cases in Germany, eight cases in the Netherlands, dark darknet market 2024 four cases in the United Kingdom, darknet market markets onion address three cases in Austria and one case in Sweden. Police said investigations are still ongoing to identify people behind these dark web accounts.

The for hidden parts of the internet that you can’t easily discover through an online darknet market marketplaces have grown in popularity at an alarming rate and allow drug traffickers to openly advertise and take orders from anywhere in the world,” Rosen said. “The dark net invites criminals into our homes and provides unlimited access to illegal commerce.”

Operation DisrupTor used information from another major darknet market raided in April 2019, FBI Director Christopher Wray said. , one of the largest dark web marketplaces online.

Investigators said they’ve tracked down more than 18,000 listed sales to alleged customers in at least 35 states and in several countries around the world. Wray noted that there’s been a spike in opioid-related overdose deaths during the COVID-19 pandemic and that the FBI will continue investigating dark web drug markets.

“Today’s announcement sends a strong message to criminals selling or dark market onion buying illicit goods on the dark web: the hidden internet is no longer hidden, and your anonymous activity is not anonymous,” Edvardas Sileris, the head of Europol’s European Cybercrime Centre, said in a statement.

The post Massive dark web bust seizes $6.5 million from 179 alleged drug dealers appeared first on The News Max.

Wife freed while husband jailed pending trial for Bitcoin laundering

leesacardillo — Sat, 06 Jan 2024 19:04:28 +0000

An alleged fraudster dubbed The Crocodile of Wall Street over claims she laundered $4.5 billion in has been freed on bail – but her husband has been ordered to stay in jail.

Heather Morgan was freed by a judge Monday, best darknet markets pending trial by a federal court.

But her husband Ilya Lichtenstein remains behind bars due to prosecutors’ fears that he could seek immunity in , where he is also a citizen.

Judge Beryl Howell said on Monday that 31-year-old Morgan, referred as ‘Razzlekahn’ due to her rapping background, was no longer held in custody after the government deemed that she wasn’t as involved in the planning of the alleged crimes as her 34-year-ld husband, Ilya Lichtenstein, who was largely in control of the funds.

The judge also considered Morgan’s health issues as a factor, after she had recently had surgery to remove a lump in her breast.

With follow-up appointments expected, she will be closely monitored with an ankle bracelet GPS monitor while she is under house arrest.

Morgan has also been given restrictions on computer use, and a ban on carrying out cryptocurrency transactions.

The defense told the court that both defendants would guarantee to appear for all remaining court dates, and pointed out that both of their families, who were in court, were willing to bet their homes on it.

However, Howell finally ruled that there would be a significant ‘flight risk’ for Lichtenstein and agreed with federal prosecutors who insisted that just a portion of the millions in cryptocurrency that the couple stole could buy a new house or ‘buy each of their parents a private island.’

The judge also shared her concerns that Lichtenstein, who is a dual citizen of the United States and Russia, darknet market sites could seek refuge in a eastern European country, where he could possibly be granted immunity.

In this courtroom sketch, attorney Sam Enzer, center, sits between Heather Morgan, left, and her husband, Ilya ‘Dutch’ Lichtenstein, in federal court on February 8, 2022, in New York.

The couple are accused of conspiring to launder billions of dollars in cryptocurrency stolen from the 2016 hack of a virtual currency exchange

This illustration photo shows Heather Morgan, also known as ‘Razzlekhan,’ on a phone in front of the Bitcoin logo displayed on a screen. Along with Lichtenstein, Morgan has been arrested for the couple’s Bitcoin laundering scheme but has been freed after paying bail

Federal prosecutors also revealed that Lichtenstein had a file on his computer titled ‘passport ideas,’ which included several darknet market vendors that sell passports, bank cards and other forms of identification.

The New York couple was arrested earlier in February after they conspired to launder cryptocurrency that was stolen during the 2016 hack of Bitfinex, a virtual currency exchange platform, and currently estimated at $4.5 billion.

Both are accused of using several techniques to launder Bitcoin, including using fake identifies to create accounts; coding computer programs to execute fast, automated transactions; depositing stolen funds in several accounts across one crypto exchange to cover their previous transactions; converting Bitcoin to other forms of cryptocurrency; and creating U.S.-based business accounts to wire their funds and dark market url make them seem legitimate.

Over five years, a hacker allegedly laundered 119,754 bitcoin through 2,000 transactions on Bitfinex’s website before transferring the crypto funds into Lichtenstein’s digital wallet.

The couple could face up to 25 years years behind bars if found guilty.

Lichtenstein (back) has not been granted bail after prosecutors alerted the judge of his Russian citizenship, where he could seek immunity, if he were no longer held into custody

Morgan has been labelled as an ‘integral player’ in the cryptocurrency laundering scheme but prosecutors identified Lichtenstein as the ‘brain’ behind the scheme’s operations

Bitfinex is a cryptocurrency exchange registered in the British Virgin Islands.

In August 2016, hackers were able to breach its security firewall before stealing about 120,000 bitcoin from its customers.

