Jump to content

Search the Community

Showing results for tags 'victims'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 5 results

  1. FBI says ransomware victims paid over $140 million to attackers Federal Bureau of Investigation (FBI) was one of the attendees at the RSA 2020 conference which covers security and is attended by big companies like IBM and AT&T. This year, the conference lacked involvement from major tech giants due to the Coronavirus outbreak but FBI and others attended the event to talk about customer security. At the event, FBI released an interesting stat which claims that ransomware victims have paid over $140 million to the attackers in the last 6 years. The agency arrived at the number by analyzing bitcoin wallets and ransom notes. FBI Special Agent Joel DeCapua presented his findings in two sessions explaining how he analyzed bitcoin wallets to arrive at the number. According to DeCapua, between October 2013 and November 2019, approximately $144,350,000 was paid in bitcoins to ransomware attackers. The most profitable ransomware was Ryuk which brought $61.26m. Ryuk was then followed by Crysis/Dharma at $24.48m and Bitpaymer at $8.04m. FBI noted that the ransom amounts could be higher as they don’t have the full data available. Most companies try and hide these details to prevent negative press and hurt their stock prices. DeCapua also revealed that Windows Remote Desktop Protocol (RDP) is the most common method used by attackers to gain access to the victim’s PC. RECOMMENDATIONS FROM THE FBI RDP accounts for 70-80% of all network breaches which is why he recommended organizations use Network Level Authentication (NLA) for additional protection. DeCapua also suggested organizations to use complex passwords on their RDP accounts. He also recommended organizations to monitor updates and install updates for both apps and OS as soon as possible. It is very common for researchers to publish Proof-of-concept after a vulnerability is fixes so any bad actor can use it to attack a system that hasn’t been updated. Lastly, he stretched on the importance of identifying phishing websites and making sure they have data backups to prevent falling victim to a ransomware attack. Source
  2. Twenty-two women have won $12.75 million in a years-long lawsuit alleging a predatory scheme by GirlsDoPorn, a site that hosts purportedly one-time pornographic videos featuring “amateur” college-age women and teen girls. The women provided evidence that the company lured them into shoots under false pretenses, intimidated and coerced them into performing, and shared the images online without their consent. They sued a total of 13 affiliated businesses and individuals, including owner Michael Pratt, actor Andre Garcia, and videographer Matthew Wolfe. Screenshot: Michael Pratt, owner of GirlsDoPorn In a four-month trial, anonymous women testified that GirlsDoPorn flew them to San Diego hotels for “modeling” gigs. After they arrived, they said, the group gave them drugs and alcohol and hurried them to sign opaquely-worded contracts without telling them the name of their site, promising them that their videos would only be distributed on DVDs to private clients in New Zealand and Australia. Within weeks, clips appeared on the GirlsDoPorn homepage and sites like PornHub, and they were doxxed. The plaintiffs believe, in part, that the site itself helped disseminate their identities to acquaintances, employers, friends, and family in order to help the video go viral; GirlsDoPorn owner Michael J. Pratt briefly owned PornWikiLeaks, where their information was posted. Several testified that they’d asked to stop mid-shoot and were refused. One defendant alleged that she’d asked not to go through with the shoot at all, but the company threatened to withhold her hotel reservation and plane ticket home, knowing she couldn’t afford to pay for them herself. In October of last year, the Daily Beast reported on a motion in which their attorney claimed to have interviewed 100 women with similar stories of fraud and coercion by GirlsDoPorn, and over a dozen accused actor Andre Garcia of sexual assault. The parties stipulated that the company made over $1 million on the performers’ collective work. The company concealed their assets, and Pratt, who collects 100% of the profits from GirlsDoPorn, filed for bankruptcy; in a profile, the Daily Beast quoted texts submitted in evidence, saying: “As soon as I bankrupt the business...they [the plaintiffs] are f###d.” As Courthouse News reported in October of last year, at least one woman testified that she was paid half of the promised $5,000 because she “looked old.” She was 22 at the time of filming. In the verdict, San Diego Superior Court Judge Kevin Enright wrote that the contracts were “invalid and unenforceable–part and parcel of Defendants’ fraudulent scheme.” Enright found clear and convincing evidence that the syndicate acted in malice, oppression or fraud, writing: “Collectively, they have experienced severe harassment, emotional and psychological trauma, and reputational harm; lost jobs, academic and professional opportunities, and family and personal relationships; and had their lives derailed and uprooted. They have become pariahs in their communities. Several Plaintiffs have become suicidal.” GirlsDoPorn continued to show total indifference throughout the trial, even uploading a new video involving one Jane Doe who claimed that she was not made aware of the lawsuit when she shot the video in August. The women won a total of $9.45 million in compensatory damages, $3.3 million in punitive damages, and copyrights to their videos. GirlsDoPorn has been ordered to remove their videos from the internet. Pratt has fled the country and has been charged with additional counts of producing child pornography and child sex trafficking for coercing a 16-year-old into producing a video despite full knowledge of her age. The site is, unfortunately, still live. Source
