DIRS.INFO The most relevant business & tech news

☆ Russian charged with LockBit ransomware crimes — $10 million reward for his arrest
▼ + stars: | 2024-05-07 | by ( Dan Mangan | ) www.cnbc.com time to read: +1 min

Federal prosecutors on Tuesday announced criminal charges against a Russian national, Dimitry Yuryevich Khoroshev, for allegedly creating, developing, and administrating the LockBit ransomware-as-service group. The U.S. State Department at the same time offered a $10 million reward for information leading to the apprehension and arrest of Khoroshev, a 31-year-old from Voronezh, Russia. The Treasury Department also imposed sanctions on Khoroshev, blocking all property and interests he holds in the United States or are in the possession of Americans. Khoroshev, who also is known as LockBitSupp, LockBit, and putinkrab, was charged in a 26-count indictment in U.S. District Court in New Jersey, which accuses him of personally pocketing at least $100 million from victims of the group. He typically received 20% of each ransom payment, authorities said.

Persons: Dimitry Yuryevich Khoroshev, Khoroshev, LockBit's, pocketing Organizations: U.S . State Department, Treasury Department, The, Justice, DOJ Locations: Russian, Voronezh, Russia, United States, U.S, New Jersey

☆ A countdown timer for the threatened release of Trump court documents disappeared from hacker website before it ticked down to zero
▼ + stars: | 2024-02-29 | by ( Jacob Shamsian | ) www.businessinsider.com time to read: +6 min

The ransom countdown timer for Fulton County disappeared from a hacking group's website. The hacking group, LockBit 3.0, had a timer set for 8:49 a.m. It posted a new countdown timer for the Fulton County documents initially set for March 2. Before the raid, the group said, they had been in negotiations over a ransom for the Fulton County documents. AdvertisementThe timer for Fulton County had previously disappeared from LockBit 3.0's site ahead of the February 20 raid.

Persons: Trump, —, Donald Trump's, Georgia —, LockBit, Biden, Fani, It's, Brian Krebs, Dan Schiappa, Schiappa, George Chidi Organizations: Fulton, Service, FBI, Justice, Trump, Republican, Department of Justice, Fulton County, Atlanta Journal, Business Locations: Georgia, Fulton County, Mexico, Fulton, Atlanta

☆ This notorious Russian hacking group is threatening to release Trump court documents
▼ + stars: | 2024-02-29 | by ( Grace Eliza Goodwin | ) www.businessinsider.com time to read: +4 min

Hackers are threatening to leak stolen Trump court documents unless they get a ransom. LockBit is a Russia-based ransomware group that's made millions already by hacking victims. AdvertisementLockBit, a group of notorious Russian hackers, is threatening to release court documents it claims it stole from Georgia officials unless it gets paid a ransom. It's the latest scheme from a group that's frustrated international authorities and dodged shutdown attempts. LockBit is threatening to release Trump court documents it stole from the Fulton County, Georgia, election interference case unless the county paid up.

Persons: Trump, LockBit, —, Biden, that's, It's, aren't, Donald Trump's Organizations: Service, Trump, US Department of, Treasury, Treasury Department, Justice Department, Infrastructure Security Agency, Boeing, National Health Service, Royal Mail, Commercial Bank of China, Business, Fulton, FBI, Crime Agency Locations: Russia, Georgia, Fulton County , Georgia

☆ Hackers threaten to release Trump documents from Georgia case if they don't get a ransom by Thursday
▼ + stars: | 2024-02-28 | by ( Jacob Shamsian | ) www.businessinsider.com time to read: +10 min

LockBit works with affiliates to hack companies and government agenciesLockBit 3.0's targets go far beyond just the Fulton County government. As of Wednesday, it had ongoing ransom demands for 11 different companies on its website in addition to the one for Fulton County. AdvertisementA Fulton County court administration spokesperson declined to comment. AdvertisementAt a press conference on February 20, Fulton County Commission Chair Robb Pitts said no ransom was paid. AdvertisementThe renewed ransom threat comes as Willis's investigation is beleaguered by a series of heated hearings playing out in a Fulton County courtroom.