The amount that was stolen was worth roughly $70 million at the time, when the price of bitcoin was around $600.

At the time, Bitfinex announced to its customers that they would lose 36 percent of their funds to compensate for dark market 2024 the losses from the incident.

It also created special digital tokens that were able to keep track of customers’ losses.

Some of the tokens could exchanged for shares of iFinex, the company that operates Bitfinex, while other tokens could be redeemed if the stolen bitcoins were recovered in the future.

The US Department of Justice announced that it would create a special judicial process for victims of the hack to reclaim their losses.

The hackers have never been identified.

Morgan and dark market darknet market onion Lichtenstein were arrested by federal prosecutors of laundering the bitcoin stolen from Bitfinex, but they are not being accused for actually stealing the bitcoin in the hack.

Authorities were able to recover $3.6B after seizing couple’s private keys to digital wallets after their arrest earlier this month.

The post Wife freed while husband jailed pending trial for Bitcoin laundering appeared first on The News Max.

Global Drug Survey reveals alcohol and drug habits during pandemic

leesacardillo — Sat, 06 Jan 2024 17:04:10 +0000

Australians are officially the world’s biggest binge drinkers, but Britain and darknet site the US don’t lag far behind – featuring in the top five of the latest Global Drug Survey.

Denmark and Finland ranked at second and third in the survey of more than 32,000 people from 22 countries which collected data from December 2020 to March 2021.

The data also shows that the Irish felt the most remorse after drinking.

Researchers believes extending Covid lockdowns contributed to the results

The survey found that the pandemic saw more experiment with ‘microdosing’ with psychedelics but people on average consumed less , cannabis, cocaine and LSD.

According to the findings unveiled this week, Australians got drunk an average 27 times in 2021, almost double the global average of 15.

Australians filled up their beer or wine glass with booze two days per week on average, the survey revealed.

It also found Australians regret their intoxication on 24 per cent of occasions – compared to the 21 per cent global average, with women more likely to regret getting drunk than men.

Britons joined the United States, Denmark and Finland in the top five drunkest nations after Australia

‘Drank too much too quickly’ was the most common regret, claimed by nearly half of those surveyed

But the Irish felt the most remorse after drinking this year, regretting it about a quarter of the time.

The Danish felt the least regretful, and darknet market links were also the second drunkest nation after Australia in 2021.

‘Drank too much too quickly’ was the most common regret, claimed by 49 per cent of those surveyed.

Six per cent said they felt anxious about Covid while four per cent said it was because they ‘hadn’t drank for ages’ due to pandemic restrictions.

Australians filled up their beer or wine glass with booze two days per week on average, the survey revealed

Vinegar Yard in London. Britons joined the Australia, the United States, Denmark and Finland in the top five drunkest nations

Two percent drank too much at a virtual party.

Britons joined the United States, Denmark and Finland in the top five drunkest nations after Australia.

France leads the world for the average number of drinks consumed in a year, enjoying more than 132 glasses of booze, followed by New Zealand on 122, while Australians had 106 drinks per year on average.

Despite this, the use of almost all drug classes fell in 2021 compared with last year’s sample.

Alcohol consumption fell to 92.8 per cent to 94 per cent and 51 per cent said they had smoked cigarettes in 2021 compared to 60.8 per cent in 2020.

The report said this could be due to the older age of the sample group or that most drugs were simply used less amidst the pandemic.

The Danish felt the least regretful after drinking and were also the second drunkest nation after Australia in 2021

France leads the world for the average number of drinks consumed in a year, enjoying more than 132 glasses of booze

People got less drunk over the lockdown and the rate of people seeking emergency help after consuming drugs fell for most substances too.

However the report’s finding suggest that microdosing, which is when a very small amount of a substance is taken to observe its effects on the body, ‘may be on the increase among those who use psychedelics’.

One in four of this group said they had microdosed with LSD or psilocybin (more commonly known as ‘magic mushrooms’) in the last 12 months.

One third of those who had taken psychedelics before also experimented microdosing with MDMA, ketamine, DMT, and 1P-LSD.

The study also found that although the pandemic may have locked us in, most people who used illegal drugs still obtained substances in-person

For those who used illegal drugs, most sourced them in person despite Covid restrictions making this difficult for many

The study also found that although the pandemic may have locked us in, most people who used illegal drugs still obtained substances in-person.

Where this occurred, people were most likely to get their supply from friends.

Some 1 in 10 mentioned digital sources and reported darknet market markets for drugs other than cannabis, best darknet market markets which was more often accessed through apps.

The first question of the survey asked respondents to sum up 2020 in one word.

After translating responses the report said that the ‘main theme was a negative sentiment’ towards the year, darkmarket list with ‘sh**’, ‘f***ed’ and ‘challenging’ dominating the general consensus.

The post Global Drug Survey reveals alcohol and drug habits during pandemic appeared first on The News Max.

