Russian Ransomware Group, REvil, Attacks 200 Firms, Demands $70 Million in Bitcoin

Russian Ransomware Group, REvil, Attacks 200 Firms, Demands $70 Million in Bitcoin

Russian-based ransomware group REvil has again attacked no less than 200 firms in its latest operation. The group is demanding a ransom of $70 million in Bitcoin as ransom to release the stolen data.

Firms Hacked Through Software Supplier Kaseya

According to Reuters, REvil targeted software supplier Kaseya and used its technology management software to spread the ransomware via the cloud.

One of Kaseya’s tools, VSA, used by several firms, was encrypted with infected files, paralyzing hundreds of firms.

“More than a million systems were infected. If anyone wants to negotiate about universal decryptor – our price is $70 million in Bitcoin,” the ransomware group said as reported in a dark website, Happy Blog.

Updating firms on the incident, Kaseya said it was working on a patch that would increase the security of its VSA server. It also advised its customers to continue to remain offline until it is safe to restore operations.

Ransomware attacks by REvil have been constant these past few months. In May, the Russian group attacked a major pipeline firm, Colonial Pipeline, and received a $5 million ransom after spurring a gas crisis in the US.

That same month, JBS Holdings, the world’s largest meat company, was also attacked by the same group, which led to an $11 million ransom payment.

CNA Financial. CNA, one of the largest insurance companies in the US, reportedly paid $40 million in Bitcoin to restore access to its network after a ransomware attack.

Biden Taking Ransomware Attacks Seriously

Over the past few months, US president Joe Biden and his administration have taken a more serious stance on ransomware attacks.

The US Department of Justice (DoJ) had previously said that it would start treating these attacks with the same urgency it treats terrorism.

US Officials have spent the past few months scrutinizing these crimes while also tracing payments. Last month, the officials disclosed that they had recovered most of the $4.4m ransom paid to the hackers responsible for the Colonial Pipeline attack.

In a bid to curtail these attacks, last month, President Biden also met with Russian President Vladimir Putin to discuss and proffer solutions. Biden had told Putin that if ransomware attacks continued and were found to be from Russia, there would be consequences.

During a recent public appearance, Biden said that he had directed the US intelligence agencies to investigate the ransomware matter.

Biden’s statements come after the US Department of State’s official Victoria Nuland spoke about the Colonial Pipeline hack. In a meeting with Salvadoran president Nayib Bukele, Nuland said the US State Department was taking a tough look at bitcoin due to the Colonial Pipeline ransomware hack.

Read Original/a>
Author: Jimmy Aki

European Central Bank (ECB) Demands Power to Shut Down Private Stablecoins, Like Diem, in the EU

European Central Bank (ECB) Demands Power to Shut Down Private Stablecoins, Like Diem, in the EU

The European Central Bank finally tables its official opinion regarding crypto regulations to the top decision-making again, European Commission.

In their official opinion, the ECB now wants the EU members of parliament to grant its veto powers regarding the legal status of stablecoins such as Facebook-supported-Diem.

The ECB raised its concerns regarding the use of stablecoins that get their value from being pegged on one or many global currencies. The central bank is worried that stablecoins could jeopardize its control on payments, banking, and cash supply. Part of the ECB’s statement reads,

“Where an asset-reference arrangement is tantamount to a payment system or scheme, the assessment of the potential threat to the conduct of monetary policy, and to the smooth operation of payment systems, should fall within the exclusive competence of the ECB.”

The ECB also urges the lawmakers to ensure its absolute powers on stablecoins are binding and applicable to the entire national authorities within the Euro Zone.

The ECB argues that various ‘rigorous liquidity requirements’ are crucial in ensuring redemption rights are protected and clients’ direct claims towards the reserved assets that the issuers of stablecoins hold.

Firms offering tokens which are pegged on different currencies should at a minimum grant end-users a direct claim on the issuer or the reserve assets and redemption rights”, the central bank added.

Facebook had in the past laid a plan to roll out its stablecoin dubbed Libra that was pegged on different global currencies. However, the tech giant slowed down on the Libra project following many regulatory hurdles in the world. At the moment, the firm is aiming at launching the dollar-pegged stablecoin dubbed Diem.

If the EU legislators grant ECB the veto powers, Facebook and other privately issued stablecoins will likely encounter another round of regulatory backlash irrespective of the project being licensed by Swiss authorities.

It is also important to note that Christine Lagarde, the current ECB president, has criticized cryptos and stablecoins. Lagarde has in the past said central banks should never be allowed to hold Bitcoin.

Read Original/a>
Author: Joseph Kibe

Websites Running Google Adsense Are Targeted In Email Extortion, Demanding Bitcoin

There’s a new extortion scam that targets Google AdSense serving websites and demands Bitcoin (BTC) in exchange for the prevention of an attack. This attack, according to the extortionist, would lead to the AdSense account of targeted users to be suspended or banned.

The security investigation and news blog KrebsOnSecurity has firstly reported the email-based malicious scheme on February 17, after a few website owners have received this message:

“Very soon the warning notice from above will appear at the dashboard of your AdSense account undoubtedly! This will happen due to the fact that we’re about to flood your site with huge amount of direct bot generated web traffic with 100% bounce ratio and thousands of IP’s in rotation — a nightmare for every AdSense publisher.

More also we’ll adjust our sophisticated bots to open, in endless cycle with different time duration, every AdSense banner which runs on your site.”

$5,000 in BTC for the Attack to Be Deterred

The cyber attackers are asking for $5,000 in BTC for their attack to be halted. The website owner who shared with KrebsOnSecurity the message said the invalid traffic in their AdSense statistics has considerably increased. Google referred to the scam as a classic threat of sabotage in which fraudsters are trying to trigger enforcement actions against publishers by sending invalid traffic to their ads.

Google Has a Very Strict Policy Regarding Its Ads…

The news about the malicious attack comes soon after Google has made its policy towards ads stricter. The AdSense team said ads will no longer be shown before invalid clicks get to happen. Here’s exactly how Google explained this:

“This year, we’re enhancing our defenses even more by improving the systems that identify potentially invalid traffic or high risk activities before ads are served. These defenses allow us to limit ad serving as needed to further protect our advertisers and users.”

… and Has a Hard Stance on Cryptocurrency

Not too long ago, Google has expressed its hostility when it comes to cryptocurrency and decentralization. In June 2018, it announced that it’s going to ban ads related to crypto and that it has made an update to its Financial Services policy. Recently, it has put keywords containing Ethereum (ETH) on a blacklist for its advertising platform.

Read Original/a>
Author: Oana Ularu