Persons: —, Donald Trump —, Donald Trump's, Christopher Krebs, Dan Schiappa, LockBitSupp —, Biden, Donald Trump, Trump, Joe Raedle, Oz, Krebs, Alashe, LockBit, Fulton, Fani Willis, It's, George Chidi, Pool, Schiappa, Robb Pitts, Pitts, Willis Organizations: Service, Fulton, Business, FBI, United, Crime Agency, US Department of Justice, government's, Trump, Justice Department, Boeing, Commercial Bank of China, U.S, Trump Force, Atlanta Hartsfield, Jackson International Airport, Biden, Trump —, Trump . Fulton, Arctic Wolf, Atlanta Journal Locations: Georgia, Fulton, Mexico, Fulton County, Atlanta , Georgia, Russian, Trump . Fulton County, Atlanta, Krebs

☆ LockBit: FBI and allies seize dark-web site of world’s most prolific ransomware gang
▼ + stars: | 2024-02-19 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +4 min

CNN —The FBI and its international allies have seized a dark-web site that the world’s most prolific ransomware gang has used to extort its victims, according to a message on the website viewed by CNN. The hackers claimed credit for a November ransomware attack that forced New Jersey-based Capital Health to cancel some patient appointments. LockBit also claimed responsibility for ransomware attacks on the Industrial and Commercial Bank of China and Fulton County, Georgia, in recent months. The US Justice Department also announced the indictment of two Russian men for deploying LockBit ransomware against victim organizations throughout the US, including against unnamed manufacturing firms. While there have been notable arrests and law enforcement seizures of millions of dollars’ worth of ransom payments, the ransomware economy continues to thrive.

Persons: LockBit, ”, cybercriminals, LockBit’s ransomware, Don Smith, Cybercriminals, ” Allan Liska, ” Liska, “ LockBit Organizations: CNN, FBI, Health, Industrial, Commercial Bank of China, National Crime Agency, LockBit, US Justice Department, Justice Department, Government Locations: New Jersey, Fulton County , Georgia, Australia, Germany, Eastern Europe, Russia, China, Secureworks

☆ Fulton County faces ransomware attack by ‘financially motivated actors,’ but county elections still on track
▼ + stars: | 2024-02-14 | by ( Sean Lyngaas | Alta Spells | ) edition.cnn.com time to read: +4 min

CNN —Officials in Georgia’s Fulton County, which includes parts of Atlanta, said Wednesday that “financially motivated” hackers appeared to be behind a ransomware attack that has disrupted key county services for weeks. The leak will only up the stakes for Fulton County to get a handle on a cyberattack that has hobbled services for weeks. The group that claimed Fulton County as a victim is a prolific group known as LockBit. It’s unclear if there has been any communication between Fulton County and the hackers. Fulton County’s ransomware attack comes amid a years-long effort by the US government to limit the damage of ransomware attacks on local governments, hospitals and other critical infrastructure.

Persons: “, Robb Pitts, Pitts, Fani Willis, Donald Trump, ” Pitts, LockBit, Fulton County’s, Cybercriminals, ” Alexander Leslie Organizations: CNN, Fulton, LockBit, Commercial Bank of China Locations: Georgia’s Fulton County, Atlanta, Fulton County, ” Fulton County, Fulton, Fulton County , Georgia

☆ ICBC partners wary to resume trading with bank after cyberattack - Bloomberg News
▼ + stars: | 2023-11-22 | by ( ) www.reuters.com time to read: +1 min

The logo of Industrial and Commercial Bank of China (ICBC) is seen at its branch at its headquarters in Beijing, China, March 30, 2016. The attack impeded trading in the $26 billion Treasury market and has left users of the bank's U.S. arm skittish about trading with the bank, the report said, citing people familiar with the matter. ICBC (601398.SS) did not immediately respond to Reuters' request for a comment. ICBC's U.S. arm was hit by a ransomware attack earlier this month. Reporting by Pritam Biswas in Bengaluru; Editing by Shilpi MajumdarOur Standards: The Thomson Reuters Trust Principles.

