Fixing an iOS vulnerability, rising interference with Runet freedom, and other cybersecurity developments

We have compiled the week’s most important cybersecurity news.

Chainalysis: in 2021 ransomware operators received $602 million in cryptocurrency from victims

Over 2020–2021, ransomware operators received from their victims around $1.3 billion in cryptocurrency. This is according to data from Chainalysis.

In 2020, attackers netted more than $692 million, and last year $602 million. Experts note that this amount is not final and is likely to rise as investigations continue.

The leading ransomware operators by earnings were Conti, earning at least $180 million. The group is linked to Russia and offers RaaS services.

The average payment exceeded $118,000 in 2021, compared with $88,000 in 2020 and $25,000 in 2019. One reason for the rise, according to analysts, is the concentration of hackers on attacks against large organisations.

Most ransomware operators laundered stolen funds through centralized exchanges.

Earlier Chainalysis reported that in 2021 attackers targeting the cryptocurrency industry stole a record $14 billion.

Apple released updates for iOS and iPadOS fixing a vulnerability

Apple announced updated iOS 15.3.1 and iPadOS 15.3.1 with the security issue in the WebKit engine fixed.

The vulnerability allowed arbitrary code execution and could be actively exploited by attackers.

Experts report 450,000 cases of internet freedom interference in Russia

In 2021, analysts at the Net Freedoms project recorded 450,000 cases of internet freedom interference in Russia. This was one and a half times higher than in 2020.

The vast majority of incidents relate to information suppression on various grounds, as well as blocking individual pages, sites and IP addresses.

Researchers noted that this year Russian authorities have taken a serious approach to regulating social networks. The registry of foreign IT companies includes major platforms, messaging apps and streaming services:

“This means that each service is legally one step away from being slowed or blocked, as happened with Twitter. Installing equipment on telecommunications networks to isolate the Runet (ТСПУ) already makes this possible”.

For failing to remove content and localise user data, companies were fined a total of 9.4 billion rubles.

Signal users gained the ability to change number without losing chats

The privacy-focused messenger Signal added the ability to change phone numbers without losing chats, groups and messages.

The “Change number” feature in the account settings will preserve your profile and all existing messages on the device. Contacts will be notified that the user’s number has changed.

Unknown published decrypt keys for Maze, Egregor and Sekhmet ransomware victims

On the publication forum Bleeping Computer, an unknown user published decrypt keys for files compromised during Maze, Egregor and Sekhmet ransomware attacks.

The user who posted the keys claims to have been one of the developers of all three ransomware programs. He also called the publication a “planned leak” that has nothing to do with recent arrests of hackers from various groups.

He also stated that none of the members of his hacker group will ever return to ransomware development, and all source codes have been destroyed.

UK Foreign Office hit by a serious cybersecurity incident

The United Kingdom’s Foreign, Commonwealth and Development Office (FCDO) was struck by a “serious cybersecurity incident”. TechCrunch reports citing government procurement documents.

Details remain undisclosed. The FCDO was forced to engage BAE Systems Applied Intelligence to investigate the incident, paying more than £467,000 for the work.

Also on ForkLog:

• LockBit ransomware operators reported the theft of data from more than 100,000 PayBito exchange customers.
• The hacker drained $4.3 million from the Meter cross-chain bridge.
• The privacy-focused project Aleo raised $200 million.
• US authorities confiscated $3.6 billion in bitcoin, stolen from Bitfinex. Those involved in the exchange’s stolen assets were found thanks to the shutdown of AlphaBay.
• Hackers attacked the DeFi protocol Dego Finance.
• Russian police shut down access to four dark-web sites with revenues of $263 million.
• The Optimism team paid more than $2 million for a reported vulnerability.
• In the UN’s words, North Korea finances nuclear programs through attacks on bitcoin exchanges.

What to read this weekend?

Find out how the rise in ransomware attacks could affect the cryptocurrency industry in ForkLog’s exclusive.

Read ForkLog’s bitcoin news on our Telegram — cryptocurrency news, rates and analysis.