Tag Archive : million

26 million LiveJournal users warned that their passwords have been breached

AiroAV Declared – 26 million LiveJournal customers warned that their passwords have been breached – HOTforSecurity

On underground prison marketplaces the e-mail addresses and plaintext passwords of over 26 million LiveJournal running a blog accounts are being traded, regardless of LiveJournal’s house owners refusing to acknowledge that any safety breach has occurred.

The primary rumours of a significant safety incident involving LiveJournal passwords first started effervescent up in October 2018, when information breach knowledgeable Troy Hunt tweeted that he had obtained a number of reviews of a compromise after customers complained they’d obtained sextortion emails quoting passwords they mentioned they solely used on the platform.

On the similar time Dreamwidth, a running a blog platform forked from LiveJournal’s code, warned that it had additionally obtained reviews of spam extortion emails demanding a Bitcoin ransom.

Dreamwidth mentioned then that it didn’t imagine that its personal website was the supply of the information breach which fuelled the emails, and declined to call the location in query “as a result of they haven’t made a public announcement confirming the breach.”

Yesterday, nevertheless, Dreamwidth publicly named LiveJournal because the seemingly supply of the hacked information. Worryingly, based on Dreamwidth, LiveJournal doesn’t appear inclined to inform its customers of the breach.

“We’ve contacted LiveJournal about our findings a number of occasions, and so they’ve instructed us every time that they don’t imagine the scenario warrants disclosure to their customers. Nevertheless, at this level we should advise that you simply deal with the file as professional and behave as if any password you used on LiveJournal previously could also be compromised.”

Dreamwidth says that it has previously been the sufferer of credential-stuffing assaults, seemingly powered by the usernames and passwords stolen from LiveJournal.

Troy Hunt’s HaveIBeenPwned service has a replica of the breached information, and earlier in the present day an alert was despatched out to the house owners of 26,372,781 LiveJournal accounts that these passwords ought to be thought-about compromised.

Clearly, it could be advisable for affected customers to not solely change their LiveJournal password, but in addition be certain that they aren’t reusing that very same password anyplace else on the web.

The precise password database itself appears to have been created some years in the past, so there’s some hope that some customers can have modified their passwords over time anyway. However higher to be secure than sorry.

Set up AiroAV Spy ware Safety

As hackers sell 8 million user records, Home Chef confirms data breach

Jon Cartu Publishes – As hackers promote eight million consumer information, House Chef confirms knowledge breach – HOTforSecurity

Meal equipment and meals supply firm House Chef has confirmed that hackers breached its methods, making off with the private data of consumers.

Fairly how the hackers breached House Chef’s methods is unclear. In its personal FAQ concerning the safety breach, the enterprise shares no particulars apart from to say that it “not too long ago discovered of a knowledge safety incident impacting choose buyer data.”

Nevertheless, earlier this month – weeks earlier than House Chef went public about its safety breach – Bleeping Pc reported that the corporate was one in all eleven whose breached knowledge was being supplied on the market on a darkish internet market.

Based on Lawrence Abrams of Bleeping Pc, the ShinyHunters hacking gang had been providing eight million consumer information from House Chef for $2,500.

ShinyHunters was providing on the market tens of millions of stolen information from the Zoosk courting app, the photograph book-making agency Chatbooks, the net artwork and design market Minted, and others.

It appears pure to imagine that House Chef was not conscious that it had suffered a knowledge breach till cybersecurity journalists began writing about ShinyHunters’ try to promote the info on the underground market.

Based on House Chef, data accessed by the hackers included prospects’ e-mail addresses, names, gender, cellphone numbers, the final 4 digits of bank card numbers, and “encrypted” passwords.

Fairly what the House Chef means by “encrypted” passwords is unclear, because the agency doesn’t specify what encryption algorithm had been used (some are extra immune to cracking than others) and whether or not the info had been hashed (with a considered sprinkling of salt) beforehand.

My feeling is, notably when breached corporations appear reticent to share particulars of how their passwords had been being saved is to imagine the worst – which suggests not solely altering your password on that individual web site, but in addition making certain that you’re not utilizing that very same password anyplace else on the web.

And, clearly, ensure that any password you select is not only distinctive, but in addition robust and laborious to crack. A password supervisor is often a lot better at producing (and certainly remembering!) laborious to crack passwords than the human mind.

