ITSEC NewsAug 5, 2021
Ransomware Gangs and the Name Game Distraction - It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut do... https://krebsonsecurity.com/2021/08/ransomware-gangs-and-the-name-game-distraction/ #evgeniymikhailovichbogachev #blackmatterransomware #darksideransomware #babukransomware #griefransomware #revilransomware #thebusinessclub #cryptolocker #doppelpaymer #gameoverzeus #indrikspider #wastedlocker #crowdstrike #fabianwosar #ransomware #bitpaymer #emsisoft
Ransomware Gangs and the Name Game Distraction – Krebs on Security

dispatchAug 5, 2021
Ransomware Gangs and the Name Game Distraction https://krebsonsecurity.com/2021/08/ransomware-gangs-and-the-name-game-distraction/ #EvgeniyMikhailovichBogachev #BlackMatterransomware #DarkSideransomware #Babukransomware #Griefransomware #REvilransomware #TheBusinessClub #Cryptolocker #DoppelPaymer #GameoverZeuS #IndrikSpider #WastedLocker #CrowdStrike #FabianWosar #Ransomware #BitPaymer #EvilCorp. #MarkArena #Emsisoft #GandCrab #Cerber #Dridex #TA505 #zeus
Ransomware Gangs and the Name Game Distraction – Krebs on Security

SecurityLabOct 2, 2020
Минфин США представил руководство по уплате выкупа вымогателям без нарушения санкций #США, #руководство, #OFAC, #санкции, #Cryptolocker, #SamSam, #Lazarus, #EvilCorp, #BitPaymer, #WastedLocker, #WannaCry https://www.securitylab.ru/news/512682.php https://twitter.com/SecurityLabnews/status/1311933951678787584/photo/1
Минфин США представил руководство по уплате выкупа вымогателям без нарушения санкций

Министерство пояснило, что делать, если уплата выкупа операторам вымогательского ПО может стать нарушением санкций.

IvoAug 19, 2020

RT @[email protected]

Super happy to have my write-up of a #WastedLocker / #EvilCorp campaign we observed in July published. https://www.darktrace.com/en/blog/evil-corp-intrusions-wasted-locker-ransomware-detected-by-darktrace/.
What can orgs do to protect themselves (further tweets below)?
👇👇

Evil Corp intrusions: WastedLocker ransomware detected by Darktrace

Darktrace has recently observed multiple intrusions associated with renowned threat actor Evil Corp. This blog details how Darktrace’s AI detected the malicious activity throughout the attack life cycle – from the initial intrusion and the C2 traffic to the encryption or exfiltration of sensitive files.

Teddy / Domingo (🇨🇵/🇬🇧)Aug 11, 2020
An important aspect of behavior-based anti- #malware software is to identify and prevent frequent sequential file operations, such as quickly opening, editing, and closing the files opened by external applications. #WastedLocker #ransomware is now using advanced techniques to bypass behavior-based anti- #malware #tools by exploiting #Windows memory management features.
https://cyware.com/news/wastedlocker-can-now-bypass-behavioral-detections-in-anti-malware-software-468a34f1/?&web_view=true
#security #vulnerabilities
WastedLocker Can Now ByPass Behavioral Detections in Anti-Malware Software | Cyware Hacker News

Security experts found WastedLocker abusing the internal working procedure of Windows cache memory using advanced techniques to bypass behavior-based anti-malware tools. Learn more!

Teddy / Domingo (🇨🇵/🇬🇧)Aug 5, 2020
The #WastedLocker #ransomware is abusing a #Windows memory management feature to evade detection by #security software.
https://www.bleepingcomputer.com/news/security/wastedlocker-ransomware-abuses-windows-feature-to-evade-detection/?&web_view=true
A new reason to give op #Windows #operatingsystem, and chose #opensource and #Free (as in #freedom) one's like #linux, more secured and respecting #usersdatas
#freesoftware #fuckgafam
WastedLocker ransomware abuses Windows feature to evade detection

The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software.

ITSEC NewsAug 3, 2020
Garmin Pays Up to Evil Corp After Ransomware Attack — Reports - The ransom for the decryptor key in the WastedLocker attack could have topped $10 million, sources... https://threatpost.com/garmin-pays-evil-corp-ransomware-attack-reports/157971/ #ransomwareattack #malwareanalysis #cryptography #decryptorkey #wastedlocker #kaspersky #evilcorp #malware #dridex #garmin #paidup #hacks
Garmin Pays Up to Evil Corp After Ransomware Attack — Reports

The ransom for the decryptor key in the WastedLocker attack could have topped $10 million, sources said.

Threatpost - English - Global - threatpost.com
SecurityLabAug 3, 2020
Стало известно, как Garmin восстановила свои файлы после кибератаки #выкуп, #WastedLocker, #Garmin https://www.securitylab.ru/news/510732.php https://twitter.com/SecurityLabnews/status/1290183018938863616/photo/1
Стало известно, как Garmin восстановила свои файлы после кибератаки

Единственный способ, с помощью которого компания могла получить ключ для расшифровки файлов, - заплатить вымогателям.

SecurityLabAug 3, 2020
Стало известно, как Garmin восстановила свои файлы после кибератаки #выкуп, #WastedLocker, #Garmin https://www.securitylab.ru/news/510732.php https://twitter.com/SecurityLabnews/status/1290173947682537474/photo/1
Стало известно, как Garmin восстановила свои файлы после кибератаки

Единственный способ, с помощью которого компания могла получить ключ для расшифровки файлов, - заплатить вымогателям.

SecurityLabJul 29, 2020
Times: Garmin заплатили 10 млн долларов «русским» хакерам #хакер, #Garmin, #WastedLocker, #Якубец, #США, #Турашев https://www.securitylab.ru/news/510639.php https://twitter.com/SecurityLabnews/status/1288531356134395906/photo/1
Times: Garmin заплатили 10 млн долларов «русским» хакерам

В  в этом случае компании грозят санкции со стороны Министерства финансов США.