Grafana fixes zero-day vulnerability after exploits spread over Twitter
Google disrupts massive Glupteba botnet, sues Russian operators
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
New Cerber ransomware targets Confluence and GitLab servers
This ethical hacking bundle offers 161 hours of learning for just $39
Telegram adds content protection support for groups and channels
Moobot botnet spreading via Hikvision camera vulnerability
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
Suspected ransomware affiliate arrested in Canada
A 31-year old Canadian national has been charged in connection to ransomware attacks against organizations in the United States and Canada, a federal indictment unsealed today shows.
Parallel investigations from the Federal Bureau of Investigation and the Ontario Provincial Police (OPP) revealed that Matthew Philbert of Ottawa was involved in various cyberattacks.
Philbert was arrested on November 30, 2021, following an investigation that began in January 2020, when the FBI contacted the OPP about cyber incidents based in Canada.
According to the indictment, between April 2018 through May 2018, Philbert targeted at least ten computers of an organization in the healthcare sector from the District of Alaska.
The defendant did not manage to deploy ransomware on the victim’s computers, the indictment shows, which would have affected the “medical examination, diagnosis, treatment and care” of multiple individuals.
“On or about April 28, 2018, within the District of Alaska and elsewhere, the defendant, MATTHEW PHILBERT,  knowingly caused and attempted to cause the transmission of a program, information, code, and command, and, as a result of such conduct, intentionally caused and attempted to cause damage without authorization to a protected computer owned by the State of Alaska, and the offense caused and would, if completed, have caused: (a) the modification, impairment, and potential modification and impairment of the medical examination, diagnosis, treatment and care of 1 or more individuals; (b) a threat to public health and safety; and, (c) damage affecting 10 or more
protected computers during a 1-year period.”
Looking for reports of cyberattacks hitting healthcare-related organizations in the timeframe given in the indictment and found a breach notification from the state’s Department of Health and Social Services.
The intrusion, pinned to April 26, resulted in the disclosure of personal information belonging to more than 500 people. Typically, ransomware is deployed in the last stage of an attack after the intruders determined what computers to encrypt.
Despite the matching details, BleepingComputer could not determine if the failed ransomware attack in Philbert’s indictment is the same as the one in the breach notification from the Alaska Department of Health and Social Services.
Even if Philbert’s indictment in the U.S. mentioned failed ransomware attacks, the investigation from the Ontario Provicial Police determined that the defendant deployed “numerous ransomware attacks” that impacted private businesses and government agencies in Canada.
In the U.S., Philbert is charged with one count of conspiracy to commit fraud and related activity in connection with computers and one count of fraud and related activity in connection with computers.
In Canada, the defendant faces charges for possession of a device to obtain unauthorized use of a computer system or to commit mischief, fraud, and unauthorized use of a computer.
On Philbert’s arrest, the police in Canada seized desktop and laptop computers, a tablet, multiple storage devices, mobile phones, the seed phrase for a Bitcoin wallet, and blank cards with magnetic strips.
During its investigation, the OPP received the assistance of the Royal Canadian Mounted Police’s National Cybercrime Coordination Unit (NC3) and Europol, which suggests that Philbert may have been involved in ransomware attacks outside the U.S. and Canada.
Yanluowang ransomware operation matures with experienced affiliates
The Week in Ransomware – November 12th 2021 – Targeting REvil
US seizes $6 million from REvil ransomware, arrest Kaseya hacker
U.S. offers $10 million reward for leaders of REvil ransomware
REvil ransomware affiliates arrested in Romania and Kuwait
Not a member yet? Register Now
Hundreds of SPAR stores shut down, switch to cash after cyberattack
Russian hacking group uses new stealthy Ceeloader malware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

New stealthy DarkWatchman malware hides in the Windows Registry

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…

Robinhood discloses data breach impacting 7 million customers

State hackers breach defense, energy, healthcare orgs worldwideMediaMarkt hit by Hive ransomware,…

Malicious Android app steals Malaysian bank credentials, MFA codes

Former Ubiquiti dev charged for trying to extort his employerNew malware hides…

Log4j vulnerability now used to install Dridex banking malware

Microsoft warns of easy Windows domain takeover via Active Directory bugsUK govt…