www.techtosee.com
Open in
urlscan Pro
2606:4700:3037::ac43:c68f
Public Scan
URL:
https://www.techtosee.com/hellokitty-ransomware-adds-ddos-attacks-to-extortion-tactics/?feed_id=9875&_unique_id=6180102da9231
Submission: On November 03 via api from GB — Scanned from GB
Submission: On November 03 via api from GB — Scanned from GB
Form analysis 4 forms found in the DOM
GET https://www.techtosee.com/
<form method="get" class="td-search-form" action="https://www.techtosee.com/">
<div class="td-search-close">
<a href="#"><i class="td-icon-close-mobile"></i></a>
</div>
<div role="search" class="td-search-input">
<span>Search</span>
<input id="td-header-search-mob" type="text" value="" name="s" autocomplete="off">
</div>
</form>GET https://www.techtosee.com/
<form method="get" class="tdb-search-form" action="https://www.techtosee.com/">
<div role="search" class="tdb-search-form-inner"><input id="tdb-search-form-input" class="tdb-search-form-input" type="text" value="" name="s">
<div class="tdb-search-form-border"></div><button class="wpb_button wpb_btn-inverse tdb-search-form-btn" aria-label="Search" type="submit"><i class="tdb-search-form-btn-icon td-icon-search"></i><span>Search</span></button>
</div>
</form>POST #
<form action="#" method="post">
<div class="td-login-inputs"><input class="td-login-input" autocomplete="username" type="text" name="login_email" id="login_email" value="" required=""><label for="login_email">your username</label></div>
<div class="td-login-inputs"><input class="td-login-input" autocomplete="current-password" type="password" name="login_pass" id="login_pass" value="" required=""><label for="login_pass">your password</label></div>
<input type="button" name="login_button" id="login_button" class="wpb_button btn td-login-button" value="Login">
</form>POST https://www.techtosee.com/wp-comments-post.php
<form action="https://www.techtosee.com/wp-comments-post.php" method="post" id="commentform" class="comment-form" novalidate="">
<div class="clearfix"></div>
<div class="comment-form-input-wrap td-form-comment"><textarea autocomplete="new-password" placeholder="Comment:" id="comment" name="dfe98d1c8e" cols="45" rows="8" aria-required="true"></textarea><textarea id="ac1ceda5206ccb6700daad673b68f09c"
aria-hidden="true" name="comment" autocomplete="new-password"
style="padding:0 !important;clip:rect(1px, 1px, 1px, 1px) !important;position:absolute !important;white-space:nowrap !important;height:1px !important;width:1px !important;overflow:hidden !important;" tabindex="-1"></textarea>
<script data-noptimize="" type="text/javascript"
src="data:text/javascript;base64,ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoImNvbW1lbnQiKS5zZXRBdHRyaWJ1dGUoImlkIiwiYWMxY2VkYTUyMDZjY2I2NzAwZGFhZDY3M2I2OGYwOWMiKTtkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiZGZlOThkMWM4ZSIpLnNldEF0dHJpYnV0ZSgiaWQiLCJjb21tZW50Iik="
defer=""></script> <label for="comment" class="is-visually-hidden">Comment:</label>
<div class="td-warning-comment">Please enter your comment!</div>
</div>
<div class="comment-form-input-wrap td-form-author">
<input class="" id="author" name="author" placeholder="Name:*" type="text" value="" size="30" aria-required="true">
<label for="author" class="is-visually-hidden">Name:*</label>
<div class="td-warning-author">Please enter your name here</div>
</div>
<div class="comment-form-input-wrap td-form-email">
<input class="" id="email" name="email" placeholder="Email:*" type="text" value="" size="30" aria-required="true">
<label for="email" class="is-visually-hidden">Email:*</label>
<div class="td-warning-email-error">You have entered an incorrect email address!</div>
<div class="td-warning-email">Please enter your email address here</div>
</div>
<p class="comment-form-cookies-consent">
<input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes">
<label for="wp-comment-cookies-consent">Save my name, email, and website in this browser for the next time I comment.</label>
</p>
<p class="comment-subscription-form"><input type="checkbox" name="subscribe_comments" id="subscribe_comments" value="subscribe" style="width: auto; -moz-appearance: checkbox; -webkit-appearance: checkbox;"> <label class="subscribe-label"
