•   
  •   
  •   

Politics Major Russian hacking group linked to ransomware attack on Sinclair: report

12:20  21 october  2021
12:20  21 october  2021 Source:   thehill.com

MLB reportedly asks for stake in Sinclair’s planned OTT RSN streaming plan, around Diamond Sports’ talks with creditors

  MLB reportedly asks for stake in Sinclair’s planned OTT RSN streaming plan, around Diamond Sports’ talks with creditors Since Sinclair’s August 2019 purchase of the former Fox Sports regional sports networks (they acquired those networks under a subsidiary called Diamond Sports Group, in partnership with Byron Allen’s Entertainment Studios, and rebranded the networks to the Bally Sports brand this January), there’s been a lot of talk about their plans to offer a direct-to-consumer Read more The post MLB reportedly asks for stake in Sinclair’s planned OTT RSN streaming plan, around Diamond Sports’ talks with creditors appeared first on Awful Announcing.

A well-known Russian hacking group previously sanctioned by the United States is behind the crippling ransomware attack on Sinclair Broadcast Group that is continuing to impact news stations across the country, according to a new report.

Major Russian hacking group linked to ransomware attack on Sinclair: report © Getty Images Major Russian hacking group linked to ransomware attack on Sinclair: report

Bloomberg News cited multiple people "familiar with the attack" in reporting that a group known as Evil Corp. was behind the ransomware attack, which occurred late last week and was disclosed by Sinclair both to the Securities and Exchange Commission and to the public on Monday.

White House convenes virtual meeting of countries to counter ransomware

  White House convenes virtual meeting of countries to counter ransomware The White House on Wednesday will convene a virtual meeting on countering ransomware with senior officials representing 30 countries and the European Union, Biden administration officials said, as part of President Biden's effort to work with global partners to address cyber threats.Ministers and senior officials from a range of countries will take part in the virtual meeting, though the attendees do not include representatives from Russia, which has been a key focus of the Biden administration in trying to root out criminal ransomware groups.

According to Bloomberg, the hackers used a malware virus known as Macaw to attack Sinclair. The company confirmed that data had been stolen in the attack, but that it was still working to determine exactly what data was stolen.

The Hill has reached out to Sinclair for comment.

The ransomware attack has wreaked havoc on Sinclair-owned and -operated news stations this week. Sinclair is the second-largest U.S. television station operator, owning or operating around 185 stations.

Sinclair noted Monday that the attack had caused "disruption" to portions of the company, including the provision of local advertisements, stressing that it was "working diligently to restore operations quickly and securely" and that it had engaged the help of an unnamed cybersecurity firm in doing so.

Ransomware attack hits owner of dozens of local news stations

  Ransomware attack hits owner of dozens of local news stations Sinclair Broadcast Group, the parent company of dozens of news stations across the U.S., was hit by ransomware over the weekend. © Provided by NBC News Sinclair said in a news release Monday morning that hackers had used ransomware to encrypt some of its key operational servers, rendering them unusable, and stolen some data.“[T]he event has caused — and may continue to cause — disruption to parts of the Company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers,” the release said.

CNN reported Monday that some TV stations had trouble accessing graphics, phones and video files and that some live segments were being pre-taped.

Evil Corp. was the target of a multiagency effort in 2019 after it was accused of using its Dridex malware to steal more than $100 million from hundreds of banks and financial entities in over 40 countries.

As part of that effort, the Treasury Department issued sanctions against 17 individuals and and seven entities associated with Evil Corp., while the State Department offered a reward of up to $5 million for information that could help capture and convict the group's leader, Maksim Yakubets. The Justice Department also unsealed an indictment against Yakubets.

"Our goal is to shut down Evil Corp, deter the distribution of Dridex, target the 'money mule' network used to transfer stolen funds, and ultimately to protect our citizens from the group's criminal activities," former Treasury Secretary Steven Mnuchin said in a statement at the time.

Sinclair Broadcast Group Says Some of Its TV Stations Hit By Ransomware Attack

  Sinclair Broadcast Group Says Some of Its TV Stations Hit By Ransomware Attack The Hunt Valley, Maryland-based company owns or operates 21 regional sports network and owns, operates or provides services to 185 TV stations in 86 markets.The company, which operates dozens of televisions stations across the country, said that it began investigating the apparent ransomware encryption over the weekend and found that some of its office and operational networks had been impacted.

Evil Corp. is one of multiple Russian-linked hacking groups that has grabbed the spotlight in recent months.

The REvil cybercriminal group was linked to both the ransomware attack in May on meat producer JBS USA and to the July attack on IT group Kaseya, which impacted up to 1,500 other companies. Websites used by REvil went dark in the weeks following the Kaseya attack, ahead of a planned law enforcement operation against the group.

The DarkSide group, also believed to be based in Russia, was linked to the ransomware attack on Colonial Pipeline in May that led to fuel shortages in several states, which also went offline following the incident.

A coalition of federal agencies earlier this week put out an alert warning that the BlackMatter ransomware group targeting agricultural groups is "a possible rebrand of DarkSide."

The Biden administration has taken steps to attempt to curtail Russian-linked malicious cyber activity, including with President Biden urging Russian President Vladimir Putin to crack down on cybercriminal groups operating in Russia during an in-person meeting in June.

NRA hit by Russian-linked ransomware attack: reports .
The National Rifle Association (NRA) has been hit by a ransomware attack, becoming the latest victim of a massive spike in these attacks this year, according to multiple reports Wednesday.NBC News reported that a Russian cybercriminal group known as Grief posted files on its website on the dark web on Wednesday that it claimed to have stolen from the NRA.Experts told NBC News that Grief was likely a rebrand of the cyber criminal group Evil Corp, which was linked last week to the ransomware attack on Sinclair Broadcast Group. Multiple U.S.

usr: 1
This is interesting!