Voici la sélection des cyberattaques majeures découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment
The transaction, visible on Bitcoin’s blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.
Depuis plusieurs semaines, la Suède est la cible du groupe cybercriminel Akira
En ce début d’année, Akira, un groupe de cybercriminels potentiellement proche du Kremlin a multiplié les attaques par rançongiciel en Suède.
Ces deux spécialistes du ransomware ont noué un partenariat
Deux gangs spécialisés dans les ransomwares se sont associés. En mettant leurs ressources en commun, les cybercriminels ont orchestré une pluie de cyberattaques et développé des services à destination des hackers en herbe.
Attack wrangles thousands of web users into a password-cracking botnet
Ongoing attack is targeting thousands of sites, continues to grow.
UnitedHealth May Have Paid Ransomware Gang $22M to Fix Prescription Fiasco
UnitedHealth Group has not confirmed a payment, but an affiliate of the ALPHV/Blackcat gang disclosed the number in a forum while complaining about being swindled out of their cut.
Canada’s anti-money laundering agency offline after cyberattack
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a « cyber incident » forced it to take its corporate systems offline as a precaution.
MiTM phishing attack can let attackers unlock and steal a Tesla
Researchers demonstrated how they could conduct a Man-in-the-Middle (MiTM) phishing attack to compromise Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.
UnitedHealth brings some Change Healthcare pharmacy services back online
Optum’s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system.
BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. » ALPHV « ) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks.
Hacktivist Collective NoName057(16) Strikes European Targets
Sekoia.io observed developments in the group’s DDoS tools, including updates enhancing compatibility with different processor architectures and OS
FBI: US Ransomware Losses Surge 74% to $59.6 Million in 2023
Ransomware losses in the US rose by 74% to $59.6m in 2023, according to reported incidents to the FBI
Canada : la ville d’Hamilton reconnaît être victime d’un rançongiciel – InCyber
La ville canadienne d’Hamilton, dans l’Ontario, a admis, le 4 mars 2024, avoir subi une attaque par rançongiciel, à l’origine des pannes informatiques qui la touche depuis le 25 février 2024. L’attaque a contraint la mairie à couper toutes ses lignes téléphoniques, et à déconnecter d’Internet l’ensemble de ses postes informatiques.
Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Ukraine claims to have successfully hacked Russian military servers and gained access to highly sensitive information.
CySecurity News – Latest Information Security and Hacking Incidents: China State-Sponsored Spies Hack Site and Target User Systems in Asia
During the campaign, the attackers gained access to the websites of three different businesses.
North Korea Hits ScreenConnect Bugs to Drop ‘ToddleShark’ Malware
North Korea’s latest espionage tool is tough to pin down, with random generators that throw detection mechanisms off its scent. The DPRK is using the recent critical bugs in ConnectWise ScreenConnect, a remote desktop tool, to deliver the bug.
CySecurity News – Latest Information Security and Hacking Incidents: United Health Allegedly Paid $22M Ransomware
Optum, a subsidiary of UnitedHealth Group, paid $22 million to obtain a decryption key and « prevent data leakage ».
Ransomware group behind Change Healthcare attack goes dark
ALPHV/BlackCat reportedly received $22 million from Change Healthcare before scamming its affiliates ahead of a possible rebrand.
BlackCat ransomware shuts down in exit scam, blames the « feds »
The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates’ money by pretending the FBI seized their site and infrastructure.
Lazarus modernise son rootkit avec la faille zero day AppLocker – Le Monde Informatique
Intrusion, Hacking et Pare-feu : Le groupe APT Lazarus, affilié à la Corée du Nord a actualisé son rootkit FudModule pour intégrer la faille AppLocker. Elle lui octroie une élévation…
Le groupe Nobelium a piraté aussi du code source de Microsoft – Le Monde Informatique
Intrusion, Hacking et Pare-feu : L’attaque menée par le groupe Nobelium aka Midnight Blizzard sur les messageries de dirigeants de Microsoft a aussi conduit à du vol de certains…
💡 Ne manquez plus l'essentiel
Recevez les analyses et tendances cybersécurité directement dans votre boîte mail.
