Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malware

Face off: New Banking Trojan steals biometrics to access victims' bank accounts

Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.

Still Alive: Updates for Well-Known Latin America eCrime Malware Identified in 2023

Latin America (LATAM) is a growing market, and threat actors have used numerous eCrime malware variants to target users in this region. Over the past few years, many researchers have characterized the tactics, techniques and procedures (TTPs) of widespread Latin America malware families, including but not limited to Mispadu, Grandoreiro, Mekotio, Casbaneiro, Metamorfo and Astaroth.

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities. LockBit, which has been operating since 2020, has targeted thousands of victims around the globe, causing the loss of billions of dollars in both ransom payments and recovery.

Operation Cronos: The Takedown of LockBit Ransomware Group

On February 20, 2024, the National Crime Agency (NCA) of Britain and the Federal Bureau of Investigation (FBI) announced the successful disruption of the Lockbit ransomware gang, marking a significant milestone in the fight against cybercrime. This operation, known as Operation Cronos, was a collaborative effort involving law enforcement agencies from the UK, the US, and several other countries, with support from private sector partners.

Beating LockBit at its Own Game: Law enforcement's takedown of a prolific ransomware group

After a years-long investigation, this week the FBI and law enforcement agencies in the UK and Europe took over the main website of the cybercrime group known as LockBit. Law enforcement additionally arrested LockBit associates in Poland, Ukraine, and the U.S. and the U.S. Treasury imposed sanctions on Russian nationals affiliated with the group. The joint operation re-engineered LockBit’s online system to mimic the countdown clock used by the group in its extortion attempts.

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow won’t impact ransomware overall. As in the past, another group will pick up the slack, or LockBit itself will reform and get back into business.

Operation Cronos: Global Law Enforcement Deals Significant Blow to LockBit Ransomware; Two Russian Nationals Indicted in the US

In a synchronized effort across multiple nations, law enforcement agencies have conducted a series of raids and arrests targeting those responsible for the LockBit ransomware attacks. Termed Operation Cronos, this initiative marks a notable victory in the ongoing battle against cybercrime. The LockBit ransomware group has been behind several high-profile cyber assaults, causing substantial financial harm and disruption to businesses and organizations globally.