id="subscribe-label" for="subscribe_comments">Notify me of follow-up comments by email.</label></p>
<p class="comment-subscription-form"><input type="checkbox" name="subscribe_blog" id="subscribe_blog" value="subscribe" style="width: auto; -moz-appearance: checkbox; -webkit-appearance: checkbox;"> <label class="subscribe-label"
id="subscribe-blog-label" for="subscribe_blog">Notify me of new posts by email.</label></p>
<p class="form-submit"><input name="submit" type="submit" id="submit" class="submit" value="Post Comment"> <input type="hidden" name="comment_post_ID" value="54068" id="comment_post_ID">
<input type="hidden" name="comment_parent" id="comment_parent" value="0">
</p>
</form>Text Content
* The Latest * Search * Popular * 2021 * Top stories Search TechToSee Select LanguageAfrikaansAlbanianArabicArmenianAzerbaijaniBasqueBelarusianBulgarianCatalanChinese (Simplified)Chinese (Traditional)CroatianCzechDanishDutchEnglishEstonianFilipinoFinnishFrenchGalicianGeorgianGermanGreekHaitian CreoleHebrewHindiHungarianIcelandicIndonesianIrishItalianJapaneseKoreanLatvianLithuanianMacedonianMalayMalteseNorwegianPersianPolishPortugueseRomanianRussianSerbianSlovakSlovenianSpanishSwahiliSwedishThaiTurkishUkrainianUrduVietnameseWelshYiddishBengaliBosnianCebuanoEsperantoGujaratiHausaHmongIgboJavaneseKannadaKhmerLaoLatinMaoriMarathiMongolianNepaliPunjabiSomaliTamilTeluguYorubaZulu Powered by Translate Powered by Translate * The Latest * Search * Popular * 2021 * Top stories TechToSeeThe Top Technology News and Review Select LanguageAfrikaansAlbanianArabicArmenianAzerbaijaniBasqueBelarusianBulgarianCatalanChinese (Simplified)Chinese (Traditional)CroatianCzechDanishDutchEnglishEstonianFilipinoFinnishFrenchGalicianGeorgianGermanGreekHaitian CreoleHebrewHindiHungarianIcelandicIndonesianIrishItalianJapaneseKoreanLatvianLithuanianMacedonianMalayMalteseNorwegianPersianPolishPortugueseRomanianRussianSerbianSlovakSlovenianSpanishSwahiliSwedishThaiTurkishUkrainianUrduVietnameseWelshYiddishBengaliBosnianCebuanoEsperantoGujaratiHausaHmongIgboJavaneseKannadaKhmerLaoLatinMaoriMarathiMongolianNepaliPunjabiSomaliTamilTeluguYorubaZulu Search * The Latest * Search * Popular * 2021 * Top stories Sign in Welcome! Log into your account your username your password Forgot your password? Get help Privacy Policy Password recovery Recover your password your email A password will be e-mailed to you. HELLOKITTY RANSOMWARE ADDS DDOS ATTACKS TO EXTORTION TACTICS By Editorial Staff© 2 days ago Share Facebook Twitter Pinterest WhatsApp Linkedin ReddIt Email LINE Viber Print Tumblr Telegram Mix VK Digg Naver The US Federal Bureau of Investigation (FBI) sent a flash alert warning private industry partners that the HelloKitty ransomware gang (aka FiveHands) has added Distributed Denial of Service (DDoS) attacks to its arsenal extortion tactics. In a Friday notification coordinated with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI said the ransomware group would remove the official websites of their victims during DDoS attacks if they did not comply with the ransom demands. HelloKitty is also known to steal sensitive documents from victims’ compromised servers before encrypting them. The exfiltrated files are then used as leverage to pressure victims to pay the ransom under the threat of disclosing the stolen data online at a data breach site. “In some cases, if the victim does not respond quickly or pay the ransom, the threat authors will launch a Distributed Denial of Service (DDoS) attack on the victim company’s public website,” the FBI said. . “The Hello Kitty / FiveHands actors demand variable Bitcoin (BTC) ransom payments that appear to be appropriate for each victim, based on their assessed ability to pay it. If no ransom is paid, the threat actors will post. victim’s data on the Babuk. bin site payload) or sell it to a third-party data broker. “ Group ransomware operators will use multiple methods to breach target networks, including compromised credentials and recently