All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Ransomware gang apologizes after accidentally infecting CIS-based oilfield company

By

Jessica Lyons

10d ago· 3 min readenNews
Bagel score 90 of 100
90/100
Golden Brown
Bagelometer

Crackling crust, pillowy middle. The kind of bagel that earns a second cup of coffee.

Score90TypenewsSentimentnegative

Summary

A ransomware affiliate program called Nova (linked to the RAlord crew) accidentally infected Eriell Group, an oilfield services company based in Uzbekistan with a Moscow office. This violated the unwritten rule among ransomware gangs to avoid targeting organizations in Russia or other CIS countries. The group issued a public apology, acknowledging the mistake, which could have serious consequences for the responsible individual, potentially including imprisonment in a Russian gulag. Threat-hunter Dominic Alvieri highlighted the blunder as the "dumbass of the day."

Key quotes

· 3 pulled
Even ransomware cartels make mistakes, and in this case, it was a biggie that could have landed the responsible crim in a Russian gulag
Nova, the affiliate program for ransomware crew RAlord, on Tuesday issued an apology to Eriell Group
You don't infect anyone in Russia or other CIS countries
Snippet from the RSS feed
You don't infect anyone in Russia or other CIS countries

You might also wanna read

Investigating the Identity Behind the Ransomware Group 'The Gentlemen'

A cybercrime group called The Gentlemen has become the second most active ransomware gang by victim count, using an aggressive recruitment s

krebsonsecurity.com·1d ago

German Authorities Identify Russian Hacker "UNKN" as Leader of REvil and GandCrab Ransomware Groups

German authorities have identified and publicly named Daniil Maksimovich Shchukin, a 31-year-old Russian national, as the previously elusive

krebsonsecurity.com·2mo ago

EU Sanctions Fail to Halt Bulletproof Host Stark Industries as It Rebrands and Transfers Assets

A bulletproof hosting provider called Stark Industries Solutions Ltd., which emerged just before Russia's 2022 invasion of Ukraine and becam

krebsonsecurity.com·9mo ago

Dutch Police Arrest Hosting Company Owners for Enabling Russian Cyberattacks on EU

Dutch authorities arrested the co-owners of two hosting companies for operating IT infrastructure used by Russian intelligence agencies to c

krebsonsecurity.com·13d ago

Dutch Police Arrest Hosting Company Owners for Enabling Russian Cyberattacks on EU

Dutch authorities arrested the co-owners of two hosting companies for operating IT infrastructure used by Russian intelligence agencies to c

krebsonsecurity.com·13d ago

Ransomware Defense Trick: Virtual Keyboards Russian Hackers Hate

Ransomware strains have a failsafe that prevents installation on Windows computers with certain virtual keyboards like Russian or Ukrainian,

krebsonsecurity.com·11mo ago

Kaspersky Researchers Document New Infection Chains and IoCs in Notepad++ Supply Chain Attack

Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attack that occurred from Jun

securelist.com·4mo ago