Ransomware Posing as Flash Player Download A new strain of ransomware hit organizations throughout Eastern Europe earlier this week. Spread through compromised websites, the Bad Rabbit ransomware poses as an Adobe Flash Player download, and after infecting one machine, can quickly spread through an organization’s network without being detected.

imagesRHVA6HVG

The Latest Ransomware Presents Itself as an Adobe Flash Player Download

Nextgov | By Keith Collins |

A new strain of ransom ware, called Bad Rabbit, began hitting organizations throughout Russia and Eastern Europe on Wednesday (Oct. 25). The malware is being spread through compromised websites, presenting itself as an Adobe Flash Player download.

“When users visited one of the compromised websites, they were redirected to 1dnscontrol[.]com, the site which was hosting the malicious file,” according to a blog post by Talos, Cisco’s threat intelligence team.

Once infected with the ransom ware, victims are directed to a web page on the dark web, which demands they pay 0.05 bit coin (roughly $285 USD) to get their files back.

After one computer on a network is infected, Bad Rabbit can quickly and covertly spread through an organization without being detected. Although the ransom ware has been detected in several countries, it appears to be concentrated in organizations in Russia and Ukraine, particularly media outlets.

U.S. Takes Down International #ID #Theft Ring the U.S. Justice Department indicted 36 people in connection with an international identity theft ring known as #Infraud. #cyberfraud

untitled.png

International Cyber Crime Ring Smashed After More Than $530 Million Stolen

CNN | By Ben Westcott

US authorities have indicted 36 people for stealing more than $530 million from victims across the world in one of the “largest cyber fraud enterprises ever prosecuted.” In a statement, US investigators claimed the accused were taking part in a massive operation known as the Infraud Organization, which stole and then sold other people’s personal information, including credit card and banking information. “Today’s indictment and arrests mark one of the largest cyberfraud enterprise prosecutions ever undertaken by the US Department of Justice,” Acting Assistant US Attorney General John Cronan said in a statement. Cronan said it was believed the group had intended to cause losses totaling more than $2.2 billion during their seven years of operation. Authorities have already arrested 13 people from a range of countries including the United States, Australia, the United Kingdom, France and Italy. The Infraud Organization has been in operation since October 2010, according to the statement from the US Justice Department, when it was launched by a 34-year-old Ukrainian man Svyatoslav Bondarenko. He had wanted to grow the organization into the internet’s largest “carding” group — that is, a criminal group who buy retail purchases with counterfeit or stolen credit card information. Their motto was, “In Fraud We Trust.” According to the Justice Department statement, there were 10,901 registered members of the Infraud Organization as of March 2017, who were divided into specific roles. They ranged from the “administrators” who oversaw the organization’s strategic planning and approved membership, all the way down to the “members” who used the Infraud forum to facilitate their criminal activities. Law enforcement agencies from across the world collaborated on the investigation into Infraud, including Italy, Australia, the United Kingdom, France and Luxembourg, among many others.