Friday 5th May 2023
CTI Weekly: LockBit RaaS claims supply chain breach of 60+ companies; SpecTor operation nabs 288 dark web drug trade suspects; FBI seizes illicit crypto exchange websites; and more cybersecurity news
Key Issue:
LockBit claims to have breached more than 60 companies in supply chain compromise
LockBit Ransomware-as-a-Service (RaaS) affiliate has claimed to have stolen data from over 60 companies, following an alleged breach of Cloud51 Data Solutions, which offers IT support and service solutions to a diverse clientele in the US. LockBit has demanded an undisclosed ransom amount to prevent the publication of Cloud51’s data on a leak site, which the company has until 9 May to pay. LockBit has allegedly obtained confidential data from all the targeted companies, including supplier details, Social Security Numbers, and passport copies.
The incident is notable as LockBit has publicly disclosed the supply chain compromise, and the threat of supply chain compromise is becoming increasingly prevalent, highlighting the need for companies to take proactive measures to manage risk and secure their supply chain.
Other news:
Law Enforcement
Europol’s operation ‘SpecTor’ has resulted in the apprehension of 288 suspects involved in the illegal drug trade on the dark web marketplace “Monopoly Market.” Additionally, a joint operation involving US government agencies and partners in Germany, Austria, and France has led to the seizure of a payment card verification platform that facilitated major carding marketplaces in making millions in illicit revenue.
Meanwhile, the FBI and Ukrainian police have conducted a coordinated operation to seize the websites of nine illicit cryptocurrency exchanges that facilitated money laundering schemes of cybercriminal groups.
Banking Malware
Researchers have discovered that the cybercrime syndicate, TA505, is using a new type of banking malware called Lobshot to infiltrate Windows machines via Google Ads and a network of fake websites.
Ransomware
The Royal Ransomware group attacked and compromised the IT systems of the City of Dallas, Texas, causing the city to shut down some systems to prevent further spread of the ransomware. Meanwhile, the AvosLocker Ransomware group hacked into a university’s network and emergency broadcast system, sending SMS texts to students and staff, notifying them that their data had been stolen and would be released soon.
Subscribe below for more and to discover other significant cyber criminals, nation-state and hacktivist news.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.