Persons: Kim Kyung, BNY Mellon, Pritam Biswas, Shilpi Majumdar Organizations: Industrial, Commercial Bank of China, REUTERS, Bloomberg, Reuters, Thomson Locations: Beijing, China, U.S, Bengaluru

☆ Ransomware targets will pay one way or another
▼ + stars: | 2023-11-17 | by ( Anita Ramaswamy | ) www.reuters.com time to read: +3 min

The White House has even considered an outright ban on firms making ransom payments. If companies can’t pay ransom, there’s no point in asking for it. ICBC’s self-identified attacker, a gang of digital extortionists called Lockbit, says ICBC paid up. Follow @AnitaRamaswamy on XCONTEXT NEWSThe Industrial and Commercial Bank of China’s U.S. arm was hit by a ransomware attack that disrupted some trades in the U.S. Treasury market on Nov. 9. A senior White House official said on Oct. 31 that the U.S. government planned to lead an alliance of 40 countries in a pledge to never pay ransom to cybercriminals.

Persons: Joe Biden’s, cybercriminals, it’s, there’s, ICBC, –, reckons, John Foley, Aditya Sriwatsav Organizations: Reuters, Industrial, Commercial Bank of China, SS, Treasuries, Companies, Caesars Entertainment, Commercial Bank of China’s, U.S . Treasury, White House, ., Thomson Locations: U.S, United States, Commercial Bank of China’s U.S

☆ ICBC Hackers Used Methods Previously Flagged by U.S. Authorities
▼ + stars: | 2023-11-14 | by ( Justin Baer | Andrew Duehren | ) www.wsj.com time to read: 1 min

The report suggests that the Industrial and Commercial Bank of China, the world’s largest bank, could have anticipated the cyberattacks. Photo: FLORENCE LO/REUTERSThe hackers who infiltrated the New York arm of the Industrial and Commercial Bank of China and disrupted trading in the U.S. Treasury market appeared to exploit three vulnerabilities that had been flagged by U.S. officials earlier this year. In an email sent to financial-services executives and trade groups Monday that was viewed by The Wall Street Journal, Treasury officials said that the ICBC attack stemmed from Lockbit 3.0 ransomware and two tactics that target users of services managed by Citrix, a cloud-computing company.

Organizations: Commercial Bank of China, REUTERS, Industrial, Commercial Bank of, U.S . Treasury, Wall Street Journal, Treasury, Citrix Locations: FLORENCE, New York, Commercial Bank of China, U.S

ICBC Financial Services could not be reached for comment. It said it had cleared Treasury trades executed on Wednesday and repo financing trades done on Thursday. While market participants and officials have said the impact of the ICBC hack on Treasury market functioning was limited, the full extent of it is not yet understood. The hack is likely to become a key topic of conversation at a major Treasury market conference on Nov. 16. ICBC told market participants Friday that they were also hoping to have a secondary email system set up soon.

Persons: Kim Kyung, BNY Mellon, ICBC, Moxfive, Darrell Duffie, Duffie, BNY, SIFMA, Paritosh, Edward Tobin Organizations: Industrial, Commercial Bank of China, REUTERS, Commercial Bank of China's, Treasury, ICBC Financial Services, Reuters, ICBC, Securities, Exchange, Stanford, ICBC Financial, Treasuries, Thomson Locations: Beijing, China, Commercial Bank of China's U.S, New York, Wall

The logo of Industrial and Commercial Bank of China (ICBC) is pictured at the entrance to its branch in Beijing, China April 1, 2019. ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Nov. 9, did not immediately respond to a request for comment. "They paid a ransom, deal closed," the Lockbit representative told Reuters via Tox, an online messaging app. "The market is mostly back to normal now," said Zhiwei Ren, a portfolio manager at Penn Mutual Asset Management. The ransomware attack came at a time of heightened worries about the resiliency of the $26 trillion Treasury market, essential to the plumbing of global finance, and is likely to draw scrutiny from regulators.