US sanctions crypto exchange over ransomware ties

leesacardillo — Sat, 06 Jan 2024 15:04:11 +0000

Washington has announced sanctions against a cryptocurrency exchange it says has worked with ransomware attackers

The United States imposed sanctions Tuesday on cryptocurrency exchange SUEX for its ties to ransomware extortionists, as Washington seeks to crack down on a sharp rise in digital crime attacks.

The move marks the first US sanctions against a virtual currency exchange and they come as President Joe Biden’s administration has been under pressure to act after high-profile hacks and data breaches.

The attacks on a major US oil pipeline, a meatpacking company and Microsoft Exchange email system caused real-world problems and drew attention to the vulnerability to US infrastructure to digital pirates.

The US Treasury Department, which announced the sanctions, did not say if SUEX was implicated in any of those incidents, darknet market lists but noted that 40 percent of the exchange’s known transaction history was linked to “illicit actors.”

“Some virtual currency exchanges are exploited by malicious actors, but others, as is the case with SUEX, facilitate illicit activities for their own illicit gains,” a Treasury statement said, adding they are the first sanctions against a crypto exchange.

As a result of the sanctions, any assets of the platform under US jurisdiction are now blocked and Americans are barred from using SUEX.

– $10 million reward –

Crypto experts from Chainalysis noted large sums had moved through the platform, much of it from suspect sources.

“In Bitcoin alone, SUEX’s deposit addresses hosted at large exchanges have received over $160 million from ransomware actors, scammers and darknet markets links darknet market operators,” said a report from Chainalysis, which provides data on cryptocurrency.

SUEX is registered in the Czech Republic, and has branches in Russia and the Middle East.

Chainalysis said the US designation is important because it “represents significant action” by Washington to combat the money laundering that is key to digital crime.

The United States also issued a fresh warning against companies and individuals paying ransoms to unlock their files seized by ransomware hackers.

It noted that Americans could face penalties themselves if they are involved in making ransom payments as the United States already has a blacklist of people and countries, some of which are linked to ransomware attacks.

Tuesday’s announcement comes after Washington in July offered $10 million rewards for information on online extortionists abroad as it stepped up efforts to halt a sharp rise in ransomware attacks.

This year has seen a slew of prominent ransomware attacks which have disrupted a US pipeline, a meat processor and the software firm Kaseya — affecting 1,500 businesses, many of them far from the limelight.

Some $350 million was paid to malicious cyber actors last year, a spike of 300 percent from 2019, according to the Department of Homeland darknet market site Security.

US officials say many of the attacks originate in Russia although they have debated to what extent there is state involvement.

Russia denies responsibility.

The post US sanctions crypto exchange over ransomware ties appeared first on The News Max.

Child porn purveyor to get 21-27 years under new plea deal

leesacardillo — Sat, 06 Jan 2024 13:04:14 +0000

COLLEGE PARK, Md. (AP) – A man whom U.S. authorities have described as the world´s largest purveyor of child pornography would be sentenced to 21 to 27 years in prison under the terms of a new plea deal.

The deal between Eric Eoin Marques and Justice Department prosecutors is designed to satisfy a judge in Maryland who rejected their original agreement, which called for a prison sentence of 15 to 21 years.

Defense attorneys outlined the new terms in a court filing on Friday.

They said a 21-year prison sentence would be “fair and just” for Marques.

Marques’ lawyers also urged U.S. District Judge Theodore Chuang to impose a condition of supervised release that would allow Marques to live in Ireland, his home nation, after he completes his prison sentence.

Marques, who was 35 in May, is scheduled to enter his updated plea agreement and be sentenced next week.

Chuang isn´t bound by the sentencing recommendation.

During a hearing in May, Chuang described the initial plea agreement as “too flawed” and said he was inclined to give Marques a longer sentence than 15 to 21 years. The judge criticized a provision of the plea deal that wouldn´t give Marques credit for darknet market list six years he spent in custody in Ireland while fighting extradition after his 2013 arrest in Dublin. Chuang said he can´t tell the federal Bureau of Prisons to refrain from counting those years when Marques likely is entitled to get credit for that time.

“It´s not going to be 21 minus 6 to 15. That´s not going to happen,” the judge said.

The new plea deal calls for Marques to receive credit for the time served.

Marques, a dual citizen of the U.S.

and Ireland, pleaded guilty in February 2020 to creating and operating a web hosting service called “Freedom Hosting” on the darknet market between 2008 and 2013.

The darknet market is part of the internet but hosted within an encrypted network. It is accessible only through anonymity-providing tools.

Marques’ service enabled users to anonymously access millions of illicit images and videos, Tor Drug Market many depicting the rape and torture of infants and toddlers.

Investigators found what appeared to be more than 8.5 million images and videos of child pornography on the Freedom Hosting server, according to a court filing that accompanied Marques´ guilty plea.

Marques was living in Ireland dark web marketplaces at the time of the offenses.

He was extradited to Maryland in March 2019. He pleaded guilty to conspiracy to advertise child pornography.

In an April court filing, a prosecutor dark market url darknet market said a government witness was prepared to testify that investigators had identified Marques as the largest purveyor of child pornography in the world and that he had made approximately $3.6 million in U.S.

currency from his servers.

