Second Florida City Pays Ransom

Following the news that Riviera Beach, FL would pay the ransom demanded by cyberattackers, the mayor of Lake City, FL has announced that the city will be paying the demanded ransom of $460,000 to restore access to their email and internal system servers. While law enforcement agencies strongly recommend against paying the ransom and suggest that victims instead attempt to recover encrypted files through backups or other offline methods, many companies who fall prey to ransomware attacks do not keep complete backups of their systems, so they may have no choice but to pay.

Group Arrested in Domain Spoofing Scam

Several individuals were recently arrested for creating a spoof domain for Blockchain.com, a site that allows users to access their cryptocurrency wallets. The individuals in question successfully stole over $27 million’ worth of various currencies from roughly 4,000 victims by using their spoofed site to steal wallet credentials. The group was captured in two separate countries after more than a year of investigation.

Database for Insurance Marketing Site Exposed

A database belonging to MedicareSupplement.com, an insurance marketing site, was found to be publicly accessible, exposing the records of over 5 million customers. While it is unclear how long the database had been improperly secured, the researcher who discovered it in mid-May promptly reported it to the database owner. Amongst data exposed were nearly a quarter million records that indicated specific insurance categories.

Report Reveals Countries Most Targeted by Ransomware

A new report has run the numbers to uncover the top five countries most targeted by ransomware. So far in 2019, the list includes the USA, Brazil, India, Vietnam, and Turkey. During the first quarter of this year alone, the USA took 11% of the attacks, with Brazil coming in right behind with 10% of the total number of attacks. Even more concerning: the average ransom demand has nearly doubled since this time last year, jumping from around $6,700 to ca. $12,700.

IoT Malware Bricks Devices

Researchers have just found a new type of malware, dubbed Silex, that focuses on IoT devices running with default credentials. The malware then bricks—i.e., breaks in an irreparable or unrecoverable fashion—the entire device. The Silex authors claim to have distributed it with the specific intention of rendering devices unusable to prevent lower level scripters from adding the devices to their botnets. Fortunately, the authors did shut down the malware’s command servers, though the already-distributed samples will continue their operations until they have been removed by security.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This