Persons: Florence, BNY Mellon, Zhiwei Ren, Ransom, Allen, James Pearson, Davide Barbuscia, Carolina Mandl, Tatiana Bautzer, Pete Schroeder, Michelle Price, David Goodman, Jonathan Oatis, Alexander Smith Organizations: Industrial, Commercial Bank of China, REUTERS, Commercial Bank of, Reuters, U.S . Treasury, Penn Mutual Asset Management, Treasury, U.S . Treasury Department, Financial, Authorities, Boeing, Overy, Washington DC, Thomson Locations: Beijing, China, Commercial Bank of China, U.S, Tox, United States, London, Carolina, New York, Washington

☆ In the Market: Inside Wall Street's scramble after ICBC hack
▼ + stars: | 2023-11-13 | by ( Paritosh Bansal | Thomson Reuters | Paritosh Oversees The Work Of More Than Journalists Across The Globe Who Write About Finance | ) www.reuters.com time to read: +7 min

It said it had cleared Treasury trades executed on Wednesday and repo financing trades done on Thursday. While market participants and officials have said the impact of the ICBC hack on Treasury market functioning was limited, the full extent of it is not yet understood. Nevertheless, market participants said the attack is likely to add a new aspect to the regulatory review, as it brings cyber threats into sharper focus. The hack is likely to become a key topic of conversation at a major Treasury market conference on Nov. 16. ICBC told market participants Friday that they were also hoping to have a secondary email system set up soon.

Lockbit was discovered in 2020 when its eponymous malicious software was found on Russian-language cybercrime forums, leading some security analysts to believe the gang is based in Russia. The gang has not professed support for any government, however, nor has any government formally attributed it to a nation-state. "We are located in the Netherlands, completely apolitical and only interested in money," the gang says on its dark web blog. The cybercrime gang infects a victim organisation's system with ransomware - malicious software that encrypts data - and then coerces targets into paying ransom to decrypt or unlock it. On the dark web, Lockbit's blog displays an ever-growing gallery of victim organisations that is updated nearly daily.

Persons: Lockbit, cybercriminals, Zeba Siddiqui, James Pearson, Rod Nickel Organizations: FRANCISCO, LONDON, Commercial Bank of China, Boeing, ION, Thomson Locations: Russia, Netherlands, United States, ICBC's U.S, San Francisco, London

A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. REUTERS/Benoit Tessier Acquire Licensing RightsCompanies Boeing Co FollowLONDON, Nov 10 (Reuters) - Internal data from Boeing (BA.N), one of the world's largest defence and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid. According to a post on Lockbit's website, the data from Boeing was published in the early hours of Friday morning. “We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems," Boeing said. The company said it "remains confident" the event does not pose a threat to aircraft or flight safety, but declined to comment on whether defense or other sensitive data had been obtained by Lockbit.

Persons: Benoit Tessier, Lockbit, Lockbit ransomware, James Pearson, Tim Hepher, Valerie Insinna, Kirsten Donovan, David Evans, Emelia Organizations: Boeing, Paris, REUTERS, Rights, Reuters, Lockbit, Cybersecurity, Infrastructure Security Agency, Industrial, Commercial Bank of China's, U.S . Treasury, Thomson Locations: Le Bourget, Paris, France, United States, India, Brazil, U.S, Washington

ICBC's U.S. unit told market participants on Friday it was hoping to finish the cyber review over the weekend, but the sources said they expected it would spill into next week. The cyberattack sent ripples through the U.S. Treasuries market, where ICBC acts as a broker for hedge funds and other market participants, helping them trade in the securities. The Chinese parent then injected capital into the U.S. unit, allowing it to settle the trades and pay back BNY Mellon, the sources said. They also told market participants about the capital injection but did not disclose the amount or the reason for it, the sources said. SIFMA, the trade group, organized calls for market participants with updates, the sources said.