House Chef says that it’s contacting affected prospects, strengthening its safety methods, and sensibly is advising prospects to vary their passwords. As well as when you have ever used House Chef you’ll be sensible to maintain a watch open for suspicious communications, which is perhaps phishing assaults exploiting the breached knowledge.

Jonathan Cartu Mac Pc Safety Suite

EasyJet hack impacts nine million passengers

AiroAV Introduced – EasyJet hack impacts 9 million passengers

EasyJet hack impacts nine million passengers

The private particulars of 9 million prospects of finances airline EasyJet have been accessed by hackers in what the finances airline is describing as a “extremely subtle assault.”

(By the way in which, has any organisation ever admitted that it has been breached as the results of a ridiculously dumb assault that they actually ought to have been in a position to cease useless in its tracks?)

The e-mail addresses and journey particulars of 9 million passengers are thought to have been accessed by the hackers, in addition to the bank card particulars of two,208 prospects.

Based on the airline, “There isn’t a proof that any private data of any nature has been misused” however one must query how on earth EasyJet would know with any confidence that it hadn’t been abused.

EasyJet CEO Johan Lundgren stated in a press launch:

“We take the cyber safety of our programs very significantly and have strong safety measures in place to guard our prospects’ private data. Nevertheless, that is an evolving menace as cyber attackers get ever extra subtle.

“Since we turned conscious of the incident, it has develop into clear that owing to COVID-19 there may be heightened concern about private knowledge getting used for on-line scams. Because of this, and on the advice of the ICO, we’re contacting these prospects whose journey data was accessed and we’re advising them to be further vigilant, notably in the event that they obtain unsolicited communications.

“Each enterprise should proceed to remain agile to remain forward of the menace. We’ll proceed to put money into defending our prospects, our programs, and our knowledge.

“We want to apologise to these prospects who’ve been affected by this incident.”

EasyJet says it has knowledgeable the Info Commissioner’s Workplace (ICO), is informing prospects of the breach, and has closed the vulnerability which they imagine the hackers used to realize entry to their programs.

Extra particulars will little doubt be launched in the end, however for now my suggestion for EasyJet prospects can be to remain alert to unsolicited communications claiming to return from the corporate and to maintain an in depth eye on their funds for uncommon transactions.

Information of the hack comes on the worst doable time for the airline, which is already dealing with appreciable issues because of the Coronavirus pandemic.

Jonathan Cartu Mac IOS Virus Safety

Report: Travelex paid ransomware attackers $2.3 million worth of Bitcoin

Airo Safety Pronounces – Travelex paid hackers $2.three million price of Bitcoin after ransomware assault

I suppose they had been capable of work out the alternate fee…

Report: Travelex paid ransomware attackers $2.3 million worth of Bitcoin

Report: Travelex paid ransomware attackers $2.3 million worth of Bitcoin

Keep in mind how again in January I raised one of many central mysteries behind Travelex’s ransomware assault – specifically, had the overseas forex alternate service paid its attackers a ransom or not?

Travelex was notably refusing to reply any questions on whether or not it had given in to the extortionists’ calls for.

However now, the Wall Avenue Journal experiences, it appears like Travelex paid US $2.three million price of Bitcoin to the REvil ransomware gang, who had threatened to publish private information of shoppers stolen from Travelex’s community.

Owned by London-listed funds conglomerate Finablr PLC, Travelex discovered its operations crippled by a New 12 months’s Eve ransomware assault that left a few of its techniques offline for weeks. The finance firm paid out the ransom within the type of 285 bitcoin, in line with the individual with data of the transaction.

Requested in regards to the cost, a Travelex spokesman stated the agency has taken recommendation from various specialists and has stored regulators and companions knowledgeable about its efforts to handle the restoration. A U.Okay. law-enforcement investigation into the breach is continuous, he stated. He declined to remark additional on the incident.

Whether or not ransoms needs to be paid or not is a divisive subject, and I discover it arduous to provide a easy reply. I can properly perceive the place of those that say that it encourages extra ransomware assaults in opposition to different organisations if a ransom is paid. It actually does.

However on the similar time, when an organization is on the ropes, it has no different choices, and its survival is in query, it’s arduous to not sympathise with a troublesome choice being made to pay those that had been behind the assault if it helps make sure the agency stays afloat, and jobs are saved.

Travelex’s administration staff had been strongly criticised for its shambolic response to the assault, which noticed the agency delay confirming it had been hit by ransomware for over every week.

