November 30, 2025

Dark Light

Search

Arrest Cryptocurrency News

0

26

FBI Takes Down Crypto-Laundering Scam

The line between cybercrime and plain old-fashioned fraud has become yet more blurred following the sentencing of international virtual currency vendor Anurag Pramod Murarka to 121 months in prison for his involvement in a classic money laundering operation that he advertised on Darknet marketplaces.

According to recently unsealed court documents, Murarka operated an international money laundering business from April 2021 until September 29, 2023. Murarka was able to operate out of India and serviced shady clients in the United States through an intricate Indian “hawala” money transferring system and the use of the US Postal Service as his “unwitting partner in transferring ill-begotten funds.” The original Hawala scam was an Indian political and financial scandal involving illicit payments allegedly sent by politicians through a network of four Hawala brokers that implicated some of the country’s leading politicians.

China Geopolitics News

0

20

China ramps up cyber-attacks on the US

The latest US security breach attributed to systematic attempts by China to compromise US institutions and critical infrastructure has impacted the US Treasury. The intrusion is being billed as “a major cybersecurity incident”.

According to a letter from the US Department of the Treasury: “The threat actor was able to override the service’s security, remotely access certain Treasury Departmental Office user workstations, and access certain unclassified documents maintained by those users… Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”

Arrest News Russia

0

19

Russian Authorities Arrest FBI’s Most Wanted Hacker

The FBI’s most wanted hacker, Mikhail Pavlovich Matveev, dubbed the “Moriarty” of cybercrime, has finally been arrested by Russian authorities. Described by the FBI as a “prolific” cybercriminal, Matveev has had a $10 million bounty on his head for any information leading to his arrest since 2023.

The arrest is a turning point on the part of the Russian authorities, as cybercriminals have long seen Russia as a safe haven. According to intelligence sources, this could either represent an attempt to try and legitimize the Russian economy or an indication that the state is taking back control of cyber-attacks on Western economies.

News One Minute Roundup

0

17

UK Takes Down Russian Money Laundering Ring – December 5th

The FBI warns the public about rising fraud schemes using generative artificial intelligence. The FBI observed that GenAI can be utilized by hackers to create fraudulent social media accounts, generate false websites to entice cryptocurrency investors, and create AI chatbots in order to lure victims into clicking malicious links.

Cryptocurrency Government News

0

18

Feds Create Their Own Cryptocurrency for Sting Operation

The US Federal Bureau of Investigation (FBI) has created “NexFundAI”, a cryptocurrency created to further their investigation, “Operation Token Mirrors.” The FBI also announced that 18 individuals have been charged for market manipulation and “wash trading” — the first of its kind in the cryptocurrency industry.

The investigation, described as “a new twist to old-school financial crime”, garnered charges against cryptocurrency company leaders and employees from Texas, the UK, and Portugal, and over $25 million in seized cryptocurrency. NexFundAI enabled the FBI to monitor and track illicit activities conducted by cryptocurrency companies and financial service firms, or “market makers.”

cybercrime Government News

0

20

Russian gang shuts down two Indiana counties

Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America.

“Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.

News ransomware Russia

0

13

It’s official…It definitely IS the Russians

The US Federal Bureau of Investigation (FBI) has laid the blame for escalating worldwide ransomware attacks squarely at Russia’s door.

Speaking at the 2024 Boston Conference on Cyber Security last week, FBI Cyber Division Assistant Director Bryan Vorndran said: “Almost all of the criminals developing sophisticated malware to enable ransomware attacks are based in Russian-speaking countries and operate as organized crime syndicates, similar to traditional organized crime elements.”

He focused on the FBI’s earlier this year disruption of Dark Web ransomware gang LockBit, stressing that organized cybercriminal gangs, particularly Russian ones, are essentially the same as old-school mafia mobsters. They differ only in their methods and avenues of attack.

Analysis cybercrime

0

19

FBI takes down BreachForums -again!

The US Federal Bureau of Investigation (FBI) is investigating the criminal hacking forum BreachForums after taking down its website last week. This follows the announcement in February of the seizure of the LockBit ransomware gang’s extortion website.

“From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc and run by ShinyHunters) was operating as a clear-net marketplace for cybercriminals to buy, sell, and trade contraband, including stolen access devices, means of identification, hacking tools, breached databases, and other illegal services,” says an FBI advisory.

