InfoSecBulletin Cybersecurity for mankind
Zscaler found out that a company paid the Dark Angels ransomware group a huge ransom of $75 million. However, Zscaler did not reveal the company’s name or any further details about the attack.This is the largest ransomware payment by a company in history.
The Dark Angels ransomware group was first seen in May 2022 and runs the Dunghill data leak site.
Joint cybersecurity advisory
Botnet infects 260,000 SOHO routers, IP cameras with malware
Chrome 129 Released Fix with multiple Security Flaws
Broadcom fixed RCE bug in VMware vCenter Server
Cybercriminal now misuse Microsoft Azure tool to steal data
Apple warns users to install iOS 18 to Fix 33 iPhone Vulnerabilities
CISA adds windows and whatsUp Gold vuls to its KEV
Petroleum and Fuel Industry
FleetPanda exposes Nearly One Million Documents
DESCO faces cyber attack: Customers Data Breach
Alert! Google Fixes GCP Composer Flaw
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
The gang targets various sectors, like healthcare, government, finance, and education. Recently, they have been focusing on large industrial, technology, and telecommunications companies..
Zscaler’s ThreatLabz discovered a case in early 2024 where a victim paid $75 million to the group. The list of companies that reportedly paid large ransoms in the past include CNA Insurance ($40 million), CDK Global ($25 million) and Change Healthcare ($22 million).
“In most cases, the Dark Angels group steals a vast amount of information, typically in the range of 1-10 TB. For large businesses, the group has exfiltrated between 10-100 TB of data, which can take days to weeks to transfer.” reads the report. “The highest-profile attack conducted by Dark Angels was in September 2023, when the group breached an international conglomerate that provides solutions for building automation systems among other services. Dark Angels demanded a $51 million ransom, claimed to have stolen over 27 TB of corporate data, and encrypted the company’s VMware ESXi virtual machines. A RagnarLocker ransomware variant was used to encrypt the company’s files during the attack.”
Researchers from blockchain intelligence firm Chainalysis confirmed that early this year they saw the largest ransomware payment ever at $75M.
