FBI Says the Cuba Ransomware Gang Made $43.9 Million from Ransom Payments

The US Federal Bureau of Investigations said today that the operators of the Cuba ransomware have earned at least $43.9 million from ransom payments following attacks carried out this year. From a report: In a flash alert sent out on Friday, the Bureau said the Cuba gang has "compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors." The FBI said it traced attacks with the Cuba ransomware to systems infected with Hancitor, a malware operation that uses phishing emails, Microsoft Exchange vulnerabilities, compromised credentials, or RDP brute-forcing tools to gain access to vulnerable Windows systems. Once systems are added to their botnet, Hancitor operators rent access to these systems to other criminal gangs in a classic Malware-as-a-Service model. While an April 2021 McAfee report on the Cuba ransomware found no connection between the two groups, the FBI report highlights what appears to be a new partnership between MaaS providers and ransomware gangs after other ransomware operations struck similar partnerships throughout 2020.

Whew.

[Narcocide]

Good thing we're witholding internet access and training so they can't figure out how to rob us, right guys? ... guys, right?

Did the scammers use Facebook?

[shanen]

Going for Funny? Or the vacuous Subject award?

Whatever. Mostly comes off sounding racist or bigoted or something, but it might be Poe's Law in action. Just finishing another book on emoji usage including sarcasm signalling. Maybe you need to get two emoji and a cup of coffee? In any case the FP has no Funny mod and if I ever had a mod point to give, I think that one should be "Weak-assed FP". (But my funny bone got chipped long ago, so it might be hilarious. So I just borrowed The Authoritative Calvin and

You know it would help with that?

[rsilvergun]

End the embargo and let Cuba join the international community proper so that we can get extradition treaties. Of course as long as Florida and the electoral college are in play that's damn near impossible.

Re:

[Valgrus Thunderaxe]

And they can return the billions is US assets they seized during the revolution, right? I noticed you didn't mention anything about that in your post.

Re:

[Narcocide]

My guess is nothing they "seized" could be eaten, and you're purposefully missing the point. Starving children make bad neighbors.

Re:

[Narcocide]

No, it makes them steal stuff from you, you dense ingrate.

A few billion dollars

[rsilvergun]

To normalize relations with a major Nation whose locations of immense strategic importance isn't a lot of money. Your obsession with that shows that you're not really thinking in terms of foreign policy

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[MattMann]

do you have any evidence that the Cuba ransomware group is actually in Cuba?

Microsoft platforms make it easier for hackers

[tom_asdf]

The explanation of how hackers get access includes:
- Microsoft Exchange vulnerabilities
- RDP brute-forcing tools to gain access to vulnerable Windows systems

Any business that uses Windows is asking to be hit by hackers.

The other problem for business is stupid staff who get fooled by phishing emails.

Hmm, not bad.

[ThumpBzztZoom]

So what youre saying is that you can make a lot of money off this scam and there are certain places you can just get away with it.

Not sure they thought this press release through.