Connect with us

Press Release

Hackers target Russian businesses with ransomware that was disclosed by Conti.

Published

on

Hackers target Russian businesses

Using the Conti ransomware’s stolen source code, a hacking group produced their own ransomware to be used in cyberattacks against Russian organisations.

We frequently hear about ransomware attacks that target businesses and encrypt data, but we hardly ever hear about assaults on Russian organisations.

This absence of attacks is a result of Russian hackers’ widespread conviction that if they do not target Russian targets, then the nation’s law enforcement will ignore attacks on other nations.

The situation has changed, though, as the hacking gang NB65 is now launching ransomware assaults against Russian firms.

Russian targets for ransomware
An organisation known as NB65 has been hacking Russian organisations for the past month, collecting their data, and exposing it online while claiming responsibility for the attacks on Russia’s invasion of Ukraine.

The document management company Tensor, the Russian space agency Roscosmos, and the state-owned Russian Television and Radio broadcaster VGTRK are among the Russian organisations that the hacking group claims to have attacked.

The attack on VGTRK was particularly noteworthy because it is claimed that 786.2 GB of data, including 900,000 emails and 4,000 files, were stolen and then released on the DDoS Secrets website.

The NB65 hackers have recently adopted a new strategy and, since the end of March, have been targeting Russian enterprises with ransomware attacks.

This is made even more intriguing by the fact that the hacker organisation used the Conti Ransomware operation’s leaked source code to construct their own ransomware. Conti is a group of Russian threat actors that forbid their members from assaulting targets in Russia.

A security researcher released 170,000 internal chat conversations and the source code for Conti’s operation after they sided with Russia in the war on Ukraine.

Threat researcher Tom Malka originally alerted BleepingComputer to NB65’s activities, but we were unable to locate a ransomware sample, and the hacking collective was unable to offer one either.

But yesterday, a sample of the modified Conti ransomware executable used by the NB65 was released to VirusTotal, giving us a look at how it operates.

This sample is recognised as Conti by almost all antivirus vendors on VirusTotal, and Intezer Analyze found that it shares 66% of the code with other Conti ransomware strains.

The ransomware developed by NB65 would append the when encrypting files, according to a test by BleepingComputer.

The names of the encrypted files have an NB65 extension.

Throughout the encrypted device, the ransomware will also produce ransom notes with the filename R3ADM3.txt. The threat actors will blame President Vladimir Putin for invading Ukraine for the cyberattack.

“We keep a careful eye on things. War crimes should not have been committed by your president. Look no further than Vladimir Putin for someone to blame for your current condition “reads the NB65 ransomware message displayed below.

In order to prevent existing decryptors from functioning, the NB65 hacker gang adjusted its encryptor for each victim based on the first Conti source code leak, according to a spokesperson who spoke to BleepingComputer.

“It has been changed such that no decryptor created by Conti will function. A random key is generated for each deployment depending on a few variables that we alter for each target, “According to NB65, BleepingComputer.

Without speaking to us, there is truly no way to decode.

NB65 informed us that they did not anticipate hearing from their victims at this time because they have not received any correspondence from them.

We’ll let NB65’s justifications for assaulting Russian groups speak for themselves.

Continue Reading

Press Release

Russian processor manufacturers are prohibited from using ARM because of UK sanctions.

Published

on

Russian processor manufacturers are prohibited from using ARM because of UK sanctions.

On Wednesday, the UK government expanded its list of sanctioned Russian organisations by 63. The two most significant chip manufacturers in Russia, Baikal Electronics and MCST (Moscow Center of SPARC Technologies), are among them.

Since the licensee, Arm Ltd., is situated in Cambridge, England, and must abide by the penalties, the two sanctioned firms will now be denied access to the ARM architecture.

contacting inactive entities

The UK government provided the following justification for the restrictive measures put in place against Baikal and MCST:

The clause’s goal is to persuade Russia to stop acting in a way that threatens Ukraine’s territorial integrity, sovereignty, or independence or that destabilises Ukraine.

The two companies are important to Russia’s ambitions to achieve technical independence since they are anticipated to step up and fill the gaps left by the absence of processors built by Western chip manufacturers like Intel and AMD.

The two currently available most cutting-edge processors are:

Eight ARM Cortex A57 cores running at 1.5 GHz and an ARM Mali-T628 GPU running at 750 MHz make up the 35 Watt Baikal BE-M1000 (28nm) processor.
MCST Elbrus-16S (28nm), a 16-core processor clocked at 2.0 GHz, is capable of 1.5 TFLOP calculations, which is a tenth of what an Xbox Series X can do. Baikal BE-S1000 (16nm), a 120 Watt processor featuring 48 ARM cores clocked at 2.0 GHz, MCST Elbrus-8C (28nm), a 70 Watt processor featuring eight cores clocked at 1.3 GHz,
Russian businesses and organisations that evaluated these chips in demanding applications claim that they fall short of industry standards and are even unacceptably priced.

Although the performance of these processors and the far poorer mid-tier and low-tier chips with the Baikal and MCST stickers is not very spectacular, they could keep some crucial components of the Russian IT sector operating amid shortages.

In reality, MCST recently bragged that it was “rushing to the rescue” of vital Russian enterprises and organisations, successfully filling the void left in the domestic market.

sanctions’ effects
Given that Russia has previously demonstrated its willingness to relax licencing requirements in order to mitigate the consequences of Western-imposed limitations, it is simple to discount the application and impact of the UK’s sanctions.

It is crucial to keep in mind that the Baikal and MCST processors are produced in foreign foundries, such as those owned by Samsung and TSMC, and that neither of them would violate Arm’s licencing policies or international law to serve Russian objectives.

The only option is to bring the production home and break the law as Baikal, which has a legitimate licence to produce at 16nm, only has a design licence for its next products.

The fact that chip fabrication in Russia can only now be done at the 90nm node level presents yet another significant issue. That was the same technology NVIDIA employed in 2006 for its GeForce 7000-series GPUs.

To combat this in April 2022, the Russian government has already approved an investment of 3.19 trillion rubles (38.2 billion USD), although increasing domestic production will take many years. In the best-case scenarios, 28nm circuits will be able to be produced by Russian foundries by 2030.

Continue Reading

Press Release

PE firm Insight Allies spends $290M for a bulk risk in CivicPlus, which provides software and also various other innovation to greater than 4,000 municipal governments (AJ Dome/Manhattan Mercury).

Published

on

PE firm Insight Allies spends

PE firm Insight Partners invests $290M for a majority stake in CivicPlus, which provides software and other technology to more than 4,000 municipal governments (AJ Dome/Manhattan Mercury)

AJ Dome / Manhattan Mercury:
PE firm Insight Partners invests $290M for a majority stake in CivicPlus, which provides software and other technology to more than 4,000 municipal governments  —  A Manhattan software business owner says a multimillion-dollar investment into the company will not change the company’s makeup.

Continue Reading

Press Release

EXAMINING THE LINKS BETWEEN THE RATIONALIST COMMUNITY, WITH SLATE STAR CODEX BLOG AS ITS EPICENTER, AND INFLUENTIAL LEADERS IN TECH, INCLUDING OPENAI’S FOUNDERS (CADE METZ/NEW YORK TIMES)

Published

on

EXAMINING THE LINKS BETWEEN THE RATIONALIST COMMUNITY

Examining the links between the Rationalist community, with Slate Star Codex blog as its epicenter, and influential leaders in tech, including OpenAI’s founders  —  Slate Star Codex was a window into the psyche of many tech leaders building our collective future.  Then it disappeared.

Continue Reading

Trending