Sunday , June 16 2024
logo

Hacktivists group target Philippines government ransomware attack

infosecbulletin 4 weeks ago Cyber Attack, Ransomware

SentinelOne researchers found that the Ikaruz Red Team is targeting the Philippines government using different ransomware builders like LockBit, Vice Society, Clop, and AlphV to carry out “small-scale” attacks. They are also sharing data leaks from various organizations in the Philippines.

Source: Sentinelone

Ikaruz Red Team (IRT) has been targeting entities in the Philippines through defacements, small-scale DDoS attacks, and ransomware attacks. This has been happening between 2023 and present day (2024). Resecurity documented that there is a larger wave of hacktivist groups targeting the region. They mentioned that the tensions with China and the strategic significance of the Philippines in the Indo-Pacific make it an attractive target for those who want to cause civil disruption.

338 fraudulent Olympics games ticketing websites

By infosecbulletin / Sunday , June 16 2024
Proofpoint found a fake website selling tickets for the Paris 2024 Summer Olympic Games. The website, "paris24tickets[.]com," claimed to be...
Read More
338 fraudulent Olympics games ticketing websites

ASUS warn serious security vulnerability on 7 routers

By infosecbulletin / Saturday , June 15 2024
ASUS released a new firmware update to fix a vulnerability affecting seven router models, which could be exploited by remote...
Read More
ASUS warn serious security vulnerability on 7 routers

AWS Announced New Malware Detection Tool For S3 Buckets

By infosecbulletin / Friday , June 14 2024
AWS announced new security features at its re:Inforce conference, such as identity and malware protection services. The cloud giant added...
Read More
AWS Announced New Malware Detection Tool For S3 Buckets

150,000 phones registered under one IMEI number in Bangladesh

By infosecbulletin / Friday , June 14 2024
A smartphone's IMEI (which stands for International Mobile Equipment Identity) is a unique identifier for each device, similar to a...
Read More
150,000 phones registered under one IMEI number in Bangladesh

CISA Releases Twenty Industrial Control Systems Advisories

By infosecbulletin / Friday , June 14 2024
CISA released 20 advisories about Industrial Control Systems (ICS) on June 13, 2024. These advisories give important information about security...
Read More
CISA Releases Twenty Industrial Control Systems Advisories

Current web vulnerabilities in Bangladesh across vendor product line

By infosecbulletin / Thursday , June 13 2024
On a report titled "Surge on Web defacement and web application related vulnerabilities targeting Bangladesh" BGD e-GOV CIRT said, web...
Read More
Current web vulnerabilities in Bangladesh across vendor product line

Criminals impersonating CISA’s employees in phone calls

By infosecbulletin / Thursday , June 13 2024
CISA warned that criminals are pretending to be its employees in phone calls in order to trick people into sending...
Read More
Criminals impersonating CISA’s employees in phone calls

CISA Adds Two Known Exploited Vulnerabilities to Catalog

By infosecbulletin / Wednesday , June 12 2024
CISA added 2 new vulnerabilities to its catalog of known exploited vulnerabilities, because they have proof that these vulnerabilities are...
Read More
CISA Adds Two Known Exploited Vulnerabilities to Catalog

Microsoft Tuesday fixes 51 flaws, 18 RCEs June 2024 Patch

By infosecbulletin / Wednesday , June 12 2024
Microsoft has released updates for 49 security vulnerabilities in its Patch Tuesday update for June. One of the fixes addresses...
Read More
Microsoft Tuesday fixes 51 flaws, 18 RCEs June 2024 Patch

Hackers breached 20,000 FortiGate systems worldwide: MIVD

By infosecbulletin / Wednesday , June 12 2024
The Dutch military security service MIVD recently revealed that a cyber espionage campaign, which was initially mentioned in February, managed...
Read More
Hackers breached 20,000 FortiGate systems worldwide: MIVD

In the past year, there has been a rise in hacktivist attacks in the Philippines. Groups like Robin Cyber Hood, Philippine Exodus (aka PHEDS), Cyber Operations Alliance, and Philippine Hacking University have claimed responsibility for ransomware attacks, misinformation campaigns, and espionage.

Source: Sentinelone

On April 8th, the National Privacy Commission (NPC) of the Philippines started investigating a breach of the Department of Science & Technology by a previously unidentified hacktivist group called #opEDSA.

Ikaruz Red Team Ransomware Activity:

Ikaruz Red Team, previously known for web defacements and nuisance attacks, is now launching small-scale ransomware attacks using leaked LockBit builders. They are distributing modified LockBit 3 ransomware and advertising data leaks from various organizations in the Philippines.

Ikaruz Red Team ransom notes are based on the LockBit template. The only change is the replacement of the LockBit ransomware name with ‘Ikaruz Red Team’ in the top line. By modifying the config.json file before creating the LockBit payloads, this change can be easily made in the ransom notes. Click here to readout the full report.

Check Also

graph

Ransomware tracker: The latest statistics (June 2024)

Ransomware groups claimed the highest number of attacks in May, but experts believe the claims …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2024, All Rights Reserved InfoSecBulletin