Chip Technology cybercrime News

0

18

Critical infrastructure at risk from modem flaws

“Critical flaws” have been identified in modems deployed in millions of devices worldwide. Cybersecurity firm Kaspersky has issued a report warning companies of severe security vulnerabilities in Cinterion cellular modems.

According to Kaspersky, Cinterion modems are cornerstone components in machine-to-machine (M2M) and Internet of Things (IoT) communications and now offer a back door for all kinds of threat actors. They support various applications, ranging from industrial automation and vehicle telematics to smart metering and healthcare monitoring. Gemalto, the initial developer of the modems, was subsequently acquired by Thales. In 2023, Telit acquired Thales’ cellular IoT products business, including the Cinterion modems.

News One Minute Roundup

0

8

Boeing Discloses $200M Ransomware Attempt – May 13th

Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment.

Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group’s website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.

cybercrime Finance News

0

14

FBI reports record cybercrime losses in 2023

The US Federal Bureau of Investigation reports that last year the Internet Crime Complaint Center (IC3) received a record number of complaints, with potential losses exceeding $12.5 billion.

Although the figures for 2023 represent a 10 percent increase over 2022 and a 22 percent rise in losses suffered, the FBI fears that even this only represents the tip of a vast unseen iceberg of cybercrime. The report quotes the FBI’s recent infiltration of the Hive ransomware group, which discovered that only 20 percent of victims had reported the incidents to law enforcement authorities.

Geopolitics News ransomware

0

24

Ransomware alert for US critical infrastructure

The US Federal Bureau of Investigation (FBI) and the US Cybersecurity and Infrastructure Security Agency (CISA) have jointly issued a stark warning. The Phobos ransomware-as-a-service (RaaS) model is now being widely used by threat actors of all kinds to attack a wide variety of critical infrastructure across America.

“Since May 2019, Phobos ransomware targeted municipal and county governments, emergency services, education, public healthcare, and other critical infrastructure entities,” says the joint cybersecurity advisory document.

Phobos RaaS is particularly dangerous as it is an off-the-shelf software that can be deployed by even relatively unskilled threat actors in conjunction with other open-source tools such as Smokeloader, Cobalt Strike, and Bloodhound. These tools are all widely accessible and easy to use in various operating environments, making Phobos the obvious go-to choice for a wide variety of threat actors.

cybercrime Healthcare News

0

29

BlackCat gives go-ahead for healthcare attacks

Following actions taken against the infamous BlackCat ransomware group in December by the US Federal Bureau of Investigation (FBI), the cybercriminal gang has warned it is taking off the gloves in its fight with law enforcement. BlackCat previously took pride in regularly announcing that it does not encourage or support affiliates who target crucial sectors such as healthcare. But this approach has changed radically since the end of 2023.

“Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized. This is likely in response to the ALPHV Blackcat administrator’s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023,” said the FBI.

China Geopolitics News

0

28

FBI declares cyber-war on China

US Federal Bureau of Investigation (FBI) director Christopher Wray used his keynote speech at the weekend’s Munich Cyber Security Conference, which many regard as the security version of Davos, to effectively declare cyber-war on the People’s Republic of China (PRC).

“Our adversaries have been improving exponentially,” warns Wray. “Chief among those adversaries is the Chinese government…the cyber threat posed by the Chinese government is massive.”

Wray added that China’s hacking program is larger than that of all the other major world nations combined and that the PRC is using AI technology stolen from the Western powers to vastly increase the present threat. The FBI director told the major world powers assembled in Munich at the weekend that a new enhanced level of cooperation between government agencies such as his and the private sector is the only way to counter this new Red Menace.

News One Minute Roundup

0

9

International Law Enforcement Seizes LockBit’s Website – February 20th

U.S. and U.K. authorities announced the seizure of the LockBit ransomware gang’s extortion website.

The “Operation Cronos” campaign was led by the UK’s National Crime Agency, the US Federal Bureau of Investigation, and Europol, in collaboration with a coalition of police agencies from 9 countries globally. However, LockBit posted messages on an encrypted messaging app saying its backup servers were unaffected.

cybercrime News ransomware

0

30

Ransomware payments top US$1 billion in 2023

Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments.

“This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.

News One Minute Roundup

0

10

DDoS Attack on Pennsylvania Fails to Halt City Government – February 6th

Officials from the Administrative Office of Pennsylvania Courts announced their website was hit by a Distributed Denial of Service (DDoS) attack, which the city says did not compromise data or halt government operations.

