The NetWalker ransomware was one of the ransomware variants facilitated by LolekHosted. ![]() Grabowski registered the domain “” in 2014, and advertised that its services were “bulletproof,” provided “100% privacy hosting,” and allowed clients to host “everything except child porn.” Grabowski allegedly facilitated the criminal activities of LolekHosted clients by allowing clients to register accounts using false information, not maintaining Internet Protocol (IP) address logs of client servers, frequently changing the IP addresses of client servers, ignoring abuse complaints made by third parties against clients, and notifying clients of legal inquiries received from law enforcement. Through LolekHosted, Grabowski provided “bulletproof” webhosting services, which is secure webhosting designed to facilitate malicious and criminal activities, including ransomware, brute-force attacks, and phishing. The full report is available from the CrowdStrike site.An indictment was unsealed yesterday in Tampa, Florida, charging a Polish national with computer fraud conspiracy, wire fraud conspiracy, and international money laundering in connection with the provision of “bulletproof” webhosting services that facilitated the operation of ransomware attacks and the subsequent laundering of the illicit proceeds.Īccording to court documents, Artur Karol Grabowski, 36, operated a webhosting company named LolekHosted. More than 20 of the new additions are 'SPIDERS', the CrowdStrike naming convention for eCrime adversaries. Only by understanding their rapidly evolving tradecraft, techniques and objectives - and by embracing technology fueled by the latest threat intelligence - can companies remain one step ahead of today's increasingly relentless adversaries."ĬrowdStrike Intelligence has added 33 newly tracked adversaries bringing the total number of known adversaries tracked to more than 200. "Today's threat actors are smarter, more sophisticated, and more well resourced than they have ever been in the history of cybersecurity. Splintered eCrime groups re-emerged with greater sophistication, relentless threat actors sidestepped patched or mitigated vulnerabilities, and the feared threats of the Russia-Ukraine conflict masked more sinister and successful traction by a growing number of China-nexus adversaries," says Adam Meyers, head of intelligence at CrowdStrike. "The past 12 months brought a unique combination of threats to the forefront of security. ![]() ![]() ![]() Log4Shell has continued to ravage the internet, while both known and new vulnerabilities, like ProxyNotShell and Follina - two of Microsoft's 28 zero days and 1,200 patches - have been broadly exploited as nation-state and crime adversaries circumvented patches and side stepped mitigations. There's evidence too that adversaries are re-weaponizing and re-exploiting vulnerabilities. There's also been a 112 percent year-on-year increase in access broker advertisements on the dark web - illustrating the value of and demand for identity and access credentials in the underground economy.Ĭloud exploitation also grew by 95 percent and the number of 'cloud-conscious' threat actors nearly tripled year-on-year as adversaries are increasingly targeting cloud environments.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |