Plus: National Security Advisor Waltz Is Out After Signal Snafu |
Over the past week, some of the U.K.’s biggest and most historic retailers have been hacked by a group known as DragonForce. The group told the BBC it was responsible for hits on Co-Op, Harrods and Marks & Spencer, stealing and locking up customer data with ransomware.
It’s unclear how much the hackers have demanded to restore their victims’ systems, yet the question on all of its victims’ lips remains: who or what is DragonForce and how should companies defend against its attacks? According to some researchers, DragonForce is linked to a group known as Scattered Spider, which was recently targeted in law enforcement action with five arrests of alleged members.
Cybersecurity firm Check Point released research on Tuesday that said DragonForce was “a ransomware cartel” that launched in late 2023, though its roots have been traced to a hacktivist crew based in Malaysia. Today, it essentially offers criminals ransomware-as-a-service. It offers its malware to anyone who wants to use it to lock up victims’ files, as long as they hand over a 20% cut of any ransom paid. Buyers can also customize their ransomware and easy-to-create data leak sites should a victim refuse to pay up. “DragonForce offers anonymity, flexibility, and profit,” Check Point wrote.
Google’s Mandiant cyber division released guidance on Tuesday for those being targeted by DragonForce and Scattered Spider. Among the recommendations: Better training for helpdesk employees, who are often targeted by these hackers, as well as strong authentication and complete visibility across IT networks.
Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964. |
|
| | | National Security Advisor Waltz Is Out After Signal Snafu |
| |
|
|
Mike Waltz was removed from his national security advisor role just a month after he was caught up in “SignalGate”--where he and other high level defense and intelligence officials were found to have discussed sensitive (possibly classified) military plans on encrypted app Signal.
Waltz, who has been moved over to a UN ambassador role, was later seen using Signal in a cabinet meeting. His former role has been taken on, albeit temporarily, by Secretary of State Marco Rubio. |
|
|
| The Stories You Have To Read Today |
|
404 Media reports that TeleMessage, the app used by Waltz and many others in the federal government to manage Signal, was hacked and some user messages were leaked. The app maker Smarsh has now temporarily suspended its services to investigate the incident. Federal contracting records show its tools have been acquired by the State Department and the Centers for Disease Control and Prevention.
GlobalX, an airline being used by the Trump administration for deportations, was hacked, 404 also reported. The hackers managed to get hold of passenger lists for GlobalX flights from January to this month.
Wired has a solid long read on North Korea’s use of AI to get jobs inside Western organizations to pilfer either money or data. One developer has been laying traps for them. |
|
| Presented by ServiceNow | | Put AI Agents to Work for People |  | AI agents are everywhere. But most? Just glorified chatbots. ServiceNow AI Agents are different. They don’t just answer questions; they take action. From Finance to IT, they learn, collaborate, and solve problems so your teams can focus on the big stuff.
| |
|
| Riot Games is taking the fight to hackers who try to cheat and steal in its videogames. The League of Legends maker’s anti-cheat director spoke with TechCrunch about using a tool called Vanguard, which sits deep inside a Windows operating system to determine if any cheaters have installed code or tampered with a gamer’s computer. He claims it’s helping catch thousands of cheaters every day. |
|
The Cambodia-based Huione Group has been labelled a money laundering entity by the U.S. Treasury after a year in which it has been linked to all manner of illegal activity. “This proposed rulemaking recognises cyberscams and their enablers as a national security threat – making clear that these entities, even those closely linked to Cambodia’s ruling Hun family, are not immune to enforcement actions,” said Tom , CEO and founder at crypto tracing firm Elliptic.
His company has been on the trail of Huione’s activities for the last year, claiming it was “the largest illicit online marketplace in history” with at least $27 billion in sales of fraud-enabling tech, personal data and money laundering services. |
|
|