Persons: Tingshu Wang, BNY Mellon, ransomware, ICBC, SIFMA, Janet Yellen, Lifeng, Scott Skyrm, Jack McIntyre, Harry Robertson, James Pearson, Naomi Rovinick, Yoruk, Davide Barbuscia, Chris Prentice, Mike Derby, Carolina Mandl, Laura Matthews, Paritosh, Zeba, Megan Davies, Dhara Ranasinghe, Alexander Smith, Richard Chang, Anna Driver Organizations: Asset Management, Fair for Trade, Services, REUTERS, Commercial Bank of China, U.S ., ICBC Financial Services, Securities Industry, Financial Markets Association, ICBC, Treasury, China, U.S, New York Federal Reserve, Securities, Depository Trust, Clearing Corp, Thomson Locations: Beijing, China, ICBC's U.S, U.S, San Francisco, Treasuries, Hong Kong, Shanghai, London, Amsterdam, Carolina, New York

☆ Brazen ransomware attack on US unit of Chinese banking giant has financial sector on alert
▼ + stars: | 2023-11-10 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +5 min

It led to a flurry of behind-the-scenes coordination with the affected bank and across the financial sector about the threat. The hackers hit New York-based ICBC Financial Services, a subsidiary of the world’s largest bank by assets and a Chinese state-owned institution. ICBC Financial Services did not respond to CNN’s request for comment on Friday. “If China sees this as a black eye, they may demand action from the Russian government,” Liska told CNN. LockBit ransomware was the most deployed ransomware around the world in 2022, according to US cybersecurity officials.

Persons: ”, “, ” Jon Miller, Halcyon, BNY Mellon, LockBit, Allan Liska, ” Liska, JPMorgan Chase, LockBit ransomware, ” Will Thomas Organizations: CNN, Commercial Bank of, Intelligence, Financial Services, Treasury, ICBC Financial, Reuters, JPMorgan, FBI, Infrastructure Security Agency, Treasury Department Locations: Commercial Bank of China, US, York, China, Russia, United States, Iran, cybersecurity

[1/2] People walk past a booth of ICBC Credit Suisse Asset Management Co at the 2020 China International Fair for Trade in Services (CIFTIS), in Beijing, China September 5, 2020. China's foreign ministry spokesperson Wang Wenbin said that business remained normal at ICBC head office, other branches and subsidiaries across the globe. Some market participants said trades going through ICBC were not settled due to the incident and that market liquidity had been affected. ICBC said it had successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades done on Thursday. While market sources said on Thursday the impact of the ICBC hack appeared limited, the attack underlined how vulnerable systems at large organizations continue to be.

Persons: Tingshu Wang, ICBC, Wang Wenbin, Wang, Jerome Powell, Lockbit, Harry Robertson, Yoruk, Dhara Ranasinghe, Alexander Smith Organizations: Asset Management, Fair for Trade, Services, REUTERS, Industrial, Commercial Bank of China, Global, ICBC's, Authority, Traders, U.S . Treasury, Federal, Treasury, Cybersecurity, Infrastructure Security Agency, Thomson Locations: Beijing, China, China's, ICBC's U.S, Europe, Hong Kong, Shanghai, London, Amsterdam

☆ Lockbit cybercrime gang claims hack on China's biggest lender ICBC
▼ + stars: | 2023-11-10 | by ( ) www.reuters.com time to read: 1 min

Companies Industrial and Commercial Bank of China Ltd FollowNov 10 - The cybercrime gang Lockbit confirmed on Friday that it had hacked into the Industrial and Commercial Bank of China - the biggest Chinese lender by assets. "Yes we confirm," a representative for Lockbit said when reached on their contact address via the messaging platform Tox. Reporting by Zeba Siddiqui in San Francisco; Editing by Chizu NomiyamaOur Standards: The Thomson Reuters Trust Principles.