Marques’ lawyers say he made money from his legitimate web-hosting services, not Freedom Hosting.

“Though the contents of many of the websites it hosted were despicable and unlawful, the evidence shows that Freedom Hosting was a free service until just before Mr. Marques´ arrest,” they wrote in Friday’s filing.

The post Child porn purveyor to get 21-27 years under new plea deal appeared first on The News Max.

The history of hacking ransoms and cryptocurrency

leesacardillo — Sat, 06 Jan 2024 11:04:08 +0000

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

Earlier this month, hundreds of companies from the US to Sweden were entangled in the , a company that offers network infrastructure to businesses around the world.

The Kaseya hack comes on the heels of other headline-grabbing cyberattacks like the and the . In each instance, criminals had the opportunity to make off with millions — and much of the ransoms were paid in Bitcoin.

“We have to remember the primary reason for creating Bitcoin in the first place was to provide anonymity and secure, trustless and borderless transaction capabilities,” says Keatron Evans, principal security researcher at .

As Bitcoin grows more prominent in darknet markets links around the world, cybercrooks have found a vital tool to help them move illegal assets quickly and pseudonymously. And by all accounts, the attacks are only becoming more common.

Ransomware on the rise

Ransomware is a cybercrime that involves ransoming personal and business data back to the owner of that data.

First, a criminal hacks into a private network. The hack is accomplished through various tactics, including phishing, social engineering and preying upon users’ weak passwords.

Once network access is gained, the criminal locks important files within the network using encryption. The owner can’t access the files unless they pay a ransom. Nowadays, cybercriminals tend to request their ransoms in cryptocurrencies.

The FBI ransomware attacks accounted for at least $144.35 million in Bitcoin ransoms from 2013 to 2019.

These attacks are scalable and can be highly targeted or broad, ensnaring anyone who happens to click a link or install a particular software program.

This allows a small team of cybercrooks to ransom data back to organizations of all sizes — and the tools needed to hack into a small business or multinational cooperation are largely the same.

Private citizens, businesses, and state and national governments have all fallen victim — and many decided to pay ransoms.

Today’s business world depends on computer networks to keep track of administrative and financial data. When that data disappears, it can be impossible for the organization to function properly. This provides a large incentive to pay up.

Although victims of ransomware attacks are encouraged to report the crime to federal authorities, there’s no US law that says you have to report attacks (). Given this, there’s little authoritative data about the number of attacks or ransom payments.

However, a recent study from Threatpost only 20% of victims pay up. Whatever the actual number is, the FBI against paying ransoms because there’s no guarantee that you’ll get the data back, and paying ransoms creates further incentive for ransomware attacks.

Why do hackers like cryptocurrency?

Cryptocurrency provides a helpful ransom tool for cybercrooks. Rather than being an aberration or misuse, the ability to make anonymous (or pseudonymous) transfers is a of cryptocurrency.

“Bitcoin can be acquired fairly easily. It’s decentralized and readily

available in almost any country,” says Koen Maris, darkmarket list a cybersecurity expert and advisory board member at IOTA Foundation.

Different cryptocurrencies feature different levels of anonymity. Some cryptocurrencies, like Monero and Zcash, specialize in confidentiality and may even provide a higher level of security than Bitcoin for cybercriminals.

That’s because Bitcoin isn’t truly anonymous — it’s pseudonymous. Through careful detective work and analysis, it appears possible to trace and recoup Bitcoin used for ransoms, darknet sites as the FBI after the Colonial Pipeline hack. So Bitcoin isn’t necessarily used by ransomers simply because of security features. Bitcoin transfers are also fast, irreversible and easily verifiable. Once a ransomware victim has agreed to pay, the criminal can watch the transfer go through on the public blockchain.

After the ransom is sent, it’s usually gone forever. Then crooks can either exchange the Bitcoin for another currency — crypto or fiat — or transfer the Bitcoin to another wallet for safekeeping.

While it’s not clear exactly when or how Bitcoin became associated with ransomware, hackers, cybercrooks, and crypto-enthusiasts are all computer-savvy subcultures with a natural affinity for new tech, and Bitcoin was adopted for illicit activities online soon after its creation. One of Bitcoin’s first popular uses was currency for transactions on the dark market list web. The was among the early marketplaces that accepted Bitcoin.

Financial impact

Ransomware is big business. Cybercriminals made off just under $350 million worth of cryptocurrency in ransomware attacks last year, . That’s an increase of over 300% in the amount of ransom payments from the year before.

The COVID-19 pandemic set the stage for a surge in ransomware attacks. With vast tracts of the global workforce moving out of well-fortified corporate IT environments into home offices, cybercriminals had more surface area to attack than ever.

According to , the organizational changes needed to accommodate remote work opened up more businesses for cybercrime exploits, with Coalition’s policyholders reporting a 35% increase in funds transfer fraud and social engineering claims since the beginning of the pandemic.

