The threat actor behind the lesser-known AstraLocker ransomware told BleepingComputer they're shutting down the operation and plan to switch to cryptojacking.The ransomware's developer submitted a ZIP archive with AstraLocker decryptors to the VirusTotal malware analysis platform.BleepingComputer downloaded the archive and confirmed that the decryptors

Last week on Malwarebytes Labs: Ransomware review: June 2022AstraLocker 2.0 ransomware isn’t going to give you your files backYTStealer targets YouTube content creatorsZuoRAT is a sophisticated malware that mainly targets SOHO routersAmazon Photos vulnerability could have given attackers access to user files and dataCriminals are applying for remote work

A cyber attack forced the American publishing giant Macmillan to shut down its IT systems.  The publishing giant Macmillan has been hit by a cyberattack that forced the company to shut down its IT infrastructure to prevent the threat from spreading within its network. The company spokesman Erin Coffey told different media outlets that at

Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their Dark Web leak sites. This information represents victims who were successfully attacked but opted not to pay a ransom. In June, LockBit was the most active ransomware, just as it has been all year. The month

It has been relatively busy this week with new ransomware attacks unveiled, a bug bounty program introduced, and new tactics used by the threat actors to distribute their encryptors.This week's big news was the release of LockBit 3.0, which includes a new bug bounty reward program where the threat actors pay between $1,000 to $1 million for submitted bugs an

Reversing Labs reports that the latest verison of AstraLocker ransomware is engaged in a a so-called “smash and grab” ransomware operation. Smash and grab is all about maxing out profit in the fastest time. It works on the assumption by malware authors that security software or victims will find the malware quickly, so it’s better to get

Macmillan Publishers is a worldwide trade publishing firm that operates in over 70 countries and has imprints in a number of different nations across the world, including the United States of America, Germany, the United Kingdom, Australia, South Africa, and India. Holtzbrinck Publishing Group is a multinational family-owned media corporation with its headqu

Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions. Good news for the victims of the Hive ransomware, the South Korean cybersecurity agency KISA has released a free decryptor for versions from v1 till v4. “The Korea Internet & Security Agency (KISA) is distributing th

Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack.The attack reportedly occurred over the weekend, on Saturday, June 25th, with the company shutting down all of their IT systems to prevent the spread of the attack.Publishers Weekly first reported on th

What is Black Basta?Black Basta is a relatively new family of ransomware, first discovered in April 2022.Although only active for the past couple of months, the Black Basta ransomware is thought to have already hit almost 50 organisations – first exfiltrating data from targeted companies, and then encrypting files on the firm’s computer systems.V

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former Canadian government employee, Sebastien Vachon-Desjardins, pleaded guilty in the U.S. to charges related to his involvement with the Russian cybercrime group NetWalker. In March, the man was extradited to the United States to

A Canadian national has pleaded guilty in a United States court to charges related to his role in a cybercrime operation involving the NetWalker ransomware.Sebastien Vachon-Desjardins, 34, is a former Canadian government employee. He was previously sentenced to seven years in prison in Canada for ransomware attacks.A few weeks after his sentencing in Canada,

American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers.In a statement to BleepingComputer, Walmart has said that their "Information Security team is monitoring our systems 24/7," and believe the claims to be inaccurate."We believe this claim is inaccurate and

The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit ransomware operation has released LockBit 3.0, which has important noveòties such as a bug bounty program, Zcash payment, and new extortion tactics. The gang has been active since at least 2019 and today it is one

The LockBit 3.0 ransomware operation was launched recently and it includes a bug bounty program offering up to $1 million for vulnerabilities and various other types of information.LockBit has been around since 2019 and the LockBit 2.0 ransomware-as-a-service operation emerged in June 2021. It has been one of the most active ransomware operations, accounting