The attack is now being investigated by the U.S. Department of Homeland Security and the Federal Bureau of Investigation to uncover the hackers behind the attack and to ensure it is not a symptom of a larger-scale ransomware attack.

Cyber Espionage Energy Sector News

0

20

Critical infrastructure under increased attack

France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people.

The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.

cybercrime News sextortion

0

22

Sextortion racket triggers US youth suicides

Financial sextortion is now the most rapidly growing crime targeting American, Canadian, and Australian youth. The US Federal Bureau of Investigation (FBI) has called it: “a global crisis that demands everyone’s attention” – having observed a one thousand percent increase in financial sextortion incidents over the last 18 months.

In a December 2023 hearing, FBI Director Wray warned Congress that sextortion is “a rapidly escalating threat,” and teenage victims “don’t know where to turn.”

Almost all this activity is linked to West African cybercriminals known as the “Yahoo Boys”, who primarily target English-speaking minors and young adults on the online social networks: Instagram, Snapchat, and Wizz, according to the Network Contagion Research Institute (NCRI) report, “A Digital Pandemic: Uncovering the role of ‘Yahoo Boys’ in the Surge of Social Media-enabled Financial Sextortion Targeting Minors.

News One Minute Roundup

0

10

Schneider Electric Confirms Data Breach from Ransomware Attack – January 31st

Schneider Electric announced that they were hit by a ransomware attack on January 17th, resulting in a data breach exposing their customer’s information. The ‘Cactus’ ransomware group claimed the ransomware attack.

Schneider has since informed the affected customers of the breach, which include Hilton, Pepsico, and Walmart. The attack also caused Schneider to shut down several division-specific systems.

News One Minute Roundup

0

14

CISA and FBI Release IOCs Associated with Androxgh0st Malware – January 17th

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory (CSA) containing the Indicators of Compromise (IOC) associated with the Androxgh0st malware.

The joint CSA also contained the dangerous Androxgh0st malware tactics, techniques, and procedures associated with the malware’s threat actors. The malware establishes a botnet for victim identification, exploits vulnerable networks, targets the theft of sensitive data, and may lead to remote code execution.

News One Minute Roundup

0

10

North Korea Continues Crypto Theft Campaign – December 4th

A joint advisory by the Federal Bureau of Investigation (FBI), the Environmental Protection Agency, and the Cybersecurity Infrastructure and Security Agency (CISA) announced the Iranian-based threat actor group “Cyber Av3ngers” compromised over 200 internet-connected devices in the US.

Suspected to be anti-Israeli by motive, the “Cyber Av3ngers” group was behind the Pennsylvania Water Authority hacks, disrupting an industrial control device that was made in Israel.

News One Minute Roundup

0

12

Pittsburgh-area Water Authority Hit by Cyber Attack – November 28th

The Municipal Water Authority of Aliquippa reported a cyberattack that shut down their water pressure technology, to the U.S. Department of Homeland Security this past weekend.

According to the U.S. Department of Homeland Security, the unassuming cyberattack may come with serious international implications, with the attack suspected to come from an anti-Israeli Iranian threat actor group labeled as “Cyber Av3ngers”. This nation-state cyberattack is not the first to disrupt critical water infrastructure.

News One Minute Roundup

0

14

Google to adapt email sender guidelines for heightened security – October 4th

In response to the increasingly hostile cyber environment, Google will tighten bulk email sending regulations next year.

Reports say that the server plans to send new email sender guidelines in February, which will require senders of bulk email to authenticate their emails and adhere to stricter spam regulations.

News One Minute Roundup

0

16

Lazarus equips two new remote access trojan weapons – September 22nd

The Lazarus group is using two new remote access trojans to target health systems’ ManageEngine vulnerabilities.

The group recently made headlines after targeting healthcare entities in Europe and the US and has since evolved its malware to exploit the CVE-2022047966 vulnerability in the ManageEngine setup, allowing for remote code execution.

Its new RAT variants, QuiteRAT and CollectionRAT, allow for the attacker to run arbitrary commands, among other capabilities.

China Cyber Espionage News

0

20

FBI sounds second call to arms to fight cybercrime

The US Federal Bureau of Investigation (FBI) is increasingly anxious to enlist the private sector in the losing battle it is fighting against global cybercrime and espionage. Speaking in Washington on Monday, FBI director Christopher Wray stressed the importance of “collaborative, public-private” operations in fighting cybercrime, developing a strategy previously outlined by FBI Deputy Director Paul Abbate at a Boston cybersecurity conference three months ago.