Menlo Labs has uncovered an unknown threat actor that’s leveraging an evasive threat campaign distributed via Discord that features the PureCrypter downloader and targets government entities.
CyberSmart’s Series B was led by Oxx, with further contributions from British Patient Capital, IQ Capital, Eos Venture Partners, Legal & General Capital, Seedcamp, and Winton Ventures.
The Good Guys’ customer data, including phone numbers and email addresses, have been compromised in a third-party breach that industry observers say is yet another reminder for businesses to scrutinize their suppliers’ security practices.
The increased use of disk wipers in cyberattacks that began with Russia’s invasion of Ukraine early last year has continued unabated, and the malware has transformed into a potent threat for organizations in the region and elsewhere.
The clinic said a hacker they labeled “an unauthorized actor” had the ability to acquire information that included names, contact information, Social Security numbers, driver’s license numbers, health insurance information, and physician names.
Russia’s invasion of Ukraine has disrupted the vast cybercrime underground operating from the country, thanks to the mobilization of some threat actors and the emigration of others, according to Recorded Future.
Canada’s second-largest telecom is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. They subsequently posted screenshots that apparently show stolen source code and payroll records.
The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner.
The suspect, Dariy Pankov, aka dpxaker, was extradited from Georgia in October 2022 and he appeared before a US judge this week. Pankov has been charged with computer fraud, conspiracy, and access device fraud, and faces up to 47 years in prison.
The infection vector used by Clasiopa is unknown, although there is some evidence to suggest that the attackers gain access through brute force attacks on public-facing servers.