Pierluigi Paganini reports: Japanese authorities released a free decryptor for Phobos and 8Base ransomware, allowing victims to recover files without paying. Japanese police released the free decryptor for ransomware families, which was likely built using intel from a recent gang takedown. The software can be downloaded from the police website and Europol’s NoMoreRansom site. The tool works on files with extensions like .phobos,…
Category: Malware
RansomedVC is back — and is still attacking its competitors
On July 9, RansomedVC reappeared, temporarily referring to itself as “RebornVC,” but quickly reverting to its better-known identity. Its first two victims were listed as SnapAV/Resideo (Snap One) in the U.S. and Unyleya in Brazil. No proof of claims was offered for either listing, and no deadlines were posted, but Snap One had a price…
Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy
An Armenian national extradited from Ukraine to the United States faces federal charges for his role in Ryuk ransomware attacks and extortion conspiracy targeting companies throughout the United States, including a technology company operating in Oregon. Karen Serobovich Vardanyan, 33, an Armenian national, has been charged with conspiracy, fraud in connection with computers, and extortion…
Police disrupt “Diskstation” ransomware gang attacking NAS devices
Bill Toulas reports: An international law enforcement action dismantled a Romanian ransomware gang known as ‘Diskstation,’ which encrypted the systems of several companies in the Lombardy region, paralyzing their businesses. The law enforcement operation codenamed ‘Operation Elicius’ was coordinated by Europol and also involved police forces in France and Romania. Diskstation is a ransomware operation…
Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan
Redazione reports: A 44-year-old man, a Romanian citizen, was arrested in Milan on charges of being the main director behind a series of cyber attacks orchestrated by the ‘Diskstation’ gang. This is a criminal organisation specialised in ransomware, active mainly against companies, professionals and technical studies. The arrest, carried out by the Italian Postal Police, is the…
Gravity Forms Breach Hits 1M WordPress Sites
Victoria Mossi reports: In a startling revelation for the WordPress community, a critical security breach has been uncovered in the widely used Gravity Forms plugin, signaling a sophisticated supply chain attack. According to a detailed report by Patchstack, malicious code was embedded in manual installers available directly from the official Gravity Forms website, affecting versions…