The New South Wales government has proposed six possible options of how food delivery riders could potentially be protected if they are injured or killed at work.
The proposal is part of a consultation that is being undertaken by the State Insurance Regulatory Authority (SIRA) into what personal injury insurance options can be introduced by food delivery platforms, such as Uber Eats, Menulog, Doordash, HungryPanda, and Deliveroo, for its food delivery riders.
These proposed options have been outlined in a discussion paper [PDF]. These options include requiring gig platforms to provide personal injury insurance for their food delivery riders; establish a scheme to provide a personal injury insurance safety net for food delivery riders; establish a scheme to provide personal injury insurance modelled on motor accident scheme benefits, such as compulsory third party insurance (CTP), or on workers compensation protections; maintain the “status quo” with increased education and awareness about existing personal injury and income protections; or extend the existing workers compensation scheme to cover food delivery riders by deeming them as “workers” for the purpose of workers compensation.
“We want food delivery riders protected so that they do not fall between the cracks of our existing workers compensation and CTP schemes, and other private insurance arrangements,” Minister for Digital and Customer Service Victor Dominello said.
“We must consider the merits of improving injury insurance for the people in our community who deliver food to earn an income.”
The paper also noted that some of the considerations to help identify the best option include the underwriting and service delivery model, the regulatory and financial impact on the food delivery platforms, food outlets, food delivery riders and consumers, and the level of support afforded to food delivery riders providing gig economy food delivery services.
SIRA is now seeking community and industry feedback on the proposed options. Deadline for submissions is May 28.
“The input gathered through the consultation process will be critical to inform SIRA’s advice to the NSW government,” the state government said.
The paper noted that additional public consultations may be undertaken later this year, to “discuss and consider specific design features of any options identified in the current consultation as preferred options”.
“This consultation is open to all fit-for-purpose solutions for gig platforms that prioritise support for food delivery riders in their hour of need,” Dominello said.
“The food delivery sector is ever-expanding, and we need to find a modern and tailored solution to the issues facing this sector.”
Earlier this month, Menulog announced it would give its couriers access to insurance cover, fair pay, leave entitlements, and superannuation, as part of the company’s plans to shift all its food couriers in Australia from working under a contractor model to an employment model.
In February, federal opposition leader Anthony Albanese vowed that the Labor party would legislate job security, pay, and entitlements for gig economy workers as part of its policy pitch that the party would take to the next election.
“It’s time for a national approach. That’s why a Labor government that I lead will consult with state and territory governments, unions, and industry, to develop, where it is practical, portable entitlements for annual leave, sick leave, and long service leave for Australians in insecure work,” he said.
Labor’s plan to take a national approach to protecting gig economy workers answers calls that were made by the Victorian government back in July when it handed down 20 recommendations as part of the state government’s inquiry into the on-demand workforce.
The New South Wales government set up a taskforce at the end of last year to investigate whether improvements need to be made to enhance the safety of gig economy workers. It was prompted after a series of fatalities that involved food delivery riders occurred over a three-month period.
It is, however, unclear when the taskforce will report back on its investigation.
Google beefs up Workspace security with these new features
Google is rolling out new advanced security defender features for Google Workspace to help admins combat cybersecurity threats.
Google is tapping parent company Alphabet’s VirusTotal, a malware research website Google bought in 2012, for a new capability within Google Workspace’s Alert Center.
The Alert Center will now feature real-time alerts with insights about security events in the admin’s domain that are powered by VirusTotal.
The goal is to help reduce the load on admins of security notification noise and provides a unified view of the most critical alerts, according to Google.
VirusTotal in 2018 moved to Alphabet’s Chronicle enterprise cybersecurity division, which is now part of Google Cloud. Chronicle provides cloud-based security information and event management (SIEM) services not unlike Microsoft’s Sentinel SIEM.
The VirusTotal integration helps admins dig deeper into security events and covers supported VirusTotal entities, such as a domain, file attachment hash, or IP address.
This capability follows last week’s release by VirusTotal of VT Augment — a way for displaying VirusTotal in third-party security products such as CrowdStrike’s recent integration of its Falcon product with Google Cloud, including Chronicle, VirusTotal Enterprise and Google Cloud Security Command Center.
Paid VirusTotal subscribers will get richer malware hunting reports, including indicators of compromise to see links between things in the VirusTotal dataset, a threat graph to visualize threat relationships, and crowdsourced reputation information. It also provides information about how malware spreads across geographies based on malware submissions to VirusTotal as well as quick search options.
“No customer information is shared from Google to VirusTotal except when an admin clicks to retrieve a VirusTotal report for a specific entity,” Google says.
