Anthony Spaelti on LinkedIn: The cat-and-mouse game between law enforcement and cybercriminals selling… (2024)

Law enforcement takes down LockBit's leak site and infrastructure, seizing control of their operations. Europol releases more information on the months-long operation. #cybersecurity #lawenforcement #LockBit#LockBit3.0, #darkweb, #blog, #404message, #seizurenotice, #InternationalLawEnforcement, #VXUnderground, #FBI, #pwned, #affiliate, #login, #ransomware, #sourcecode, #victims, #moneyextorted, #datastolen, #chats, #flawedinfrastructure, #arrested, #longestrunning, #financiallysuccessful.

❗ Beware of tech-support pirates! They're targeting our loved ones with alarming claims and manipulation. Learn how to shield your aging parents from falling victim to these virtual threats in our latest blog post. Knowledge is power! 💪📚👉 Don't miss out! Link in the post to dive into this week's blog!📝#lawyer #estateplanning #attorney #legal #LinkedIn

AeterneusIntel TRIAGE Brief: Monumental news on the law enforcement front this week - LockbitSupp, the ring-leader of the LockBit ransomware group has been called out as a Russian citizen, which has been teased for weeks now! Also one of the top hackers in REvil that was responsible for the Kaseya attack and many others has been given a long term sentence and huge fine!Overview:LockbitSupp: The United States, United Kingdom and Australia on Tuesday alleged that the leader of LockBit is a Russian national called Dmitry Yuryevich Khoroshev who had worked under the pseudonym LockbitSupp.REvil: A Ukrainian hacker has been sentenced to almost 14 years in prison for infecting thousands of victims with REvil ransomware and demanding over $700 million in ransom payments. Yaroslav Vasinskyi, 24, was ordered to pay more than $16 million in restitution for his role in the REvil attacks, according to the statement by the U.S. Department of Justice.Area of Impact: Legal activity has ramped up so far in 2024, keeping informed on the process and impacts on certain threat groups is always a good idea to be able to speak to it for your organizations.TRIAGE: It is great to see another real arrest and conviction being made in the case of the REvil ransomware group, against all the damage they were able to cause for orgs worldwide. The LockBit events have had a long lag time for the reveal of their “leader”. It is another interesting case to track from a security researcher perspective, especially with all the interactions between law enforcement and the threat group themselves, especially tied to LockBitSupp themselves. Hopefully this at least slows down his easy freedom of movement and his loss of full anonymity which he has maintained up to this point.

1

1 Comment

❗ Beware of tech-support pirates! They're targeting our loved ones with alarming claims and manipulation. Learn how to shield your aging parents from falling victim to these virtual threats in our latest blog post. Knowledge is power! 💪📚👉 Don't miss out! Link in the post to dive into this week's blog!📝#lawyer #estateplanning #attorney #legal #LinkedIn

“Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch.”#23andMe #23andMeDataBreach #DataSecurity #DataPrivacy #InformationSecurity #OwiningUp #Responsibility #DeflectingResponsibility #Lawsuits #DataBreachVictims #ReputationDamage #FinancialDamageshttps://lnkd.in/gUDDggQU

2

DDoS attack on Pennsylvania court system knocks out filing systems, bail payment site. Why it matters:1. The DDoS attack on Pennsylvania's court system has caused significant service outages. Key legal mechanisms including the web docket system and electronic filing system for attorneys are currently inaccessible, impacting court procedures and services. 2. Notably, no indications of court data being compromised have been observed, yet the limited operations and potential for data loss serve as a stark reminder of the susceptibility of vital public services to cyber threats. 3. This marks another critical instance in an escalating trend of cyber-attacks targeting U.S. state-level courts, underlining the urgent need for bolstered cybersecurity measures across these institutions. Such disruptions not only impair judicial functions but pose a threat to the integrity of democratic processes.Learn more by visiting The Record from Recorded Future News: https://lnkd.in/eCF2c6Eb

3

Au: Hackers Follow Through with Dark Web Threat After Law Firm Rejects Ransom: GVS reports: A hacking group claiming to be Russian-linked cybercriminals has published sensitive data from one of Australia’s largest law firms, HWL Ebsworth, after the firm refused to pay their ransom demands. The AlphV ransomware gang, also known as BlackCat, announced on the dark web that it had released 1.45 terabytes of data allegedly stolen from HWL Ebsworth in late April. […] The hack has caused concern for HWL Ebsworth’s clients, which include ANZ, the South Australian, Queensland, and ACT governments, the Environment and Human Services Department, and the Australian Taxation Office (ATO). The federal government has confirmed that it was a client of the law firm and may have been affected by the breach. Read more at GVS.

LockBit takedown: Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail. Why it matters:1. The successful takedown of over 14,000 accounts tied to the LockBit ransomware service demonstrates international cooperation and coordination in crippling cybercriminal activities. Each account represented a financial avenue for the culprits, thus significantly disrupting their operations.2. The widespread use of third-party services like Mega, Tutanota, and Protonmail for illegal purposes underscores the challenge these companies face in balancing user privacy and acting against illegal operations. Their proactive stance against illegal activity is vital to maintaining the security of these platforms for legitimate users.3. The operation — including arrests and public bounty — signals a shift in strategy by law enforcement. By exposing and penalizing affiliates, authorities apply pressure on cybercriminals, making them constantly wary and thus disrupting their actions.Learn more by visiting The Record from Recorded Future News: https://lnkd.in/e4dPXSC9

4

Kansas' electronic courts system still down weeks after cyber incident | StateScoop It’s been more than three weeks since an unexplained security incident shut down Kansas’ online court system, blocking public and internal access to an unknown number of court cases and records.Courts have been operating entirely on paper since the system went down in mid-October, according to the Kansas City Star, slowing down civil and criminal cases, even limiting parents’ ability to access child support payments and background checks that need to go through the court system.The state has not disclosed what caused the breakdown, whether there was a data breach or when the system will be back online, but the system’s continued shutdown highlights the state of cybersecurity in the judiciary nationwide, which have seen an uptick in cyberattacks in recent years, alongside the rest of the public sector.https://bit.ly/3Mz809g#cybersecurity #datasecurity

2

Important takedown on this expansive ransomware gang with collaboration from the international law enforcement community. Although it is satisfying to see a disruption of their dark web operations, it will be interesting to see the follow-up actions (e.g., if this is whac-a-mole, who comes out in handcuffs).https://lnkd.in/gUPkiWWe

3