Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 11 submissions in the queue.

Teens With “Digital Bazookas” Are Winning the Ransomware War, Researcher Laments

posted by hubie on Friday November 17 2023, @06:41PM   Printer-friendly
from the complaints-department-5000-miles-> dept.

Freeman writes:

https://arstechnica.com/security/2023/11/teens-with-digital-bazookas-are-winning-the-ransomware-war-researcher-laments/

What do Boeing, an Australian shipping company, the world's largest bank, and one of the world's biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a critical vulnerability that security experts have warned of for more than a month, according to a post published Monday.

[...] All four companies have confirmed succumbing to security incidents in recent days, and China's ICBC has reportedly paid an undisclosed ransom in exchange for encryption keys to data that has been unavailable ever since.

[...] After the CitrixBleed exploit grants initial remote access through software known as Virtual Desktop Infrastructure, LockBit escalates its access to other parts of the compromised network using tools such as Atera, which provides interactive PowerShell interfaces that don't trigger antivirus or endpoint detection alerts. This access remains even after CitrixBleed is patched unless administrators take special actions.

Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Teens With “Digital Bazookas” Are Winning the Ransomware War, Researcher Laments | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Interesting) by DannyB on Friday November 17 2023, @10:15PM (4 children)

    by DannyB (5839) Subscriber Badge on Friday November 17 2023, @10:15PM (#1333333) Journal

    Ransomware group reports victim it breached to SEC regulators [arstechnica.com]

    Group tells SEC that the victim is in violation for not reporting it was hacked.

    One of the world’s most active ransomware groups has taken an unusual—if not unprecedented—tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission.

    The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that’s been in operation for two years. After first claiming to have breached the network of the publicly traded digital lending company MeridianLink, AlphV officials posted a screenshot of a complaint it said it filed with the SEC through the agency’s website. Under a recently adopted rule [sec.gov] that goes into effect next month, publicly traded companies must file an SEC disclosure within four days of learning of a security incident that had a “material” impact on their business.

    Maybe that's what happens if you don't pay the ransom, AND you try to hide the attack, AND you're a publicly tiraded company.

    --
    The amount of rust code in Linux has grown.
    The amount of rust code in Linux has groan.
    Starting Score:    1  point
    Moderation   +3  
       Interesting=3, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 2) by Whoever on Saturday November 18 2023, @12:58AM (2 children)

    by Whoever (4524) on Saturday November 18 2023, @12:58AM (#1333344) Journal

    Maybe that's what happens if you don't pay the ransom, AND you try to hide the attack, AND you're a publicly tiraded company.

    Maybe they figured that, if they could just keep the intrusion secret, it would not have a material effect on their business.

    • (Score: 3, Funny) by sgleysti on Saturday November 18 2023, @03:03AM (1 child)

      by sgleysti (56) Subscriber Badge on Saturday November 18 2023, @03:03AM (#1333354)

      Along similar lines: It's not racketeering if you use a bat.

      • (Score: 2) by DannyB on Monday November 20 2023, @04:05PM

        by DannyB (5839) Subscriber Badge on Monday November 20 2023, @04:05PM (#1333618) Journal

        Isn't a bat more effective than a racket?

        --
        The amount of rust code in Linux has grown.
        The amount of rust code in Linux has groan.

  • (Score: 2) by sgleysti on Saturday November 18 2023, @03:06AM

    by sgleysti (56) Subscriber Badge on Saturday November 18 2023, @03:06AM (#1333355)

    The SEC report by the ransomware gang is by far the most interesting part of this story. X got hacked has ceased to be news to me and always recalls to mind an early scene from the movie Hackers:

    Dade's Mom: You hooked it up to the phone, didn't you? Dade! Turn the shower off! You screw up again and you won't get into college!