Latest news with #Lumma
UPI
02-07-2025
- Business
- UPI
U.S. blacklists Russia-based bulletproof hosting services provider
The U.S. Treasury under Secretary Scott Bessent on Tuesday sanctioned a Russia-based bulletproof hosting services provider. File Photo by Annabelle Gordon/UPI | License Photo July 2 (UPI) -- The United States has blacklisted a Russia-based bulletproof hosting services provider, two affiliated companies and four of its leaders accused of aiding bad actors in evading detection as they conduct cybercrimes. Aeza Group is accused of providing its services to ransomware and malware groups, including Medusa and Lumma infostealer operators, who have employed the hosting services provider to target the U.S. defense industrial base and technology companies, among a slew of others. According to the Treasury, Aeza Group sells its services to these malign actors who are given access to specialized servers and other computer infrastructure to help them disseminate their criminal software without detection. "Cybercriminals continue to rely heavily on BPH service providers like Aeza Group to facilitate disruptive ransomware attacks, steal U.S. technology and sell black-market drugs," Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley Smith said in a statement. Along with Aeza Group its British branch, Aeza International, was also blacklisted Tuesday. The Treasury said Aeza Group uses Aeza International to lease IP addresses to cybercriminals. Aeza Logistic and Cloud Solutions were also sanctioned for being Russia-based subsidiaries of Aeza Group. Individuals sanctioned were listed as Arsenii Aleksandrovich Penze, CEO and one-third owner of Aeza Group, Yurri Meruzhanovich Bozoyan, general director and one-third owner of Aeza Group, Vladimir Vyacheslavovich Gast, technical director of Aeza Group, and Igor Anatolyevich Knyazev, a one-third owner of Aeza Group. The Treasury acknowledged Britain for its assistance that led to the designation of Aeza International. "Treasury, in close coordination with the UK and other international partners, remains resolved to expose the critical nodes, infrastructure and individuals that underpin this criminal ecosystem," Smith said. The blacklisting comes after the United States, Australia and Britain jointly sanctioned Russia-based bulletproof hosting service provider Zservers in February.
Channel Post MEA
19-06-2025
- Channel Post MEA
Group-IB Announces Support For INTERPOL's Operation Secure
Group-IB has announced its support for Operation Secure, a major law enforcement initiative led by INTERPOL across the Asia-Pacific region. The operation resulted in the arrest of 32 suspects and the dismantling of vast criminal infrastructures responsible for infostealer malware campaigns targeting individuals and businesses worldwide. Conducted between January and April 2025, Operation Secure was coordinated by INTERPOL under the Asia & South Pacific Joint Operations Against Cybercrime (ASPJOC) framework. It brought together law enforcement agencies from 26 countries and private cybersecurity firms including Group-IB, Kaspersky, and Trend Micro. Group-IB played a central role in providing threat intelligence on infostealer malware such as Lumma, Risepro, and META Stealer. This malware is used by cybercriminals to steal sensitive information, including login credentials, cookies, payment details, and crypto wallet data, often serving as the initial vector for more damaging attacks such as financial fraud and ransomware. Through the collective efforts of law enforcement and cybersecurity partners, more than 20,000 malicious IPs and domains were taken offline, effectively neutralizing 79% of the identified malicious infrastructure. In addition, 41 servers were seized, and more than 100 GB of stolen data was recovered, including compromised credentials linked to over 216,000 victims, all of whom have since been notified to take protective actions. The operation also led to 32 arrests, including 18 individuals in Vietnam, and another 14 across Sri Lanka and Nauru. In Vietnam, authorities seized over VND$300 million in cash, multiple SIM cards, and business registration documents connected to illicit cyber activity. In Hong Kong, investigators discovered 117 command-and-control servers hosted across 89 different ISPs, underlining the global spread of the threat infrastructure. Neal Jetton, INTERPOL's Director of Cybercrime, emphasized the significance of cross-border collaboration, stating: 'INTERPOL continues to support practical, collaborative action against global cyber threats. