“Ukraine Cyber Alliance Takes Down Trigona Ransomware Gang, Wipes Their Data Clean”
In recent times, we’ve witnessed numerous headlines about ransomware groups wreaking havoc on corporate networks. However, this time, the ‘Ukraine Cyber Alliance,’ a group of activists, managed to infiltrate the Trigona Ransomware gang’s database and completely obliterate their operations. Notably, they absconded with sensitive information, including source code, decryption keys, and some cryptocurrency earnings acquired by the gang during the month of September this year.
A technical analysis released to the media indicates that the gang exploited a known vulnerability, CVE-2023-22515, to breach the Confluence database and gain access to this critical information. As our analysis team continues to investigate, we will provide updates as soon as further details are confirmed.
“Data Deletion Hack Targets Facebook Users”
For the first time in the history of hacking, a hacker or hacking group successfully took control of a Facebook account belonging to a photographer. They systematically deleted images and customer orders that had been stored on the account for the past seven years. The account holder, Doug Bazley from Queensland, expressed deep disappointment at the data wipe and reported the incident to Meta’s subsidiary, which subsequently launched an inquiry into the matter.
The hack appears to have occurred after Doug clicked on a phishing link that arrived in his inbox, cleverly disguised as a Meta company communication. The perpetrator(s) assumed control of the web page, altering the profile photo, changing the account holder’s name, and systematically erasing all the data that had been stored for years. Doug also voiced his dissatisfaction with the security measures Facebook imposes on user accounts. As the issue remains under investigation, it may take some time for all the facts to be revealed. Notably, deleted data often remains stored in the archival database of the social media giant for a certain period.
“Criminal Gang RansomedVC Compromises District of Columbia Board of Elections”
The District of Columbia Board of Elections (DCBOE) fell victim to a criminal gang known as RansomedVC, infamous for data extortion and their hefty demands for decryption keys. The attack followed an unconventional path, with the criminals initially targeting the hosting provider DataNet before gaining control of the online platform housing Washington DC Election Authority data.
To substantiate their claims, the gang leaked approximately 60,000 lines of voter information belonging to Washington DC voters and listed the data for sale on the dark web. The exposed information includes Social Security Numbers, driver’s license details, dates of birth, phone numbers, and email addresses. Law enforcement agencies such as the FBI and DHS have taken note of the data breach and are actively investigating these claims.
It is noteworthy that this same criminal gang, RansomedVC, was previously involved in the server hack of Sony and was confirmed to have stolen over 260GB of files in that incident.
