Riot Games has said it will refuse to pay a ransomware demand to regain some of its source code following a recent cyberattack. In an update concerning this week’s incident, Riot confirmed it was an extortion attack, noting that the source code for League of Legends (LoL), Teamfight Tactics (TFT), and a legacy anticheat platform, was exfiltrated by the attackers. It also confirmed receiving a ransom note, but added that it has no intention of paying the ransom demand.
At least two federal civilian agencies were exploited by cybercriminals as part of a refund scam campaign perpetrated through the use of remote monitoring and management (RMM) software. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Multi-State Information Sharing and Analysis Center (MS-ISAC) said on Wednesday they discovered the campaign in October. One federal office was exploited in June and another was attacked in September. “Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate RMM software — ScreenConnect (now ConnectWise Control) and AnyDesk — which the actors used in a refund scam to steal money from victim bank accounts,” CISA said. RMM software is typically used by IT departments as a way to get remote access to a computer.
Despite the hoodie-wearing bad guy image, most hackers are bona fide security researchers protecting users by probing and testing the security configurations of digital networks and assets. Yet the law has often failed to distinguish between malicious hackers and good-faith security researchers. This failure to distinguish between the two hacker camps has, however, improved over the past two years, according to Harley Geiger, an attorney with Venable LLP, who serves as counsel in the Privacy and Data Security group. Speaking at Shmoocon 2023, Geiger pointed to three changes in hacker law in 2021 and 2022 that minimize security researchers’ risks.
Security researchers at Check Point have revealed that Yahoo knocked DHL off the top spot as the most imitated brand in the last quarter of 2022, now responsible for 20% of all phishing attempts recorded in the wild. The findings come from the company’s latest Brand Phishing Report and suggest that several cyber-criminals had been found distributing emails with subject lines that told a recipient they had won prize money from initiatives organized by Yahoo, worth hundreds of thousands of dollars. Email senders showed names such as ‘Award Promotion’ or ‘Award Center.’ The phishing messages also warned that the target must refrain from telling people about winning the prize because of legal issues. It asked the recipient to share their personal information and bank details in order to receive the winning prize money into their accounts.
A man suspected of stealing personal data belonging to tens of millions of people worldwide and selling that info on cybercrime forums has been arrested by Dutch police. The 25-year-old now faces charges of violating data privacy and computer trespassing laws, and laundering cryptocurrency valued at around $491,000, according to media reports. The alleged crook pulled together information including names, genders, addresses, and birth dates belonging to pretty much everyone in Austria, it is claimed. He also obtained records on some people in Britain, China, Colombia, Thailand, and the Netherlands, it is alleged, and then sold these massive datasets to other criminals online, we’re told. The cops believe this data was “stolen” from all over the globe.