It’s not just the number of attacks that is increasing, but the stakes, darknet market marketplace too. A from Palo Alto Networks estimates that the average ransom paid in 2020 was over $300,000 — a year-over-year increase of more than 170%.

When an organization falls prey to cybercrime, the ransom is only one component of the financial cost. There are also remediation expenses — including lost orders, business downtime, consulting fees, and other unplanned expenses.

The report from Sophos found that the total cost of remediating a ransomware attack for a business averaged $1.85 million in 2021, up from $761,000 in 2020.

Many companies now buy cyber insurance for financial protection. But as ransomware insurance claims increase, the insurance industry is also dealing with the fallout.

Globally, the price of cyber insurance has , according to a new report from Howden, an international insurance broker. The increase is likely due to the growing cost these attacks cause for insurance providers.

A cyber insurance policy generally covers a business’s liability from a data breach, such as expenses (i.e., ransom payments) and legal fees. Some policies may also help with contacting the businesses customers who were affected by the breach and repairing damaged computer systems.

Cyber insurance payouts now account for of all premiums collected, which is the break-even point for the providers.

“We noticed cyber insurers are paying ransom on behalf of their customers. That looks like a bad idea to me, as it will only lead to more ransom attacks,” says Maris. “Having said that, I fully understand the argument: the company either pays or it goes out of business. Only time will tell whether investing in ransom payments rather than in appropriate cybersecurity is a viable survival strategy.”

Early adopters

The AIDS Trojan, or PC Cyborg Trojan, is the first known ransomware attack.

The attack began in 1989 when an AIDS researcher distributed thousands of copies of a floppy disk containing malware. When people used the floppy disk, it encrypted the computer’s files with a message that demanded a payment sent to a PO Box in Panama.

Bitcoin wouldn’t come along until almost two decades later.

In 2009, Bitcoin’s mysterious founder, Satoshi Nakamoto, created the blockchain network by mining the first block in the chain — the genesis block.

Bitcoin was quickly adopted as the go-to currency for the dark market 2024 web. While it’s unclear exactly when Bitcoin became popular in ransomware attacks, the 2013 CryptoLocker attack definitely put Bitcoin in the spotlight.

CryptoLocker infected more than 250,000 computers over a few months. The criminals made off with about $3 million in Bitcoin and pre-paid vouchers. It took an internationally coordinated operation to take the ransomware offline in 2014.

Since then, Bitcoin has moved closer to the mainstream, and ransomware attacks have become much easier to carry out.

Early ransomware attackers generally had to develop malware programs themselves. Nowadays, ransomware can be bought as a service, just like other software.

Ransomware-as-a-service allows criminals with little technical know-how to “rent” ransomware from a provider, which can be quickly employed against victims. Then if the job succeeds, the ransomware provider gets a cut.

Future legislation

In light of the recent high-profile ransomware attacks, calls for new legislation are growing louder in Washington.

President Joe Biden issued an in May “on improving the nation’s cybersecurity.” The order is geared toward strengthening the federal government’s response to cybercrime, and it looks like more legislation is on the way.

The was recently introduced by a bipartisan group of senators. The bill aims to ramp up penalties for cyberattacks that impact critical infrastructure, so the Justice Department would have an easier time charging criminals in foreign countries under the new act.

States are also taking their own stands against cybercrime: have proposed legislation to outlaw ransomware payments. North Carolina, Pennsylvania, and Texas are all considering new laws that would outlaw taxpayer money from being used in ransom payments. New York’s law goes a step further and could outright ban private businesses from paying cybercrime ransoms.

“I think the concept of what cryptocurrency is and how it works is something that most legislative bodies worldwide struggle with understanding,” says Evans. “It’s difficult to legislate what we don’t really understand.”

The post The history of hacking ransoms and cryptocurrency appeared first on The News Max.

Inside busted illegal $220million darknet data centre

leesacardillo — Sat, 06 Jan 2024 10:04:37 +0000

Footage has emerged of the inside of a five-storey abandoned underground NATO bunker built with 31inch thick concrete walls in Germany allegedly converted by criminal gangs into a high tech data centre to host darknet websites.

An Australian man was arrested on Monday accused of running a $220million illegal darkweb marketplace – called the biggest in the world and ‘ for criminals’ – after ha was tracked following the bunker’s discovery.

The joint investigation by Australian Federal Police, Scotland Yard, the , Europol, dark web market and German authorities, among others, arrested the man, 34, as he allegedly tried flee across the Danish border into .

The man, known only as Julian K, is the alleged operator of DarkMarket and darknet market websites has been detained by German investigators.

