Top related persons:
Top related locs:
Top related orgs:

Search resuls for: "LockBit ransomware"


9 mentions found


Federal prosecutors on Tuesday announced criminal charges against a Russian national, Dimitry Yuryevich Khoroshev, for allegedly creating, developing, and administrating the LockBit ransomware-as-service group. The U.S. State Department at the same time offered a $10 million reward for information leading to the apprehension and arrest of Khoroshev, a 31-year-old from Voronezh, Russia. The Treasury Department also imposed sanctions on Khoroshev, blocking all property and interests he holds in the United States or are in the possession of Americans. Khoroshev, who also is known as LockBitSupp, LockBit, and putinkrab, was charged in a 26-count indictment in U.S. District Court in New Jersey, which accuses him of personally pocketing at least $100 million from victims of the group. He typically received 20% of each ransom payment, authorities said.
Persons: Dimitry Yuryevich Khoroshev, Khoroshev, LockBit's, pocketing Organizations: U.S . State Department, Treasury Department, The, Justice, DOJ Locations: Russian, Voronezh, Russia, United States, U.S, New Jersey
CNN —The FBI and its international allies have seized a dark-web site that the world’s most prolific ransomware gang has used to extort its victims, according to a message on the website viewed by CNN. The hackers claimed credit for a November ransomware attack that forced New Jersey-based Capital Health to cancel some patient appointments. LockBit also claimed responsibility for ransomware attacks on the Industrial and Commercial Bank of China and Fulton County, Georgia, in recent months. The US Justice Department also announced the indictment of two Russian men for deploying LockBit ransomware against victim organizations throughout the US, including against unnamed manufacturing firms. While there have been notable arrests and law enforcement seizures of millions of dollars’ worth of ransom payments, the ransomware economy continues to thrive.
Persons: LockBit, , cybercriminals, LockBit’s ransomware, Don Smith, Cybercriminals, ” Allan Liska, ” Liska, “ LockBit Organizations: CNN, FBI, Health, Industrial, Commercial Bank of China, National Crime Agency, LockBit, US Justice Department, Justice Department, Government Locations: New Jersey, Fulton County , Georgia, Australia, Germany, Eastern Europe, Russia, China, Secureworks
The logo of Industrial and Commercial Bank of China (ICBC) is pictured at the entrance to its branch in Beijing, China April 1, 2019. ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on Nov. 9, did not immediately respond to a request for comment. "They paid a ransom, deal closed," the Lockbit representative told Reuters via Tox, an online messaging app. "The market is mostly back to normal now," said Zhiwei Ren, a portfolio manager at Penn Mutual Asset Management. The ransomware attack came at a time of heightened worries about the resiliency of the $26 trillion Treasury market, essential to the plumbing of global finance, and is likely to draw scrutiny from regulators.
Persons: Florence, BNY Mellon, Zhiwei Ren, Ransom, Allen, James Pearson, Davide Barbuscia, Carolina Mandl, Tatiana Bautzer, Pete Schroeder, Michelle Price, David Goodman, Jonathan Oatis, Alexander Smith Organizations: Industrial, Commercial Bank of China, REUTERS, Commercial Bank of, Reuters, U.S . Treasury, Penn Mutual Asset Management, Treasury, U.S . Treasury Department, Financial, Authorities, Boeing, Overy, Washington DC, Thomson Locations: Beijing, China, Commercial Bank of China, U.S, Tox, United States, London, Carolina, New York, Washington
A Boeing logo is seen at the 54th International Paris Airshow at Le Bourget Airport near Paris, France, June 18, 2023. REUTERS/Benoit Tessier Acquire Licensing RightsCompanies Boeing Co FollowLONDON, Nov 10 (Reuters) - Internal data from Boeing (BA.N), one of the world's largest defence and space contractors, was published online on Friday by Lockbit, a cybercrime gang which extorts its victims by stealing and releasing data unless a ransom is paid. According to a post on Lockbit's website, the data from Boeing was published in the early hours of Friday morning. “We are aware that, in connection with this incident, a criminal ransomware actor has released information it alleges to have taken from our systems," Boeing said. The company said it "remains confident" the event does not pose a threat to aircraft or flight safety, but declined to comment on whether defense or other sensitive data had been obtained by Lockbit.