  3. A court has ordered Grant West to pay back his victims with his cryptocurrency savings. But how much are they worth now, two years after his arrest? LONDON—A UK court today ordered a hacker, who carried out attacks on more than 100 firms, to pay back victims using cryptocurrency. The problem? The bitcoin, which was worth more than $2 million two years ago when the crimes were committed, is now worth half that. The unusual case is yet another ruling that could bolster bitcoin’s legal standing as an asset class. Police say Grant West, 27, from Kent in southeast England, operated on the dark web under the pseudonym Courvoisier, and specialized in phishing attacks on a number of companies including Uber and the UK supermarket chain, Sainsbury’s. West was arrested in September 2017 and accused of securing the financial details of tens of thousands of customers. Police say he sold the data, and converted the profits to cryptocurrencies. He received a 10-year jail sentence in May for charges including conspiracy to defraud, and criminal possession. Crown Court judge Joanna Korner ruled today that the state was entitled to confiscate West’s cryptocurrency and that he must obey the confiscation order or face an extra four years in prison. However, the holdings have decreased by nearly half during the past two years, according to Reuters, and prosecutors are finding it difficult to assess the true value of restitution. The value of the seized assets was eventually calculated by authorities on Friday at a rate of about £8,500 a bitcoin, with reference to the Proceeds of Crime Act, according to the UK’s Guardian paper. Prosecuting counsel, Kevin Barry, told the court, “As the court recognizes today, as do the parties, there is likely to be fluctuation which will require in due course for the order to be amended upwards or downwards.” Thus far, British law says that Bitcoin is “data,” not property, meaning that you can’t claim it back if someone’s stolen it. But earlier this week, in an interim judgement on a cryptocurrency hacking case, the UK High Court ruled that bitcoin is "property," potentially making it easier for victims to claim restitution. Source
  4. Most of the attacks came from state-sponsored hacking groups in Iran, North Korea, and Russia. Microsoft said that over the past year it notified nearly 10,000 users that they'd been targeted or compromised by nation-state hacking groups. The company didn't just blast out random statistics, but also named names. Microsoft said most of the attacks came from state-sponsored hackers from Iran, North Korea, and Russia. More precisely, the Iran attacks came from groups Microsoft calls Holmium and Mercury, the North Korean attacks came from a group called Thallium, and the Russian attacks came from groups called Yttrium and Strontium. Who are some these groups? Some of these codenames are new, but some describe years-old state-sponsored groups. For example, according to this Google spreadsheet that keeps track of all the different nation-state hacking group names, Holium is the codename of Iran's APT33. This is one of the most infamous cyber-espionage groups around, and is responsible for creating the dangerous Shamoon data-wiping malware. At the start of July, US Cyber Command published a security alert about new APT33 attacks aimed against US targets, and using an old Outlook vulnerability. In addition, Strontium is the codename for APT28, also known as Fancy Bear. This group of Russian hackers is responsible for a long list of attacks in the last decade. They've targeted the White House, the Pentagon, NATO members, EU governments, they've breached the DNC, they've created the NotPetya ransomware and deployed it in Ukraine, and they've also set up the VPNFilter router botnet. Microsoft has been engaged in a long battle against this group. Over the last summer, Microsoft took control over several domains operated by APT28, which the company said the group was using to target parties involved in the 2018 US midterm elections. In February 2018, Microsoft exposed new APT28 attacks, this time targeting parties involved in the 2019 European Parliament election. Nation-state hackers also targeted electoral entities Microsoft said that around 84% of the nearly 10,000 nation-state attacks it detected targeted its enterprise customers, and only 16% of these attacks were aimed at home consumers and their personal email accounts. Furthermore, Microsoft also said it detected nation-state attacks against political organizations involved in the electoral process. These stats came from Microsoft's AccountGuard technology, a free security service the OS maker has been providing for nearly a year to political campaigns, parties, and democracy-focused nongovernmental organizations (NGOs) across 26 countries. According to Tom Burt, Microsoft Corporate Vice President, Customer Security & Trust, Microsoft sent out 781 notifications to organizations enrolled in AccountGuard over the past year. Around 95% of these 781 notifications were sent to US-based organizations, Burt said. But besides revealing the extent of nation-state attacks, yesterday was also a big day for Microsoft. The company also demoed a new product, part of its Defending Democracy Program. Called ElectionGuard, this is a free software kit for cryptographically securing voting machines. Microsoft only demoed ElectionGuard voting machines in Aspen, Colorado, but does not have plans to sell commercial voting machines. The OS maker plans to open-source the software behind them on GitHub, later this year, and has already partnered with some voting machine vendors to help them roll out more secure voting systems in the future. Source
  5. Hackers have used the recently discovered OpenSSL security flaw, codenamed Heartbleed, to steal data from the Canada Revenue Agency (CRA) and Mumsnet networks. CRA commissioner Andrew Treusch confirmed the breach in a public statement, revealing as many as 900 taxpayers' details have been compromised. "Regrettably, the CRA has been notified by the Government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period," read the advisory. "Based on our analysis to date, social insurance numbers of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability." Heartbleed is a flaw in the OpenSSL implementation of the transport layer security (TLS) protocol. The security vulnerability, as discussed in the video below, was discovered by researchers with a Finnish company called Codenomicon earlier in April. The flaw has caused concern within the security community as the OpenSSL encryption protocol is used by open-source web servers such as Apache and Nginx, which host 66 percent of all websites. The Mumsnet network also confirmed falling victim to an attack targeting the Heartbleed vulnerability in an email to users, obtained by V3. "On Thursday 10 April we at Mumsnet HQ became aware of the bug and immediately ran tests to see if the Mumsnet servers were vulnerable. As soon as it became apparent that we were, we applied the fix to close the OpenSSL security hole (known as the Heartbleed patch). However, it seems that users' data was accessed prior to our applying this fix," the email said. "On Friday 11 April, it became apprent that what is widely known as the 'Heartbleed bug' had been used to access data from Mumsnet users' accounts." Both the CRA and Mumsnet have installed a fix from the OpenSSL Project that plugs the Heartbleed flaw, but recommended users change their passwords as soon as possible to protect themselves from follow-up attacks. Data breaches are an ongoing issue for businesses across all industries. Security firm Symantec reported earlier in April that hackers' compromised more than 552 million web users' identities over the past year. Source
  • Create New...