May 31 Cyber News Roundup
Nearly one in five (18%) ransomware incidents in the US led to a lawsuit in 2023, with 123 filed so far, according to new figures from Comparitech.
The main reason for ransomware lawsuits being filed is data breaches. Comparitech found that 283.3 million individual records are known to have been impacted in the 355 attacks where lawsuits have been filed, making up 80% of records impacted across all ransomware attacks since 2018.
?
The introduction of SpiderX on the dark web marks a significant escalation in the capabilities of ransomware available as a service. Its advanced features, such as the ChaCha20-256 encryption algorithm and built-in information stealer, coupled with its ability to operate offline, make it a highly effective and dangerous tool.
?
The group also “created” fake software development and IT consulting services companies by setting up legitimate-looking websites, fake employee personas and social media accounts, and used them to reach out to potential targets and solicit work or cooperation.? They used tracking pixels and a dummy unsubscribe page to confirm which targets engaged with the emails. Finally, the group also tried to get employed as software developers at multiple legitimate companies.
?