Bleeping Computer: Ransom payments fall as fewer victims choose to pay hackers

Bleeping Computer: Ransom payments fall as fewer victims choose to pay hackers. “In Q2 2022, the average ransom payment was $228,125 (up by 8% from Q1 ‘22). However, the median ransom payment was $36,360, a steep fall of 51% compared to the previous quarter. This continues a downward trend since Q4 2021, which represented a peak in ransomware payments both average ($332,168) and median ($117,116).”

Intel 471: How cybercriminals are using messaging apps to launch malware schemes

Intel 471: How cybercriminals are using messaging apps to launch malware schemes. ” Apps like Discord and Telegram have underlying elements that allow users to create and share programs or other types of content that’s used inside the platform. These programs, colloquially known as ‘bots,’ or other content allows for users to share media, play games, moderate channels, or any other automated task a developer can devise. Cybercriminals have figured out how to leverage this for their own begotten gains.”

CNN: Justice Department seizes $500K from North Korean hackers who targeted US medical organizations

CNN: Justice Department seizes $500K from North Korean hackers who targeted US medical organizations. “The US Justice Department seized approximately half a million dollars that North Korean government-backed hackers had either extorted from US health care organizations or used to launder ransom payments, deputy Attorney General Lisa Monaco said Tuesday as she touted an aggressive US strategy to claw back money for victims of ransomware attacks.”

New York Times: Defense Firm Said U.S. Spies Backed Its Bid for Pegasus Spyware Maker

New York Times: Defense Firm Said U.S. Spies Backed Its Bid for Pegasus Spyware Maker. “Spokesmen for L3Harris and NSO declined to comment about the negotiations between the companies. A spokeswoman for Avril Haines, the director of national intelligence, declined to comment on whether any American intelligence officials quietly blessed the discussions. A spokesman for the Commerce Department declined to give specifics about any discussions with L3 Harris about purchasing NSO.”

Bleeping Computer: US govt warns of Maui ransomware attacks against healthcare orgs

Bleeping Computer: US govt warns of Maui ransomware attacks against healthcare orgs. “The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S.”

Route Fifty: The Changing Face of Ransomware

Route Fifty: The Changing Face of Ransomware. “Attackers are increasingly targeting organizations they think will deliver the greatest rewards. They vary their ransom demands based on the victim’s estimated financial position, the quality of data exfiltrated, whether the victim has cyber insurance and the reputation of the ransomware group, the study said.”

Bleeping Computer: Macmillan shuts down systems after likely ransomware attack

Bleeping Computer: Macmillan shuts down systems after likely ransomware attack. “Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. The attack reportedly occurred over the weekend, on Saturday, June 25th, with the company shutting down all of their IT systems to prevent the spread of the attack.”

Bleeping Computer: Free smartphone stalkerware detection tool gets dedicated hub

Bleeping Computer: Free smartphone stalkerware detection tool gets dedicated hub. “Kaspersky has launched a new information hub to help with their open-source stalkerware detection tool named TinyCheck, created in 2019 to help people detect if their devices are being monitored. Stalkerware is software explicitly created to spy on people via their smartphones by monitoring their whereabouts, communications, photos, browsing history, and more.”

MakeUseOf: What Is Leakware? Here’s What You Need to Know

MakeUseOf: What Is Leakware? Here’s What You Need to Know. “Leakware attackers will threaten to release the confidential information they’ve stolen from the victim(s) if their demands are not met. These demands are usually financial and come in the form of a typical ransom (which is why leakware is a kind of ransomware). Leakware attackers will often ensure that the data they steal is highly sensitive to put as much pressure on the victim as possible.”

Ars Technica: Billing fraud apps can disable Android Wi-Fi and intercept text messages

Ars Technica: Billing fraud apps can disable Android Wi-Fi and intercept text messages. “Android malware developers are stepping up their billing fraud game with apps that disable Wi-Fi connections, surreptitiously subscribe users to pricey wireless services, and intercept text messages, all in a bid to collect hefty fees from unsuspecting users, Microsoft said on Friday.”

The Verge: Google says attackers worked with ISPs to deploy Hermit spyware on Android and iOS

The Verge: Google says attackers worked with ISPs to deploy Hermit spyware on Android and iOS. “A sophisticated spyware campaign is getting the help of internet service providers (ISPs) to trick users into downloading malicious apps, according to research published by Google’s Threat Analysis Group (TAG) (via TechCrunch). This corroborates earlier findings from security research group Lookout, which has linked the spyware, dubbed Hermit, to Italian spyware vendor RCS Labs.”