DM.later(‘bundle’, function()
DM.molFeCarousel.init(‘#p-17’, ‘channelCarousel’,
“activeClass” : “wocc”,
“pageCount” : “3.0”,
“pageSize” : 1,
“onPos”: 0,
“updateStyleOnHover”: true
);
);

The 5,000sq m former NATO bunker located in south-western Germany (pictured) was built with 31inch thick concrete walls and was converted into a data facility called CyberBunker to host darknet market websites after being bought in 2012

A night-vision aerial view of the aboveground portion of the bunker containing a gatehouse, office, helipad and entrance building (pictured) which descends another four levels below the surface

A screenshot of the illegal website allegedly run by the arrested Australian man and temporarily hosted on CyberBunker which displays drugs for sale (pictured)

German police officers walk through the gate at the perimeter of the former Cold War bunker (pictured) converted into an illegal data centre after it was raided in 2019

DarkMarket was shut down on Monday and its new servers, located in Ukraine and Moldova after relocating from the bunker, were taken off the internet, prosecutors in the city of Koblenz said.

‘Until its closure, DarkMarket was probably the largest marketplace worldwide on the darknet market, with almost 500,000 users and more than 2400 sellers,’ prosecutors said.

More than 320,000 transactions were conducted via the website including the sale of drugs, counterfeit money, stolen or falsified credit cards, anonymous SIM cards and malware.

The transactions were reportedly worth a total of 4,650 bitcoin and 12,800 monero – two cryptocurrencies – for an equivalent sum of more than $221million.

The servers will be forensically examined by authorities to uncover information about the website’s operations and criminal network.

The solid concrete bunker (pictured) was built to withstand a nuclear blast is located in the south-western German town of Traben-Trarbach

Two of the entrances to the disused bunker (pictured) which was raided by police in 2019 after being bought by a private foundation based in Denmark in 2012

The accused man has already fronted a German court and been denied bail – to be transferred to a German prison in the next few days.

He has reportedly refused to speak to investigators or darknet market lists court officials.

German prosecutors said the man was trying to flee Denmark into Germany when arrested and was travelling through Europe either on holiday or dark markets 2024 conducting business for the illegal website.

They said the investigation around DarkMarket originated after the discovery of the data processing centre run by criminals in the 5,000sqm former unused bunker in south-west Germany.

The discovery of the illegal data centre in the bunker led to the arrest of multiple people accused of being part of a criminal network and being an accessory to hundreds of thousands of illegal transactions.

Some went on trial in October (pictured)

The data facility hosted illegal websites, which included DarkMarket temporarily, and was shut down in 2019.

The building, constructed by the West-German military, in the mid-1970s descended five-storeys below the surface and was built with 31inch thick concrete walls to withstand a nuclear blast.

A meteorological division of the military used the facility after the Cold War until 2012 to forecast weather patterns where German soldiers were deployed.

The building was sold to a foundation based in Denmark in 2012 after officials could find no other buyers for the vacant facility.

A number of people were arrested after the discovery of the data centre – accused of being part of a criminal network and being accessories to hundreds of thousands of illegal transactions involving prohibited material such as drugs and hacking tools.

Some already went on trial in October.

The darkweb was originally developed for the United States military but has been overrun by criminals because they can conceal their identity on the platform.

Server rows constructed in the bunker which is made of solid concrete and climate controlled (pictured).

The data centre was dismantled after the raid and multiple people linked to the centre were put on trial

The post Inside busted illegal $220million darknet data centre appeared first on The News Max.

Child porn purveyor to get 21-27 years under new plea deal

leesacardillo — Sat, 06 Jan 2024 08:04:12 +0000

Defense attorneys outlined the new terms in a court filing on Friday.

They said a 21-year prison sentence would be “fair and just” for Marques.

Marques, who was 35 in May, is scheduled to enter his updated plea agreement and be sentenced next week.

Chuang isn´t bound by the sentencing recommendation.

During a hearing in May, Chuang described the initial plea agreement as “too flawed” and darkmarket 2024 said he was inclined to give Marques a longer sentence than 15 to 21 years. The judge criticized a provision of the plea deal that wouldn´t give Marques credit for six years he spent in custody in Ireland while fighting extradition after his 2013 arrest in Dublin. Chuang said he can´t tell the federal Bureau of Prisons to refrain from counting those years when Marques likely is entitled to get credit for that time.

“It´s not going to be 21 minus 6 to 15. That´s not going to happen,” the judge said.

The new plea deal calls for Marques to receive credit for the time served.

Marques, a dual citizen of the U.S.

and Ireland, pleaded guilty in February 2020 to creating and darknet market dark markets 2024 onion operating a web hosting service called “Freedom Hosting” on the darknet market between 2008 and dark web market list 2013.

The darknet market is part of the internet but hosted within an encrypted network. It is accessible only through anonymity-providing tools.

Marques’ service enabled users to anonymously access millions of illicit images and videos, many depicting the rape and torture of infants and toddlers.

Investigators found what appeared to be more than 8.5 million images and videos of child pornography on the Freedom Hosting server, according to a court filing that accompanied Marques´ guilty plea.

Marques was living in Ireland at the time of the offenses.

He was extradited to Maryland in March 2019. He pleaded guilty to conspiracy to advertise child pornography.

In an April court filing, a prosecutor said a government witness was prepared to testify that investigators had identified Marques as the largest purveyor of child pornography in the world and that he had made approximately $3.6 million in U.S.

currency from his servers.

Marques’ lawyers say he made money from his legitimate Dark Web market urls-hosting services, not Freedom Hosting.