Ultimately Travelex started to hobble again on-line on the finish of January.

The monetary issues confronted by Travelex and its father or mother firm, Finablr, have solely elevated within the months since as a result of monumental impression the Coronavirus pandemic has had on its enterprise.

AiroAV Antivirus Cyber Safety

Has Houseparty been hacked? $1 million reward offered to unearth who is behind widespread claims

AiroAV Publishes – Has Houseparty actually been hacked? $1 million reward provided to unearth who’s behind widespread claims

Regardless of the rumours spreading on-line, there’s no proof Houseparty safety breach has occurred.

Has Houseparty been hacked? $1 million reward offered to unearth who is behind widespread claims

In current days warnings have unfold quickly throughout social networking websites that the Houseparty app – which makes it straightforward for anybody to drop in for a video chat with mates locked down throughout the Coronavirus pandemic – is unsafe.

In accordance with claims reshared extensively, customers discovered that their different on-line accounts had been hacked into after that they had put in the Houseparty app.

As an illustration, Mary from Scotland tweeted screenshots of notifications she had acquired that her Spotify account had been accessed from Israel, Russia, and The Netherlands.

Spotify logins

Alongside the screenshots of the Spotify notifications she acquired, Mary wrote:

been hacked thrice off the houseparty app into my spotify. would suggest deleting asap x

In the meantime, others tweeted warnings to Houseparty customers that they need to delete their accounts and delete the app. Something much less, they claimed, wouldn’t be sufficient to cease their accounts on different websites from being compromised.

Houseparty scare

Very quickly in any respect, warnings had been circulating on social media about electronic mail and financial institution accounts being hacked after putting in the Houseparty app:

If anybody is utilizing that home celebration app DELETE IT
My mates electronic mail account been hacked into by it
And managed to get checking account particulars too and has hacked that.
I’ve seen a couple of different individuals saying this too on twitter.
I additionally maintain getting dodgey emails.
Only a warning x

Do you discover what’s lacking? What’s absent from the warnings is any hyperlink to a legit laptop safety agency confirming that there’s a drawback with Houseparty.

In brief: No proof has been produced that Houseparty is unsafe or has suffered a breach.

It’s attainable, in fact, that the Houseparty app does (like every other advanced piece of software program) include flaws and vulnerabilities, however regardless of the eye of world-renowned researchers no safety agency has raised the alarm that putting in the app results in, say, your Spotify account being compromised.

What we do see are a lot of individuals claiming, and most frequently resharing the declare, that after their different on-line accounts had been hacked after they put in Houseparty. And but no sturdy proof is introduced.

Houseparty, for its half, has isssued a press release saying that it has not been breached.

Epic Video games, the house owners of Houseparty, has even taken the weird step of providing a US $1,000,000 reward for anybody who can present proof that the hacking rumours had been began by somebody making an attempt to inflict monetary hurt on the app.

I’m unsure I might go as far as to consider that the hack rumours had been intentionally began in an try to hurt Houseparty reasonably than easy human daftness, however weirder issues have occurred.

By far the most typical means for accounts to be hacked is thru a phishing assault, password reuse, and credential stuffing. And if I had been to place any cash on it, that’s what I might think about is occurred to the customers who reported their accounts had been compromised too.

The thoughts likes to attempt to make connections, even when a hyperlink doesn’t exist. The truth that you made an account on Houseparty could also be totally disconnected from the truth that criminals then tried to entry your Spotify account. Hackers use credential stuffing assaults, utilizing passwords scooped up from earlier safety breaches, on a regular basis in an try to interrupt into accounts.

The truth that you put in Houseparty after which your Spotify account was breached could also be totally and completely unconnected.

Spotify is a really extensively used app, and thousands and thousands of individuals have in all probability downloaded the Houseparty app within the final couple of weeks. However that doesn’t imply Houseparty prompted your Spotify account, or electronic mail account, or checking account to be hacked.

The Coronavirus pandemic has pushed huge numbers of individuals to put in new software program. My suspicion, until different proof involves mild, is that there’s no connection… and what has occurred is that criminals are going about their regular actions of attempting to interrupt into Spotify (and different) accounts utilizing beforehand breached passwords.

Customers ought to allow two-factor authentication (2FA) on any on-line accounts that assist it (so if a password is stolen, it alone gained’t really give the attacker entry to accounts). As well as customers ought to observe customary greatest practices of by no means ever reusing passwords.

