Issue #154 - June 16, 2025
- Weekly INK
- Jun 16
- 1 min read
Ransomware Thrives in Shook-Up Criminal Underworld
Source: Data Breach Today
Attacks Tied to SafePay, Qlin, Play and Akira Surge; Scattered Spider Return. It's shake-up season in the ransomware world as old brands have disappeared, forcing an affiliate diaspora and perverse innovation from a criminal underworld in flux.
New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack
Source: Security Week
Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site. With evasion built into the ClickFix code and PowerShell execution undertaken in memory, the presence of ClickFix malware is easily missed.
Scattered Spider Targeting American Insurance Firms
Source: Info Risk Today
Hackers Posing as Help Desks and Call Centers to Target Victims. A hacking collective behind recent cyberattacks on major British retailers has pivoted to target U.S. insurance firms, warned Google.
Scammers Spread False Support Info Using Legitimate Websites
Source: Dark Reading
In a new wrinkle on the tech support scam front, these search parameter injection attacks dupe victims into believing they are receiving technical help when they are actually speaking to fraudsters.
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
Source: The Hacker News
The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.