FlagThis

The Dutch Police dismantled the ZServers/XHost bulletproof hosting operation, seizing 127 servers. This network has been used by cybercriminals to facilitate illegal activities, including the spread of malware and cyberattacks. The operation’s takedown follows a year-long investigation into its role in enabling cybercriminal activities.

The Phorpiex botnet is now being used to distribute LockBit ransomware through compromised websites and phishing emails. This new attack vector demonstrates the botnet’s evolving capabilities and the automation of ransomware delivery. This is a significant shift from Phorpiex’s previous activities, posing a greater threat to organizations and individuals worldwide. This shows the growing trend of botnets being used for ransomware attacks

Rostislav Panev, a dual Russian-Israeli national, has been charged by the U.S. Department of Justice for his role as a developer within the LockBit ransomware group. He allegedly developed code for disabling antivirus software, spreading malware, and creating ransom notes. The U.S. is seeking his extradition from Israel, where he was arrested in August. The LockBit group, which emerged in 2019, has been responsible for over 2,500 victims across 120 countries, causing over $500 million in ransom payments. Law enforcement seized part of their infrastructure in February but they managed to relaunch soon after.