patched security holes in SonicWall products (e.g. CVE-2021-20016, CVE-2021-20021 , CVE-2021-20022, CVE-2021-2002). WHO IS HELLOKITTY? HelloKity is a human-operated ransomware operation, active since November 2020 and first observed by the FBI in January 2021. The gang is best known for violating and encrypting Projekt Red CD systems in February and claim to have stolen the source code for Cyberpunk 2077, Witcher 3, Gwent, and other games. HelloKitty later claimed that someone purchased the stolen files from CD Projekt Red, although this was never confirmed. Since at least July 2021, the ransomware gang has also been observed using a Linux variant that targets VMware’s ESXi virtual machine platform. They are just one of many ransomware gangs targeting Linux servers after corporate targets migrated to using virtual machines for more efficient use of resources and easier device management. By targeting their virtual machines, ransomware operators can now encrypt multiple servers simultaneously, with a single command, saving time and effort. HelloKitty ransomware submissions (ID Ransomware) Based on the submissions made by their victims on the ID Ransomware platform, HelloKitty significantly increased its activity in July and August, immediately after starting to use the Linux variant in the attacks. HelloKitty ransomware or its variants have also been used under other names including DeathRansom and Fivehands. The FBI also shared a large collection of Indicators of Compromise (IOC) in its alert to help cybersecurity professionals and system administrators guard against coordinated attack attempts by the HelloKitty ransomware gang. * Zoom security issues: Everything that’s gone wrong (so far) * Ransomware week – September 3, 2021 * Best website builder of 2021: In-depth reviews of 50+ services * Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws * Ransomware gang encrypts VMware ESXi servers with Python script Editor's Suggestion: 1. Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws 2. Best DDoS Protection of 2021 3. Microsoft October 2021 Patch Tuesday fixes 4 zero-days, 71 flaws 4. Ransomware week – September 3, 2021 5. Ransomware week – October 29, 2021 6. Researchers list vulnerabilities exploited by ransomware gangs 7. VoIP.ms phone services disrupted by DDoS extortion attack 8. Ransomware week – October 22, 2021 9. DDoS attacks against Russian companies nearly tripled in 2021 LEAVE A REPLY CANCEL REPLY Comment: Please enter your comment! Name:* Please enter your name here Email:* You have entered an incorrect email address! Please enter your email address here Save my name, email, and website in this browser for the next time I comment. Notify me of follow-up comments by email. Notify me of new posts by email. Previous articleAll cricket wireless plans just got supercharged with 5G Next articleLow-cost, high-performance machine learning infrastructure accelerates cloud innovation MOST POPULAR Read more DISNEY PLUS DEVICES: ON WHICH PLATFORMS CAN I WATCH DISNEY PLUS? September 16, 2021 CYBERPUNK 2077’S NEXT-GEN RELEASE SLATED FOR LATE 2021 September 1, 2021 DOWNLOAD KMPLAYER 2021.08.26.12 | TECHTOSEE August 30, 2021 View All RECENT ARTICLE Read more NINTENDO TO MISS SWITCH’S ANNUAL PRODUCTION TARGET BY 20% DUE TO COMPONENT SHORTAGE 12 mins ago DRONE-LIKE ‘FLYING CAR’ TAKES A STEP TOWARDS COMMERCIALIZATION 31 mins ago View All TRENDING THIS WEEK BUSINESS LEADERS IN INDIA MOST CONFIDENT IN ASIA-PACIFIC TO LEAD A DISTRIBUTED WORKFORCE: REPORT 6 days ago BEST 2021 GAMING KEYBOARD FOR ALL BUDGETS AND GAMING GENRES 5 days ago SHOULD I GET A GOPRO SUBSCRIPTION DURING BLACK FRIDAY? 3 days ago Load more * Search * About * Contact * Privacy Policy * Terms of Use * Do not sell my info TechToSee Facebook Instagram Linkedin Pinterest Tumblr Twitter © 2021 TechToSee. All Rights Reserved. ORIGINAL TEXT Contribute a better translation -------------------------------------------------------------------------------- ORIGINAL TEXT Contribute a better translation --------------------------------------------------------------------------------