Websites around the world are being impacted by a new widespread data extortion scheme by Team Montesano claiming to have compromised their servers and asking $2,500 to prevent data leaks, BleepingComputer reports.
Non-targeted emails with the subject line "Your website, databases and emails has been hacked" have been sent by the attackers across various verticals, including government entities, large corporations, and personal bloggers. Such extortion emails which contain warnings of data leaks, reputational damage, and site blacklisting should recipients refuse to pay the ransom have also been sent to Have I Been Breached creator Troy Hunt and BleepingComputer reporter Ax Sharma.
The extortion message also details that sensitive data has been accessed and exfiltrated by attackers after identifying and leveraging several website and company computer vulnerabilities.
BleepingComputer noted that two bitcoin addresses are currently being used by the attackers for the scheme, with one of the addresses showing transactions that signify potential payment of extortion demands.
Ukrainian hacktivist operation IT Army has taken responsibility for a significant distributed denial-of-service attack against Russian local airline booking system Leonardo, which is used by over 50 Russian carriers, according to The Record, a news site by cybersecurity firm Recorded Future.
New attacks with the updated SysUpdate toolkit have been deployed by Chinese advanced persistent threat operation Budworm, also known as APT27, Emissary Panda, Bronze Union, Lucky Mouse, Iron Tiger, and Red Phoenix, against an Asian government and a Middle East-based telecommunications provider, reports The Hacker News.
Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.