Login

Recent searches

No recent searches

Search options

Not available on mastodon.xyz.
mastodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance, open to everyone, but mainly English and French speaking.

Administered by:

Server stats:

833
active users

mastodon.xyz: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#LockBit

2 posts2 participants0 posts today
Public
ESET Research

#ESETresearch discovered previously unknown links between the #RansomHub, #Medusa, #BianLian, and #Play ransomware gangs, and leveraged #EDRKillShifter to learn more about RansomHub’s affiliates. @SCrow357 welivesecurity.com/en/eset-res
RansomHub emerged in February 2024 and in just three months reached the top of the ransomware ladder, recruiting affiliates from disrupted #LockBit and #BlackCat. Since then, it dominated the ransomware world, showing similar growth as LockBit once did.
Previously linked to North Korea-aligned group #Andariel, Play strictly denies operating as #RaaS. We found its members utilized RansomHub’s EDR killer EDRKillShifter, multiple times during their intrusions, meaning some members likely became RansomHub affiliates.
BianLian focuses on extortion-only attacks and does not publicly recruit new affiliates. Its access to EDRKillShifter suggests a similar approach as Play – having trusted members, who are not limited to working only with them.
Medusa, same as RansomHub, is a typical RaaS gang, actively recruiting new affiliates. Since it is common knowledge that affiliates of such RaaS groups often work for multiple operators, this connection is to be expected.
Our blogpost also emphasizes the growing threat of EDR killers. We observed an increase in the number of such tools, while the set of abused drivers remains quite small. Gangs such as RansomHub and #Embargo offer their killers as part of the affiliate program.
IoCs available on our GitHub: github.com/eset/malware-ioc/tr

Public
Nonya Bidniss :CIAverified:

Russian cybercrime group sent a message of congratulations to Kash Patel and an offer.

...the Lockbit administrator then offered an “archive of classified information for you personally, Mr. Kash Patel.” This, it was claimed, contained information that could “not only negatively affect the reputation of the FBI, but destroy it as a structure.”
#Lockbit #FBI forbes.com/sites/daveywinder/2

ForbesThis Data Could Destroy The FBI—Russian Crime Gang Warns Kash PatelThis notorious Russian ransomware crime gang says it has sent Kash Patel information it claims could destroy the FBI. Here’s what you need to know.
Public
Chuck Darwin

🆘 Trump administration retreats in fight against Russian cyber threats

The Trump administration has publicly and privately signaled that
🔥 it does not believe Russia represents a cyber threat against US national security or critical infrastructure, 🔥
marking a radical departure from longstanding intelligence assessments.

👉The shift in policy could make the US vulnerable to hacking attacks by Russia, experts warned,
and appeared to reflect the warming of relations between Donald Trump and Russia’s president, Vladimir Putin.
Two recent incidents indicate the US is no longer characterizing Russia as a cybersecurity threat.

#Liesyl #Franz, deputy assistant secretary for international cybersecurity at the state department,
said in a speech last week before a United Nations working group on cybersecurity that
the US was concerned by threats perpetrated by some states but only named China and Iran,
with no mention of Russia in her remarks.

Franz also did not mention the Russia-based #LockBit #ransomware group,
which the US has previously said is the most prolific ransomware group in the world and has been called out in UN forums in the past.

The treasury last year said LockBit operates on a ransomeware-as-service model, in which the group licenses its ransomware software to criminals in exchange for a portion of the paid ransoms.

In contrast to Franz’s statement, representatives for US allies in the European Union and the UK focused their remarks on the threat posed by Moscow,
with the UK pointing out that Russia was using offensive and malicious cyber-attacks against Ukraine alongside its illegal invasion.

💥“It’s incomprehensible to give a speech about threats in cyberspace and not mention Russia and it’s delusional to think this will turn Russia and the FSB [the Russian security agency] into our friends,”
said James Lewis, a veteran cyber expert formerly of the Center for Strategic and International Studies think tank in Washington.

“They hate the US and are still mad about losing the cold war. Pretending otherwise won’t change this.”
The US policy change has also been established behind closed doors.

theguardian.com/us-news/2025/f

The Guardian · Trump administration retreats in fight against Russian cyber threatsBy Stephanie Kirchgaessner
Public
The Kyiv Independent [unofficial]

Ukraine Daily summary - Wednesday, February 12 2025

Russia concerned with weakening sway over allies amid Western pressure, FT reports -- Ukraine strikes Russia's Saratov oil refinery -- North Korea has sent 200 long-range artillery guns to Russia -- Russia records worst-ever ranking in key corruption index -- and more

writeworks.uk/~/UkraineDaily/U

writeworks.ukUkraine Daily summary - Wednesday, February 12 2025Russia concerned with weakening sway over allies amid Western pressure, FT reports -- Ukraine strikes Russia's Saratov oil refinery -- North Korea has sent 200 long-range artillery guns to Russia -- Russia records worst-ever ranking in key corruption index -- and more
#reconstruction#lyman#suppressing
Public
Anonymous 🐈🐾☕🍵🏴🇵🇸 :af:

The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. #LockBit #ransomwaregroup bleepingcomputer.com/news/secu

BleepingComputer · US sanctions LockBit ransomware’s bulletproof hosting providerBy Sergiu Gatlan
Public
securityskeptic :donor: :verified:

Dive Brief
Ransomware payments fell 35% in 2024

Ransomware attacks spiked in 2H2024 but fewer victims paid up.

FTA:" Chainalysis attributed the steep decline in ransomware payments to several factors, including significant actions from law enforcement agencies across the globe. " and cites the UK NCA and US FBI LockBit seizure.

Will the admin's vendetta against the FBI flip the field in 2025?

cybersecuritydive.com/news/ran

Cybersecurity Dive · Ransomware payments fell 35% in 2024By Rob Wright
#ransomware#lockbit#fbi
Public
FairB

CYBERANGRIFF

Rheinland Pfalz, Update 24.01.2025

Lockbit steckt hinter dem Cyberangriff
auf Schulen in Rheinland-Pfalz

Über vierzig Schulen sind von dem Angriff betroffen und derzeit nicht am Netz. Die Lockbit-Bande droht nun mit Veröffentlichung oder Verkauf von Daten.

heise.de/news/Cyberangriff-auf

#Schule #Schulen #Kultusministerium
#KultusministeriumRP #Lockbit #Cyberangriff #RP #Rheinlandpfalz

heise online · Cyberangriff auf Schulen in Rheinland-Pfalz: Steckt Lockbit dahinter?By Dr. Christopher Kunz
ExploreLive feeds
About