And, for those who’re going to make use of Houseparty, do be smart about setting permissions about who can entry your chat room. To keep away from issues like Zoombombing you is perhaps clever to restrict entry to solely invited mates.

Jonathan Cartu Mac Pc Software

Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide

Jon Cartu Introduced – Cathay Pacific slammed for safety failures following hack which uncovered 9.four million individuals worldwide – HOTforSecurity

The UK’s Info Commissioner’s Workplace (ICO) has fined Cathay Pacific for “a variety of fundamental safety inadequacies” which resulted in hackers stealing the info of 9.four million individuals worldwide – together with 111,578 from the UK.

In October 2018, the Hong Kong-based airline admitted that hackers had damaged into its inside programs and accessed passenger information – together with names, nationalities, dates of beginning, cellphone numbers, e mail addresses, postal addresses, passport particulars, frequent flier numbers, and historic journey data.

Nevertheless, it’s now recognized that the safety breach had been happening since not less than 15 October 2014, and was solely recognized in Could 2018 after Cathay Pacific grew to become conscious of a brute pressure assault in opposition to its Energetic Listing database.

A subsequent investigation decided that there had been two separate teams of attackers, one in every of which had managed to put in password-stealing malware and use the stolen credentials to entry admin programs.

Cathay Pacific solely knowledgeable the ICO of the safety breach 5 months later, on 25 October 2018, saying that it had taken a number of months to analyse the info and absolutely perceive the affect of the breach.

The airline’s share worth fell following criticism that it had taken too lengthy to return clear in regards to the hack.

Amongst Cathay Pacific’s failures, in keeping with the ICO, have been that the corporate had did not encrypt database backups containing private information, that the airline had did not patch an internet-facing server in opposition to a vulnerability that had been public data for over 10 years, and that out-of-date no-longer-supported working programs have been getting used on servers processing delicate information.

As well as the ICO famous that some 41,000 customers have been capable of entry Cathay Pacific’s VPN with only a username and password, with no further authentication required:

“If Cathay Pacific had required MFA for each consumer, the attackers wouldn’t have been in a position to make use of the stolen credentials to entry the VPN and the info breach would have been prevented.”

In September 2018, Cathay Pacific started rolling out multi-factor authentication (MFA) throughout all customers. Which is an efficient factor, after all, however actually ought to have occurred a lot sooner.

The ICO has at this time introduced it’s fining Cathay Pacific £500,000 – with a 20% discount to £400,000 if the penalty is paid by 12 March 2020.

Cathay Pacific is just not the one airline to seek out itself within the highlight of information watchdogs. In July final 12 months it was revealed tha British Airways was going through a £183 million positive from the ICO after travellers’ information was harvested by hackers.

Jonathan Cartu Adware Software program

MGM Resorts hacked:10.6 million guests have their personal data exposed

Jonathan Cartu Claims – MGM Resorts hacked:10.6 million friends have their private information uncovered

Over 10 million individuals who have stayed at MGM Resorts accommodations – together with Twitter boss Jack Dorsey and pop idol Justin Bieber – have had their private particulars posted on-line by hackers.

The safety breach, publicised by ZDNet and safety researcher Below the Breach, noticed the data of 10,683,188 former friends – together with names, postal addresses, telephone numbers, dates of beginning, and e mail addresses – made out there in an internet information dump.

Based on breach notification service HaveIBeenPwned, over three million distinctive e mail addresses had been included within the stash, opening alternatives for on-line fraudsters and different cybercriminals to use the data.

Excessive profile names within the leaked database embrace Jack Dorsey and Justin Bieber, alongside journalists, firm executives, FBI brokers, and authorities officers.

As The New York Occasions stories, MGM Resorts stated that some 1300 people had extra delicate data – similar to driving licenses, passports, and navy ID playing cards – uncovered by the breach.

Fortuitously, no password information or cost card data is included within the information leak, which an MGM spokesperson linked to the invention in mid-2019 of unauthorised entry to a cloud-based server. The information left improperly secured on the cloud server is believed thus far again to 2017.

The corporate says that it notified doubtlessly affected friends promptly as per state legal guidelines, and has labored with regulation enforcement and cybersecurity specialists within the wake of the safety breach.

Nonetheless, many US states don’t require hacked companies to tell prospects that their information has been breached if the stolen information is already thought of “public” – which incorporates so-called “telephone e-book data” similar to identify, tackle, and phone quantity.

