The Number 1 Hack – 60 million to date

Aug 28 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that wishes the cybercriminals would do a public service for once and hack the #StreamyAwards2023 ???????????? Just kidding, just kidding ????

Today’s hottest cybersecurity news stories:

  • ???? Results are clear: MOVEit hack is ‘spear’ of the year w/ 60m confirmed hacks ????????‍????

  • ???? Build-A-Hack: LockBit 3.0 ransomware builder leak triggers deluge of new variants ????

  • ???? Lapsus$ cyber-attacks: the kids AREN’T alright. Teenagers found responsible ????

MOVEit or lose it! ????

???? Largest Hack of 2023: The mass-exploitation of MOVEit Transfer software has become the year's biggest hack, impacting over 1,000 organisations according to Emsisoft. This breach, caused by a zero-day vulnerability, has made it one of the largest in recent history. ????

???? Victim Breakdown: Over 60 million individuals have been impacted, with 83.9% from the US, 3.6% from Germany, 2.6% from Canada, and 2.1% from the UK. ????

???? Notable Victims: Maximus, a US government services contractor, saw 11 million individuals' data compromised, followed by the French government’s unemployment agency affecting up to 10 million people.

Other victims include the Louisiana Office of Motor Vehicles (6 million), Colorado Department of Health Care Policy and Financing (4 million), and the Oregon Department of Transportation (3.5 million). ????

???? Enormous Costs: The hack's estimated total cost exceeds $9.9 billion, as per IBM. Clop ransomware group's potential earnings from this attack could be as high as $100 million, according to Coveware. ????

???? Origins and Bounty: Clop might have been exploring this exploit since 2021. The US State Department offered a $10 million bounty for information on Clop. ????

Government Data: Clop claims not to possess government data, focusing on financial motives. However, this hasn't been verified. ????

Stay informed about this historic hack and its impact! Keep reading our newsletter for updates. ????????????

I came across ZZZ money club during the crypto market bull run when everyone’s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Ooh aah, just a LockBit ????

Ooh aah, LockBit more ????

???? LockBit 3.0 Ransomware Builder Exploited: The leak of the LockBit 3.0 ransomware builder last year has led to new variants by cybercriminals. Kaspersky found a modified version with distinct ransom demands from a group called NATIONAL HAZARD AGENCY.


This group's ransom note specifies the payment amount and uses different communication methods. Other gangs like Bl00dy and Buhti have also leveraged the leaked builder. Kaspersky detected 312 LockBit samples made using the leaked builders, some without "LockBit" in the ransom note.

???? Ransomware Landscape: Ransomware evolves continually, shifting tactics. ADHUBLLKA, a strain rebranded multiple times, targets individuals and small businesses with modest payouts. Ransomware attackers frequently reuse successful samples with slight modifications, targeting weak points.

???? Rising Ransomware Attacks: A surge in ransomware attacks is evident, with Cl0p ransomware breaching over 1,000 organisations via flaws in MOVEit Transfer. US-based entities comprise 83.9% of victims, and the campaign could yield $75-100 million in profits.

???? Fast-Moving Threats: Ransomware gangs act swiftly; the median dwell time dropped to five days in H1 2023 from nine days in 2022. Sophos' report highlights 81% of attacks launching outside work hours, often on Fridays or Saturdays.

Stay vigilant in this dynamic ransomware landscape, true believers. Don’t be a ransom sacrifice! ⛪

????️ Extra, Extra! Read all about it! ????️

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ????The Crypto Nutshell: Crypto News & Expert Predictions all in a nutshell ????

  • ????The Breakthrough: Receive one idea, one question, and one exercise each week that could spark your next breakthrough.

  • ✈️ViaTravelers: Get exclusive travel tips, news, and insider deals right in your inbox.

Let us know what you think!

Just a Lapsus$ in judgement? ????

????️‍♂️ Teenage Hacker Exposed: An 18-year-old, Arion Kurtaj, has been linked to hacking incidents affecting major brands as part of the notorious Lapsus$ group. Deemed unfit to stand trial, a jury found him responsible for the acts, though not guilty with criminal intent.

???? Targeted Brands: Kurtaj breached Nvidia, Uber, BT, and EE, demanding a $4 million ransom from EE after stealing internal files. An accomplice, aged 17, used stolen SIM data from EE customers to take nearly $100,000 from cryptocurrency wallets.

???? Rockstar Games Hack: Kurtaj's last hack, of Rockstar Games, happened while he was on bail in a hotel room. He stole and shared unfinished Grand Theft Auto 6 gameplay clips.

⚖️ Legal Outcome: The 17-year-old accomplice was convicted. Sentencing for both will occur later. Unknown Lapsus$ members remain at large, with some potentially in South America.

???? Lapsus$ Tactics: The group used vishing, SIM swapping, insider involvement, SharePoint site scraping, VPN access, and cloning git repositories to breach Microsoft, Samsung, LG, Okta, Vodafone, and more

See you tomorrow, folks. Hopefully we’ll have news of more high-profile busts for you… But don’t hold your breath! Cybercriminals are slippery bastards. But one can dream.

Peace out, y’all ✌️

So long and thanks for reading all the phish!

Recent articles