this post was submitted on 24 Apr 2024
42 points (97.7% liked)

Technology

59534 readers
3195 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] autotldr@lemmings.world 4 points 7 months ago

This is the best summary I could come up with:


Hackers have adopted a “strategy” of infiltrating systems in the developing world before moving to higher-value targets such as in North America and Europe, according to a report published on Wednesday by cyber security firm Performanta.

Recent ransomware targets include a Senegalese bank, a financial services company in Chile, a tax firm in Colombia, and a government economic agency in Argentina, which were hit as part of gangs’ dry runs in developing countries, the data showed.

Medusa, a cyber gang that “turns files into stone” by stealing and encrypting companies’ data, began to attack businesses in 2023 in South Africa, Senegal, and Tonga, the Performanta report said.

!.txt., would instruct the user to log on to the dark web and start ransom negotiation with the gang’s “customer service.” If victims refuse, the cyber attackers publish the stolen data.

Cyber security companies monitor the dark web for information and then set up “honeypots”—fake websites that mimic attractive targets—in developing nations to catch experimental attacks at an early stage.

When a group of cyber attackers this year began discussing a new vulnerability, named CVE-2024-29201, they “specifically targeted a few [exposed servers] in third world countries to test out how reliable the exploit was,” said Izrael from Armis, whose analysts were monitoring the gang’s conversations on the dark web.


The original article contains 745 words, the summary contains 216 words. Saved 71%. I'm a bot and I'm open source!