The post Child porn purveyor to get 21-27 years under new plea deal appeared first on The News Max.

Stopping cyberattacks. No human necessary

leesacardillo — Sat, 06 Jan 2024 07:04:43 +0000

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

This is part of our about how innovators are thinking up new ways to make you — and the world around you — smarter.

“Are you a hacker?”

A Las Vegas driver asks me this after I tell him I’m headed to Defcon at Caesars Palace. I wonder if his sweat isn’t just from the 110℉ heat blasting the city.

All week, a cloud of paranoia looms over Las Vegas, as hackers from around the world swarm Sin City for Black Hat and Defcon, two back-to-back cybersecurity conferences taking place in the last week of July. At Caesars Palace, where Defcon is celebrating its 25th anniversary, the UPS store posts a sign telling guests it won’t accept printing requests from USB thumb drives. You can’t be too careful with all those hackers in town.

Aaron Robinson/CNET

Everywhere I walk I see hackers — in tin-foiled fedoras, wearing . Mike Spicer, a security researcher, carries a 4-foot-high backpack holding a “Wi-Fi cactus.” Think wires, antennas, colored lights and 25 Wi-Fi scanners that, in seven hours, captured 75 gigabytes of data from anyone foolish enough to use public Wi-Fi. I see a woman thank him for darknet market links holding the door open for her, all while his backpack sniffs for unencrypted passwords and personal information it can grab literally out of thin air.

You’d think that, with all the potential threats literally walking about town, Vegas’ director of technology and innovation, Mike Sherwood, would be stressed out. It’s his job to protect thousands of smart sensors around the city that could jam traffic, blast water through pipes or cause a blackout if anything goes haywire.

And yet he’s sitting right in front of me at Black Hat, smiling.

His entire three-person team, in fact, is at Black Hat so they can learn how to stave off future attacks. Machine learning is guarding Las Vegas’ network for them.

Broadly speaking, artificial intelligence refers to machines carrying out jobs that we would consider smart. Machine learning is a subset of AI in which computers learn and adapt for themselves.

Now a number of cybersecurity companies are turning to machine learning in an attempt to stay one step ahead of professionals working to steal industrial secrets, disrupt national infrastructures, hold computer networks for ransom and even influence elections. Las Vegas, which relies on machine learning to keep the bad guys out, offers a glimpse into a future when more of us will turn to our AI overlords for protection.

Even so, that has protected Las Vegas’ network and thousands of sensors for the last 18 months.

Since last February, Darktrace has defended the city from cyberattacks, around the clock. That comes in handy when you have only three staffers handling cybersecurity for people, 3,000 employees and thousands of online devices. It was worse when Sherwood joined two years ago.

“That was the time where we only had one security person on the team,” Sherwood tells me. “That was when I thought, ‘I need help and I can’t afford to hire more people.'”

He’d already used Darktrace in his previous job as deputy director of public safety and city technology in Irvine, California, and he thought the software could help in Las Vegas. Within two weeks, Darktrace found malware on Las Vegas’ network that was sending out data.

“We didn’t even know,” Sherwood says. “Traditional scanners weren’t picking it up.”

Pattern recognition

I’m standing in front of a tattoo parlor in , a little more than 4 miles from Caesars Palace. Across the street, I see three shuttered stores next to two bail bonds shops.

I’m convinced the taxi driver dropped me off at the wrong location.

This is supposed to be Vegas’ $1 million Innovation District project? Where are the in the area? Or the ?

I look again at the Innovation District map on my phone. I’m in the right place. Despite the rundown stores, trailer homes and empty lots, this corner of downtown Vegas is much smarter than it looks.

That’s because hidden on the roads and inside all the streetlights, traffic signals and pipes are thousands of sensors. They’re tracking the air quality, controlling the lights and water, counting the cars traveling along the roads, and providing Wi-Fi.

Aaron Robinson/CNET

Officials chose the city’s rundown area to serve as its Innovation District because they wanted to redevelop it, with help from technology, Sherwood says. There’s just one problem: All those connected devices are potential targets for a cyberattack. That’s where Darktrace comes in.

Sherwood willingly banks on Darktrace to protect the city’s entire network because the software comes at machine learning from a different angle. Most machine learning tools rely on brute force: cramming themselves with thousands of terabytes of data so they can learn through plenty of trial and error. That’s how IBM’s Deep Blue computer learned to defeat Garry Kasparov, the world chess champion, in a best-of-seven match in 1997. In the security world, that data describes malware signatures — essentially algorithms that identify specific viruses or worms, for instance.

Darktrace, in contrast, doesn’t look at a massive database of malware that’s come before. Instead, it looks for patterns of human behavior. It learns within a week what’s considered normal behavior for users and sets off alarms when things fall out of pattern, like when someone’s computer suddenly starts encrypting loads of files.

Rise of the machines?

Still, it’s probably too soon to hand over all security responsibilities to artificial intelligence, says , a security professor darknet markets onion address and director of Carnegie Mellon University’s CyLab Security and Privacy Institute. He predicts it’ll take at least 10 years before we can safely use AI to keep bad things out.