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.' Dmitry Volkov, CEO of Group-IB, echoed the importance of public-private cooperation: 'The compromised credentials and sensitive data acquired by cybercriminals through infostealer malware often serve as initial vectors for financial fraud and ransomware attacks. By sharing actionable intelligence with INTERPOL and local law enforcement agencies, we are helping to dismantle the infrastructure behind these attacks and protecting both organizations and individuals globally.' Group-IB's collaboration with INTERPOL extends beyond the Asia-Pacific region. The company also supported Operation Red Card, a major international crackdown on cybercrime across Africa that led to the arrest of over 300 cybercriminals and the disruption of criminal networks behind scams targeting thousands of victims. As an official INTERPOL Gateway Partner and an active contributor to global investigations, Group-IB works closely with international law enforcement bodies including INTERPOL, EUROPOL, and AFRIPOL to build a safer cyberspace. The company is also a member of EUROPOL's European Cybercrime Centre (EC3) Advisory Group on Internet Security, which strengthens cooperation between Europol and trusted private-sector partners. Group-IB remains committed to supporting intelligence-led operations that help dismantle cybercriminal infrastructure and protect individuals and businesses worldwide.
The Hindu
04-06-2025
- Business
- The Hindu
Microsoft says to step up AI-powered European cybersecurity
U.S. tech giant Microsoft said Wednesday (June 4, 2025) that it would step up its cooperation with European governments against cyber threats, including by deploying AI-powered intelligence gathering. Its new European Security Program 'puts AI at the center of our work as a tool to protect traditional cybersecurity needs,' Microsoft Vice Chairman Brad Smith wrote in a blog post. Aiming to deliver real-time intelligence about cyber threats to governments, the scheme will extend to the '27 EU member states, as well as EU accession countries, members of the European Free Trade Association (EFTA), the UK, Monaco, and the Vatican,' he added. Microsoft accused the governments of Russia, China, Iran and North Korea of being behind infiltration of European computer networks for espionage and other purposes. Meanwhile cybercriminals are expanding attacks using tools such as ransomware, which encrypts data on victims' computers and demands they fork over cash to unlock it again. 'We see 600 million attacks on our customers every single day,' Smith told reporters in a briefing ahead of the blog post's release, calling cyberdefence a 'multi-billion-dollar expense for customers across Europe'. AI systems can help detect and identify new forms of attack, Mr. Smith wrote in his blog post. But Microsoft has seen malicious actors using the technology for everything from researching targets to writing code and 'social engineering' — or convincing human employees to facilitate access by hackers. And 'influence operations' by nation-states 'are increasingly using AI to mislead and deceive' including with convincing 'deepfake' images, audio and video, Smith added. The company itself 'tracks any malicious use of new AI models we release and proactively prevents known threat actors from using' them, he wrote. Microsoft last month helped police across Europe take down large swathes of digital infrastructure supporting an 'infostealing' network, Lumma, that had been gathering sensitive information like passwords and crypto wallets from victims' devices. In future, members of the company's Digital Crimes Unit will be embedded with Europol's cybercrime specialists in The Hague, Smith wrote, part of a broader increase in collaboration with European security forces. Microsoft's cybersecurity effort is part of a wider push to increase its operations in Europe. The drive comes as trade tensions simmer between the EU and the Trump administration in the U.S., with many voices questioning European firms' strategic dependence on American-made technology.