Persons: Lockbit, Zeba Siddiqui, Chizu Organizations: Industrial, Commercial Bank of China, Thomson Locations: San Francisco

China's foreign ministry said on Friday the lender is striving to minimise risk impact and losses after the attack. "We don't often see a bank this large get hit with this disruptive of a ransomware attack," said Allan Liska, a ransomware expert at the cybersecurity firm Recorded Future. TRADES CLEAREDICBC said it had successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades done on Thursday. Some market participants said trades going through ICBC were not settled due to the attack and affected market liquidity. The Treasury market appeared to be functioning normally on Thursday, according to LSEG data.

Persons: Kim Kyung, ICBC, Wang Wenbin, Wang, Lockbit, Allan Liska, Scott Skrym, Michael Gladchun, Loomis Sayles, SIFMA, Urvi, Pete Schroder, Gertrude Chavez, Davide Barbuscia, Carolina Mandl, Paritosh Bansal, Joe Cash, Stephen Coates, Tomasz Janowski Organizations: Commercial Bank of China Ltd, REUTERS, Industrial, Commercial Bank of China, Commercial Bank of China's, U.S . Treasury, ICBC Financial Services, Cybersecurity, Infrastructure Security Agency, Boeing, U.S . Treasury Department, Treasury, Securities, Financial Times, U.S . Securities Industry, Financial Markets Association, Thomson Locations: Beijing, China, U.S, Bengaluru, Washington, Carolina

☆ Law firm Allen & Overy hit by 'data incident'
▼ + stars: | 2023-11-09 | by ( ) www.reuters.com time to read: +2 min

REUTERS/Kacper Pempel/Files Acquire Licensing RightsLONDON, Nov 9 (Reuters) - Allen & Overy has suffered a "data incident", the London-founded law firm said on Thursday, after social media posts suggested it had been hacked by the Lockbit cybercrime gang. An Allen & Overy spokesperson said the firm had "experienced a data incident impacting a small number of storage servers", but its email and document management system had not been affected. The spokesperson also said Allen & Overy has suffered "some disruption", but that it continued to operate normally. Lockbit took credit for the hack and gave a deadline of Nov. 28 for Allen & Overy to negotiate, according to the criminal group's website on the dark web. The cyber attack on Allen & Overy follows last month's confirmation of its merger with U.S. law firm Shearman & Sterling, to create one of the world's largest legal practices.

Persons: Kacper, Overy, Lockbit, Allen, Wales –, Shearman, Sam Tobin, James Pearson, Sarah Young, Tomasz Janowski Organizations: Allen, Financial Times, Overy, Overy's, Boeing, Royal, Authority, Wales, U.S, Sterling, Thomson Locations: Warsaw, London, United States, Britain, England

A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. The Lockbit threat was no longer on the gang's website as of Wednesday, and it didn't immediately respond to a request for comment. Boeing declined to comment on whether Lockbit was behind the cyber incident it disclosed. It's unclear what data Lockbit may have stolen from the company. "Paying the ransom would simply elicit a pinky promise from LockBit that they will destroy whatever data they obtained," Callow said.

Persons: Benoit Tessier, didn't, Lockbit, Brett Callow, Emsisoft, Callow, Valerie Insinna, Chris Reese, Lisa Shumaker, Jamie Freed Organizations: Boeing, Paris, REUTERS, Rights, Cybersecurity, Infrastructure Security Agency, Global Services, Services, Thomson Locations: Le Bourget, Paris, France

☆ Boeing assessing Lockbit hacking gang threat of sensitive data leak
▼ + stars: | 2023-10-27 | by ( Zeba Siddiqui | ) www.reuters.com time to read: +2 min

The hacking group posted a countdown clock on its data leak website with a message saying, "Sensitive data was exfiltrated and ready to be published if Boeing do not contact within the deadline!" "For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline," the hacking group said. The hacking group typically deploys ransomware on a victim organization's system to lock it up and also steals sensitive data for extortion. Lockbit was the most active global ransomware group last year based on the number of victims it claimed on its data leak blog, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The hacking gang also did not immediately respond to a request for comment sent on an address it mentioned on its data leak site.