“It’s really easy for AI to miss things,” Brumley tells me over the phone. “It’s not a perfect solution, and you still need people to make important choices.”

Aaron Robinson/CNET

Brumley’s team last year built an AI machine that won beating out other AI entries. A few days later, their contender took on some of the world’s best hackers at Defcon. They came in last.

Sure, machines can help humans fight the scale and speed of attacks, but it’ll take years before they can actually call the shots, says Brumley.

That’s because the model for AI right now is still data cramming, which — by today’s standards — is actually kind of dumb.

But it was still good enough to , making him the de facto poster child for man outsmarted by machine.

“I always remind people it was a rematch, because I won the first one,” he tells me, chuckling, while sitting in a room at Caesars Palace during Defcon. Today Kasparov, 54, is the which is why he’s been giving talks around the country on why humans need to work with AI in cybersecurity.

He tells me machines can now learn too fast for humans to keep up, no matter if it’s chess or cybersecurity. “The vigilance and the precision required to beat the machine — it’s virtually impossible to reach in human competition,” Kasparov says.

Nobody’s perfect

About two months before Defcon, I’m at Darktrace’s headquarters in New York, where company executives show me how the system works.

On a screen, I see connected computers and printers sending data to Darktrace’s network as it monitors for behavior that’s out of the ordinary.

Garry Kasparov addresses the Defcon crowd at this year’s conference.

Avast

“For example, Sue doesn’t usually access this much internal data,” Nancy Karches, Darktrace’s sales manager, tells me. “This is straying from Sue’s normal pattern.” So Darktrace shuts down an attack most likely waged by another machine.

“When you have machine-based attacks, the attacks are moving at a machine speed from one to the other,” says Darktrace CEO Nicole Eagan. “It’s hard for humans to keep up with that.”

But what happens when AI becomes the norm? When everyone’s using AI, says Brumley, hackers will turn all their attention on finding the machines’ flaws — something they’re not doing yet.

Darktrace

“We’ve seen again and again, the reason new solutions work better is because attackers aren’t targeting its weaknesses,” he says. “As soon as it became popular, it started working worse and worse.”

About 60 percent of cybersecurity experts at Black Hat believe hackers will use AI for attacks by 2018, according to a survey from the security company Cylance.

“Machine learning security is not foolproof,” says Hyrum Anderson, principal data scientist at cybersecurity company Endgame, who and their tools. Anderson expects AI-based malware will rapidly make thousands of attempts to find code that the AI-based security misses.

to see more Road Trip adventures.

Bettmann/Contributor

“The bad guy can do this with trial and error, and it will cost him months,” Anderson says. “The bot can learn to do this, and it will take hours.”

Anderson says he expects cybercriminals will eventually sell AI malware on darknet markets to wannabe hackers.

For now, Sherwood feels safe having the city protected by an AI machine, which has shielded Las Vegas’ network for the past year. But he also realizes a day will come when hackers could outsmart the AI. That’s why Sherwood and his Las Vegas security team are at Black Hat: to learn how to use human judgment and creativity while the machine parries attacks as rapidly as they come in.

Kasparov has been trying to make that point for the last 20 years. He sees machines doing about 80 percent to 90 percent of the work, but he believes they’ll never get to what he calls “that last decimal place.”

“You will see more and more advanced destruction on one side, and that will force you to become more creative on the positive side,” he tells me.

“Human creativity is how we make the difference.”

: Reporters’ dispatches from the field on tech’s role in the global refugee crisis.

: CNET hunts for darknet market markets dark market onion address innovation outside the Silicon Valley bubble.

The post Stopping cyberattacks. No human necessary appeared first on The News Max.

leesacardillo, Author at The News Max

A timeline of the biggest ransomware attacks

Kaseya (2021)

JBS (2021)

Colonial Pipeline (2021)

Brenntag (2021)

CNA Financial (2021)

CWT (2020)

University of California at San Francisco (2020)

Travelex (2019)

WannaCry (2017)

Locky (2016)

TeslaCrypt (2015)

CryptoWall (2014)

CryptoLocker (2013)

AIDS Trojan/PC Cyborg (1989)

Massive dark web bust seizes $6.5 million from 179 alleged drug dealers

Wife freed while husband jailed pending trial for Bitcoin laundering

RELATED ARTICLES

Share this article

Global Drug Survey reveals alcohol and drug habits during pandemic

RELATED ARTICLES

Share this article

US sanctions crypto exchange over ransomware ties

Child porn purveyor to get 21-27 years under new plea deal

The history of hacking ransoms and cryptocurrency

Ransomware on the rise

Why do hackers like cryptocurrency?

Financial impact

Early adopters

Future legislation

Inside busted illegal $220million darknet data centre

more videos

RELATED ARTICLES

Share this article

Child porn purveyor to get 21-27 years under new plea deal

Stopping cyberattacks. No human necessary

Pattern recognition

Rise of the machines?

Nobody’s perfect