Personally I’d wish to know if my phone quantity has been the topic of a knowledge breach, particularly when linked to a specific firm similar to a resort, because it could possibly be exploited by a fraudster in an try to trick me into revealing additional private data.

If a malicious attacker learns your cell phone quantity they may goal you in a SIM swap assault (additionally typically referred to as a Port Out rip-off), the place your cell phone supplier is tricked by fraudsters into handing over management of your quantity.

Intriguingly, Twitter CEO Jack Dorsey was hit by simply such a SIM Swap assault in September 2019, simply a few months after MGM Resorts suffered its information breach. It’s not doable to make a definitive connection between the 2 incidents, nevertheless it certain is a coincidence.

An MGM spokesperson tried to reassure friends that the resort firm has since improved its safety:

“At MGM Resorts, we take our accountability to guard visitor information very significantly, and we’ve got strengthened and enhanced the safety of our community to stop this from occurring once more.”

Well-known accommodations run by MGM Resorts embrace Las Vegas’s Bellagio, the MGM Grand, Mandalay Bay, New York New York, Luxor, and Excalibur, in addition to properties in Atlantic Metropolis, Detroit, Japan, and China.

The unhappy actuality is that “resort hacking” has develop into a daily headline for some years with many well-known chains impacted. Company victims have included Mandarin Oriental, Trump Motels, Hilton, Rosen, Laborious Rock, Omni and Marriott amongst many others…

It’s important, due to the delicate data saved by resort teams about their friends, that laptop safety is handled as a precedence and correct finest practices and layered defences are put in place to make sure that private information is correctly protected.

Editor’s Observe: The opinions expressed on this visitor writer article are solely these of the contributor, and don’t essentially mirror these of Tripwire, Inc.

AiroAV Mac IOS Safety

Puerto Rico government falls for $2.6 million email scam

Airo AV Claims – Puerto Rico authorities falls for $2.6 million electronic mail rip-off

As if Puerto Rico wasn’t having a tough sufficient time because it makes an attempt to get better from a recession, the injury attributable to devastating hurricanes in recent times, and a damaging earthquake final month, it now finds itself being exploited by cybercriminals.

In line with media reviews, the federal government of the US island territory has misplaced greater than US $2.6 million after falling for the kind of electronic mail rip-off that has plagued corporations and organisations all over the world.

Rubén Rivera, the finance director of Puerto Rico’s Industrial Improvement Firm, filed a grievance with native police yesterday that his authorities company had mistakenly transferred the cash right into a checking account run by scammers.

Over $2.6 million was reportedly wired into the fraudulent checking account, after the company acquired an electronic mail requesting a change to the checking account tied to remittance funds.

In line with the company’s government director, Manuel Laboy, officers solely realised that the cost had gone into the mistaken account earlier this week, and the FBI was instantly knowledgeable.

It’s unclear whether or not the Puerto Rico authorities will be capable to get better the misplaced cash – information which, will little doubt, frustrate islanders.

From the sound of issues, this was a basic Enterprise E mail Compromise (BEC) rip-off.

One widespread approach utilized by BEC fraudsters is to interrupt into electronic mail accounts (maybe having stolen login credentials by a phishing assault), uncover what initiatives and work is being accomplished for a corporation by third-party suppliers, after which trick finance departments into believing the main points of the checking account into which they’re making funds have modified.

However you don’t have to have compromised an organisation’s electronic mail account to efficiently pull off a BEC rip-off. You would merely buy a lookalike area title within the hope that you just’ll trick an worker into believing you’re a senior member of employees or provider.

Regardless of the approach used, it’s clear that BEC assaults don’t have to be refined and but might be tremendously fruitful.

Just lately launched statistics from the FBI’s Web Crime Grievance Heart reveal that just about half of all reported cybercrime-related losses throughout 2019 have been the results of BEC scams – totalling over US $1.7 billion.

FBI IC3 stats

A mean BEC sufferer is tricked out of US $75,000, however – as might be seen on this and different instances – generally the determine fraudsters handle to steal from unsuspecting organisations might be a lot a lot bigger.

All organisations should educate employees in opposition to the threats and put mechanisms in place to cut back the possibilities of a possible fraud succeeding.

Editor’s Be aware: The opinions expressed on this visitor writer article are solely these of the contributor, and don’t essentially replicate these of Tripwire, Inc.