Persons: Benoit Tessier, Lockbit, Lockbit ransomware, James Pearson, Tim Hepher, Valerie Insinna, Kirsten Donovan, David Evans, Emelia Organizations: Boeing, Paris, REUTERS, Rights, Reuters, Lockbit, Cybersecurity, Infrastructure Security Agency, Industrial, Commercial Bank of China's, U.S . Treasury, Thomson Locations: Le Bourget, Paris, France, United States, India, Brazil, U.S, Washington
It led to a flurry of behind-the-scenes coordination with the affected bank and across the financial sector about the threat. The hackers hit New York-based ICBC Financial Services, a subsidiary of the world’s largest bank by assets and a Chinese state-owned institution. ICBC Financial Services did not respond to CNN’s request for comment on Friday. “If China sees this as a black eye, they may demand action from the Russian government,” Liska told CNN. LockBit ransomware was the most deployed ransomware around the world in 2022, according to US cybersecurity officials.
Persons: , , ” Jon Miller, Halcyon, BNY Mellon, LockBit, Allan Liska, ” Liska, JPMorgan Chase, LockBit ransomware, ” Will Thomas Organizations: CNN, Commercial Bank of, Intelligence, Financial Services, Treasury, ICBC Financial, Reuters, JPMorgan, FBI, Infrastructure Security Agency, Treasury Department Locations: Commercial Bank of China, US, York, China, Russia, United States, Iran, cybersecurity
Confirmation of the breach came after Russian-speaking cybercriminals claimed TSMC as a victim on Thursday and demanded an extraordinary $70 million ransom from the semiconductor firm. There were no signs that TSMC or the hardware supplier, Taiwanese firm Kinmax, had any plans to pay the hackers (representatives from both companies didn’t respond to CNN’s questions about any ransom). “After the incident, TSMC has immediately terminated its data exchange with this concerned supplier in accordance with the Company’s security protocols and standard operating procedures,” TSMC said in a statement to CNN. The hackers accessed Kinmax’s internal “testing environment” for the technology it prepares to deliver to customers, Kinmax said in a statement distributed by TSMC. LockBit is the name of the group claiming responsibility for the hack of the TSMC supplier and the type of ransomware they use.
Persons: cybercriminals, TSMC, , ” TSMC, Kinmax, LockBit, LockBit ransomware, Jon DiMaggio Organizations: CNN, Apple, TSMC Locations: Taiwan’s
A 20-year-old Russian hacker was part of a campaign that worked to extort tens of millions of dollars from more than 1,400 victims, federal prosecutors said Thursday. Astamirov allegedly deployed ransomware called LockBit to steal sensitive data from the servers of businesses, then lock those systems and demand payment of hundreds of thousands of dollars. Department of Justice prosecutors allege Astamirov was directly responsible for five different attacks against U.S. businesses in Florida and Virginia, as well as international businesses based in France, Japan and Kenya. LockBit-powered attacks account for 16% of ransomware attacks against state and local governments, according to the Department of Homeland Security. Astamirov will face a federal judge Thursday, prosecutors said in a release announcing his arrest.
Persons: Ruslan Astamirov, Astamirov, ransomware, Astarimov, cybercriminals, Lisa Monaco, LockBit, Carlos Del Toro Organizations: Department of Justice, U.S, Department of Homeland Security, NBC, CNBC, U.S . Navy Locations: Russian, Chechen Republic, , New Jersey, Florida, Virginia, France, Japan, Kenya, Russia, China
Feb 7 (Reuters) - UK's Royal Mail, which has been grappling with a cyberattack for about a month now, was added to ransomware group LockBit's dark web leak site this week, TechCrunch reported on Tuesday. LockBit was threatening to publish "all available (Royal Mail) data" on Thursday, according to the report. Reporting by Aby Jose Koilparambil in Bengaluru; Editing by Shounak DasguptaOur Standards: The Thomson Reuters Trust Principles.
ION Group, the financial data firm's parent company, said in a statement on its website that the attack began on Tuesday. "The incident is contained to a specific environment, all the affected servers are disconnected, and remediation of services is ongoing," ION Group said, declining requests for further comment. ABN told clients on Wednesday that due to "technical disruption" from ION, some applications were unavailable and were expected to remain so for a "number of days". It added that its staff had to process trades directly with the exchange. Intesa Sanpaolo told clients that its brokerage and clearing operations on exchange-traded derivatives had been "severely hampered" by IT problems at ION and that it was not able to handle orders.
Total: 9