Skip to main content
News

Cyber News Rundown: Dark Power ransomware claims 10 million victims on 2 months

Cyber News Rundown: Dark Power ransomware claims 10 million victims on 2 months
Forum|alt.badge.img+7
  • Threat Research Analyst
  • 4 replies

There’s a new ransomware wreaking havoc on businesses, with Dark Power already claiming 10 million victims in just their first two months of operation. In other cybersecurity news, an info-stealing malware dubbed MacStealer has been infecting the newest Mac operating system.

14 million Latitude Financial customers affected by data breach

Following a short investigation, it has been revealed that the overall impact of the data breach at Latitude Financial Services has grown to encompass over 14 million customers. Initially, officials believed that the breach only affected 328,000 customer records, and was limited to simple contact information, but now they have confirmed that upwards of 13 million driver’s licenses have been leaked. The stolen data includes personally identifiable information dating back to 2013 and could compromise a considerable number of Australian and New Zealand ID cards and passports, which the company is offering to replace at their own cost.

MacStealer spreading through latest MacOS versions

Researchers have been tracking an info-stealing malware for Mac, dubbed MacStealer, with a wide variety of files it can steal information from and has been identified running on the latest version of the Mac operating system, Catalina. After unknowingly downloading and executing the malicious .DMG file, the payload displays a credentials prompt to assist in gathering additional stored data. After scanning the system for all available data, MacStealer creates ZIP archives of the data and begins transmitting them to a series of Telegram channels before deleting all data and ZIP files from the victim’s system.

Lumen Technologies suffers two simultaneous security incidents

In the weeks following a ransomware attack on several their internal systems, officials for Lumen Technologies have confirmed that they had also discovered another security incident that may have compromised some customer information while also downloading additional malicious payloads. The company was only able to identify the secondary intrusion after implementing new security measures in response to the ransomware attack and were unable to determine the length of time that it had been present on their network.

Dark Power ransomware comes out swinging

In the first 2 months of operation, the threat actors behind the new ransomware variant, Dark Power, have already claimed 10 victims from across the globe. While the initial attack vector for Dark Power is still unclear, it does begin by killing a preset list of processes and services before encrypting and appending affected file extensions to “.dark_power”. Dark Power does differentiate itself from other variants by posting an 8-page PDF as the ransom note and demanding only $10,000 in Monero cryptocurrency for the decryptor.

Cl0p ransomware claims data breach at Australia’s Crown Resorts

The threat actors behind the Cl0p ransomware group have recently contacted Australia’s Crown Resorts, informing them of a data breach in relation to the GoAnywhere exploit that exposed sensitive data belonging to 130 different companies. The overall extent of compromised information is still unclear, though Crown Resorts’ officials claim that they have no evidence of customer or employee information being illicitly accessed.

Did this help you find an answer to your question?

12 replies

ProTruckDriver
Moderator

Thanks again for the article Connor. 


TripleHelix
Moderator
Forum|alt.badge.img+63
  • Moderator
  • 8902 replies
  • March 31, 2023

Thanks Connor it's much appreciated so Dark Power is picking up speed 😠 And MacStealer not good for Mac users 😠


kleinmat4103
Popular Voice
Forum|alt.badge.img+6
  • Popular Voice
  • 512 replies
  • March 31, 2023

Thanks, Connor!

 

Look at that! Macs do get viruses!


russell.harris
Popular Voice
Forum|alt.badge.img+5

Thanks as always @ConnorM always like a good summary 


russell.harris
Popular Voice
Forum|alt.badge.img+5
kleinmat4103 wrote:

Thanks, Connor!

 

Look at that! Macs do get viruses!

Yes. Indeed. Always have done. Just not as widespread or publicised


Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

Thank you Connor, a great article as usual.


TylerM
Administrator
Forum|alt.badge.img+25
  • Sr. Security Analyst & Community Manager
  • 1260 replies
  • March 31, 2023
kleinmat4103 wrote:

Thanks, Connor!

 

Look at that! Macs do get viruses!

Criminals phish in the biggest pond


tasystems
New Voice
Forum|alt.badge.img+8
  • New Voice
  • 156 replies
  • March 31, 2023

I’m assuming… Webroot detects MacStealer events…. though to be honest, I tend to find Webroot feels a little but rocky on the Mac at times… so interested in knowing if that is the case?


MunkeyMan
New Voice
Forum|alt.badge.img+4
  • New Voice
  • 304 replies
  • April 1, 2023
kleinmat4103 wrote:

Thanks, Connor!

 

Look at that! Macs do get viruses!

Who would have thought?


russell.harris
Popular Voice
Forum|alt.badge.img+5

anyone actually come across macstealer yet? My company’s clients are practically all mac and haven’t come across it yet (unless webroot is tackling it without me knowing!)


Robis
New Member
Forum|alt.badge.img+1
  • New Member
  • 74 replies
  • April 1, 2023

Thank You Connor!


Forum|alt.badge.img

Thanks for the bulletin!


Reply