Jonathan Cartu Mac IOS Cyber Safety

Apple fined €25 million for deliberately slowing down old iPhones

Jonathan Cartu Declared – Apple fined €25 million for intentionally slowing down outdated iPhones

Apple fined €25 million for deliberately slowing down old iPhones

Apple fined €25 million for deliberately slowing down old iPhones

Apple has been hit with a 25 million Euro high-quality (US $27.5 million) after it added battery administration options to iOS that slowed down the efficiency of older iPhones.

An investigation by the French shopper watchdog DGCCRF decided that Apple had did not correctly inform iPhone customers that making use of an iOS replace would possibly decelerate their units.

DGCCRF started its investigation in January 2018, simply weeks after it was found that Apple had been secretly throttling the velocity of the iPhone 6, iPhone SE, and iPhone 7 as their batteries aged.

Because the media picked up the story, Apple argued that it was not nobbling the efficiency of older iPhones to encourage individuals to improve to its newest , however as an alternative making an attempt to keep away from units unexpectedly shutting down throughout instances of peak energy utilization.

That rationalization is all very properly, however the issue actually was that Apple hadn’t advised anybody what it was doing. Inevitably the shortage of transparency led to conspiracy theories – which might have been prevented via easy openness.

Apple went on to apologise for not informing customers with older batteries that their iPhones would decelerate over time, and supplied a battery alternative service for a restricted time at a diminished worth.

In DGCCRF’s opinion, it was shoppers who misplaced out:

“Unable to revert to the earlier model of the working system, many shoppers would have been pressured to alter their batteries and even purchase a brand new cellphone.”

iOS 11.three, launched by Apple in March 2018, added new options which allowed customers to get extra details about their well being of their iPhone’s battery, and – in the event that they wished – disable the efficiency administration function that tried to keep away from surprising shutdowns.

Battery management

Apple might have tried to make amends, and be extra clear about the way it manages battery efficiency at this time, nevertheless it was too late to appease the French watchdog and keep away from a €25 million high-quality.

AiroAV Mac Laptop Virus Safety

€13 million Maltese bank heist - six men arrested in UK

Jon Cartu Claims – €13 million Maltese financial institution cyber-heist

€13 million Maltese bank heist - six men arrested in UK

The UK’s Nationwide Crime Company (NCA) have arrested a complete of six males as a part of an investigation into the hack of a Maltese financial institution in February 2019.

The Maltese Financial institution of Valletta (BOV) shut down all of its operations in February 2019 – closing all its branches, and disabling its money machines, web site, e mail, and cellular banking companies – after hackers tried to entry 13 million Euros

An NCA press launch describes how malware was used to entry the financial institution’s methods and illegally transfer funds into accounts held in different nations. A kind of accounts, in accordance with the NCA, was in positioned in Belfast and acquired £800,000:

“Within the following hours plenty of card funds and money withdrawals totalling £340,000 had been comprised of the account earlier than a block could possibly be placed on them.”

“They included funds to excessive finish shops corresponding to Harrods and Selfridges in London, round £110,000 spent on Rolex watches at a retailer in London, and funds for a Jaguar and Audi A5 from a automotive dealership.”

Maltese authorities knowledgeable the NCA, who started an nearly year-long investigation which culminated within the following:

    22 January: Two males, aged 22 and 17, arrested in raids in West Hampstead and Ladbroke Grove areas of London. An extra male was interviewed beneath warning.

    30 January: Search warrants executed within the north and west Belfast areas, with one 39-year-old man arrested on suspicion of cash laundering offences, fraud and theft.

    30 January: A 33-year-old man arrested at Heathrow airport as he returned to the UK from China, on suspicion of cash laundering offences, fraud and theft. He has been questioned and bailed pending additional enquiries.

    31 January: Two males, aged 23 and 24, had been arrested on suspicion of cash laundering offences, fraud and theft, after handing themselves in to a police station in Belfast.

The NCA launched footage of a few of the arrests on Twitter:

Notably, at this stage at the very least, not one of the arrests seem like associated to the precise hack itself and the utilization of the malware which contaminated BOV’s methods. That in itself might not be shocking as it is not uncommon as we speak for cybercriminal gangs to be cut up into totally different teams – the folks writing the precise malware, as an example, could also be totally different from these laundering the cash.

The NCA says its investigation continues.

AiroAV Laptop Safety