Business Recorder
04-06-2025
- Business
- Business Recorder
Microsoft says to step up AI-powered European cybersecurity
PARIS: US tech giant Microsoft said Wednesday that it would step up its cooperation with European governments against cyber threats, including by deploying AI-powered intelligence gathering. Its new European Security Program 'puts AI at the center of our work as a tool to protect traditional cybersecurity needs,' Microsoft Vice Chairman Brad Smith wrote in a blog post. Aiming to deliver real-time intelligence about cyber threats to governments, the scheme will extend to the '27 EU member states, as well as EU accession countries, members of the European Free Trade Association (EFTA), the UK, Monaco, and the Vatican,' he added. Microsoft accused the governments of Russia, China, Iran and North Korea of being behind infiltration of European computer networks for espionage and other purposes. Meanwhile cybercriminals are expanding attacks using tools such as ransomware, which encrypts data on victims' computers and demands they fork over cash to unlock it again. Microsoft to invest $400 million in Switzerland on AI, cloud computing 'We see 600 million attacks on our customers every single day,' Smith told reporters in a briefing ahead of the blog post's release, calling cyberdefence a 'multi-billion-dollar expense for customers across Europe'. AI systems can help detect and identify new forms of attack, Smith wrote in his blog post. But Microsoft has seen malicious actors using the technology for everything from researching targets to writing code and 'social engineering' – or convincing human employees to facilitate access by hackers. And 'influence operations' by nation-states 'are increasingly using AI to mislead and deceive' including with convincing 'deepfake' images, audio and video, Smith added. The company itself 'tracks any malicious use of new AI models we release and proactively prevents known threat actors from using' them, he wrote. Microsoft last month helped police across Europe take down large swathes of digital infrastructure supporting an 'infostealing' network, Lumma, that had been gathering sensitive information like passwords and crypto wallets from victims' devices. In future, members of the company's Digital Crimes Unit will be embedded with Europol's cybercrime specialists in The Hague, Smith wrote, part of a broader increase in collaboration with European security forces. Microsoft's cybersecurity effort is part of a wider push to increase its operations in Europe. The drive comes as trade tensions simmer between the EU and the Trump administration in the US, with many voices questioning European firms' strategic dependence on American-made technology.
The Sun
04-06-2025
- Business
- The Sun
Microsoft says to step up AI-powered European cybersecurity
PARIS: US tech giant Microsoft said Wednesday that it would step up its cooperation with European governments against cyber threats, including by deploying AI-powered intelligence gathering. Its new European Security Program 'puts AI at the center of our work as a tool to protect traditional cybersecurity needs,' Microsoft Vice Chairman Brad Smith wrote in a blog post. Aiming to deliver real-time intelligence about cyber threats to governments, the scheme will extend to the '27 EU member states, as well as EU accession countries, members of the European Free Trade Association (EFTA), the UK, Monaco, and the Vatican,' he added. Microsoft accused the governments of Russia, China, Iran and North Korea of being behind infiltration of European computer networks for espionage and other purposes. Meanwhile cybercriminals are expanding attacks using tools such as ransomware, which encrypts data on victims' computers and demands they fork over cash to unlock it again. 'We see 600 million attacks on our customers every single day,' Smith told reporters in a briefing ahead of the blog post's release, calling cyberdefence a 'multi-billion-dollar expense for customers across Europe'. AI systems can help detect and identify new forms of attack, Smith wrote in his blog post. But Microsoft has seen malicious actors using the technology for everything from researching targets to writing code and 'social engineering' -- or convincing human employees to facilitate access by hackers. And 'influence operations' by nation-states 'are increasingly using AI to mislead and deceive' including with convincing 'deepfake' images, audio and video, Smith added. The company itself 'tracks any malicious use of new AI models we release and proactively prevents known threat actors from using' them, he wrote. Microsoft last month helped police across Europe take down large swathes of digital infrastructure supporting an 'infostealing' network, Lumma, that had been gathering sensitive information like passwords and crypto wallets from victims' devices. In future, members of the company's Digital Crimes Unit will be embedded with Europol's cybercrime specialists in The Hague, Smith wrote, part of a broader increase in collaboration with European security forces. Microsoft's cybersecurity effort is part of a wider push to increase its operations in Europe. The drive comes as trade tensions simmer between the EU and the Trump administration in the US, with many voices questioning European firms' strategic dependence on American-made technology.
