There’s a new ransomware wreaking havoc on businesses, with Dark Power already claiming 10 million victims in just their first two months of operation. In other cybersecurity news, an info-stealing malware dubbed MacStealer has been infecting the newest Mac operating system.
14 million Latitude Financial customers affected by data breach
Following a short investigation, it has been revealed that the overall impact of the data breach at Latitude Financial Services has grown to encompass over 14 million customers. Initially, officials believed that the breach only affected 328,000 customer records, and was limited to simple contact information, but now they have confirmed that upwards of 13 million driver’s licenses have been leaked. The stolen data includes personally identifiable information dating back to 2013 and could compromise a considerable number of Australian and New Zealand ID cards and passports, which the company is offering to replace at their own cost.
MacStealer spreading through latest MacOS versions
Researchers have been tracking an info-stealing malware for Mac, dubbed MacStealer, with a wide variety of files it can steal information from and has been identified running on the latest version of the Mac operating system, Catalina. After unknowingly downloading and executing the malicious .DMG file, the payload displays a credentials prompt to assist in gathering additional stored data. After scanning the system for all available data, MacStealer creates ZIP archives of the data and begins transmitting them to a series of Telegram channels before deleting all data and ZIP files from the victim’s system.
Lumen Technologies suffers two simultaneous security incidents
In the weeks following a ransomware attack on several their internal systems, officials for Lumen Technologies have confirmed that they had also discovered another security incident that may have compromised some customer information while also downloading additional malicious payloads. The company was only able to identify the secondary intrusion after implementing new security measures in response to the ransomware attack and were unable to determine the length of time that it had been present on their network.
Dark Power ransomware comes out swinging
In the first 2 months of operation, the threat actors behind the new ransomware variant, Dark Power, have already claimed 10 victims from across the globe. While the initial attack vector for Dark Power is still unclear, it does begin by killing a preset list of processes and services before encrypting and appending affected file extensions to “.dark_power”. Dark Power does differentiate itself from other variants by posting an 8-page PDF as the ransom note and demanding only $10,000 in Monero cryptocurrency for the decryptor.
Cl0p ransomware claims data breach at Australia’s Crown Resorts
The threat actors behind the Cl0p ransomware group have recently contacted Australia’s Crown Resorts, informing them of a data breach in relation to the GoAnywhere exploit that exposed sensitive data belonging to 130 different companies. The overall extent of compromised information is still unclear, though Crown Resorts’ officials claim that they have no evidence of customer or employee information being illicitly accessed.