Persons: Lindsey Wasson, Lockbit, CISA, Zeba Siddiqui, Leslie Adler Organizations: Boeing KC, Pegasus, U.S . Air Force, REUTERS, Rights, Boeing, Boeing Co, Cybersecurity, Infrastructure Security Agency, Thomson Locations: Everett , Washington , U.S, ”, San Francisco

☆ Japan’s largest port hit with ransomware attack
▼ + stars: | 2023-07-06 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

New York CNN —Japan’s busiest shipping port said Thursday it would resume operations after a ransomware attack prevented the port from receiving shipping containers for two days. The expected restoration of the Port of Nagoya, a hub for car exports and an engine of the Japanese economy, will ease concerns about any wider economic fallout from the ransomware attack. The hack forced the port to stop handling shipping containers that came to the terminal by trailer, the association said. As of midday Thursday in Japan, there was no claim of responsibility for the Port of Nagoya ransomware attack from the LockBit group on their dark-web site. Though this may be a first for Japan, ransomware and related hacks have hit ports in other countries.

Persons: Ransomware, Mihoko Matsubara, TSMC, Port, Matsubara Organizations: New, New York CNN, Nagoya Harbor Transportation Association, NTT Corporation, CNN, Port, Japan Locations: New York, Port, Nagoya, Japan, Ukraine

☆ TSMC confirms supplier data breach following ransom demand by Russian-speaking cybercriminal group
▼ + stars: | 2023-06-30 | by ( Sean Lyngaas | ) edition.cnn.com time to read: +2 min

Confirmation of the breach came after Russian-speaking cybercriminals claimed TSMC as a victim on Thursday and demanded an extraordinary $70 million ransom from the semiconductor firm. There were no signs that TSMC or the hardware supplier, Taiwanese firm Kinmax, had any plans to pay the hackers (representatives from both companies didn’t respond to CNN’s questions about any ransom). “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” TSMC said in a statement to CNN. The hackers accessed Kinmax’s internal “testing environment” for the technology it prepares to deliver to customers, Kinmax said in a statement distributed by TSMC. LockBit is the name of the group claiming responsibility for the hack of the TSMC supplier and the type of ransomware they use.

Persons: cybercriminals, TSMC, —, ” TSMC, Kinmax, LockBit, LockBit ransomware, Jon DiMaggio Organizations: CNN, Apple, TSMC Locations: Taiwan’s

☆ Russian ransomware hacker extorted millions from U.S. businesses, prosecutors say
▼ + stars: | 2023-06-15 | by ( Rohan Goswami | In Rohangoswamicnbc | ) www.cnbc.com time to read: +2 min

A 20-year-old Russian hacker was part of a campaign that worked to extort tens of millions of dollars from more than 1,400 victims, federal prosecutors said Thursday. Astamirov allegedly deployed ransomware called LockBit to steal sensitive data from the servers of businesses, then lock those systems and demand payment of hundreds of thousands of dollars. Department of Justice prosecutors allege Astamirov was directly responsible for five different attacks against U.S. businesses in Florida and Virginia, as well as international businesses based in France, Japan and Kenya. LockBit-powered attacks account for 16% of ransomware attacks against state and local governments, according to the Department of Homeland Security. Astamirov will face a federal judge Thursday, prosecutors said in a release announcing his arrest.

Persons: Ruslan Astamirov, Astamirov, ransomware, Astarimov, cybercriminals, Lisa Monaco, LockBit, Carlos Del Toro Organizations: Department of Justice, U.S, Department of Homeland Security, NBC, CNBC, U.S . Navy Locations: Russian, Chechen Republic, , New Jersey, Florida, Virginia, France, Japan, Kenya, Russia, China

Search resuls for: "LockBit"

25 mentions found