“These enhancements are starting to roll out in the coming weeks for Google Workspace Business Plus, Enterprise Standard and Plus, and Education Standard and Plus licenses, and will help empower admins to take an in-depth look at threats and potential abuse to better protect their organizations.”
Google is also offering admins a way of locking down Google Drive accounts that are being misused by insiders.
Admins will be able block another user from sharing any content with you in the future. This control could help when another user within a domain has spammed people or sent abusive content.
Admins can also remove all existing files and folders shared by another user and remove another person’s access to a user’s content, even when information has previously between shared between them.
“User blocking will not only preserve Drive sharings’ helpfulness, but most importantly preserve the safety of Drive users. Drive user blocking controls are rolling out over the next few months,” Google says.
Google is also rolling out more granular controls to help restrict access to Google Workspace resources, including blocking all OAuth 2.0 API access with app access control and new context-aware access for Google mobile and desktop apps. This is meant to address situations where scammers or attackers using apps to trick users into granting access to company data.
App access control gives admins the controls to choose whether to trust, limit, or block access to Google Workspace data.
1Password releases full-featured Linux desktop application
I used to pride myself on being able to remember dozens of complex passwords. But, now I need to remember hundreds of passwords and I just can’t do it. That’s why password managers, such as 1Password, Keeper, and LastPass, are so important. All of which is fine and good… unless you’re running Linux. Now, Agilebits’ 1Password has finally given their customers what they’ve been asking for: A Linux version. After a long beta, the company has released its first Linux edition.
Why? Because Linux’s market share is growing. According to a 2020 Fortune Business Insights report, the Linux market is predicted to grow at a healthy 19.2% growth rate for the next few years. It’s expected to grow from $3.89 billion in 2019 to $15.64 billion by the end of 2027. The Linux desktop is growing because enterprises want to secure their businesses against the ever-growing security threats of today’s IT world. And, of course, that fits in nicely with 1Password’s security goals.
As Jeff Shiner, 1Password CEO said, “1Password for Linux is the latest step in our commitment to enterprise. While 1Password can be utilized by anyone, business or individual, we have seen a real need for robust Linux support – outside of just the browser – in DevOps and IT teams in larger organizations. 1Password for Linux means that the entire organization can be protected irrespective of their device choice.”
But, while the frontend is written in Electron, the heart of the program is written in Rust, the secure systems programming language that’s being widely adopted both in the enterprise and in Linux. The Rust-based ring crypto library powers the program’s end-to-end encryption to keep your data safe.
Besides Linux, 1Password is available on Windows, macOS, Android, and iOS. Its 1Password X web browser extension also works with Chrome, Edge, and Firefox on any platform.
Its main features include the ability to import usernames and passwords from web browsers; two-factor authentication support, and web form fill-out support. The program syncs your data across an unlimited number of devices. Besides these, you can also create and store notes, identities, and credit card information in 1Password.
This new Linux version also brings its own features to the table. These include:
Encrypted browser and desktop integration – 1Password for Linux uses the Linux kernel keyring to establish a fully encrypted connection between 1Password in your browser and 1Password for Linux. That means that if you unlock one, the other will also be unlocked when you switch to it. This is the most advanced browser integration for a password manager available in Linux.
Passwordless unlock – Because 1Password for Linux uses the same authentication mechanisms and APIs provided to all user applications, you can unlock 1Password with your Linux user account, fingerprint sensors, or any other authentication mechanism supported by Pluggable Authentication Modules (PAM).
1Password will work wherever you work – The program is available for all major Linux distributions via signed packages and app stores like Ubuntu’s Snap Store. It’s also compatible with virtually all other distributions through a standard .tar.gz download.
The Linux version also includes new features, which aren’t available yet for Mac or Windows users. These include secure file attachments; Item archiving and deletion features for better document organization; Watchtower Dashboard to monitor and evaluate your password security health; and new sharing details to see who has access to what.
You also don’t have to use passwords with this password manager. 1Password also supports a fingerprint sensor or Yubikey to unlock your computer. If the 2FA key works in your distro, it’ll work in 1Password.
1Password secures your data from end to end. It starts with encrypting your information with AES-GCM-256 authenticated encryption. Your master password itself, which only you have access to, not Agilebits, is further protected by Password-Based Key Derivation Function 2 (PBKDF2). This makes it much harder to brute force your password even if they aim multiple graphics processing units (GPUs) at your security.
You can save your password on 1Password’s servers. Or, you save your information locally and sync it with your own network servers or on Dropbox or iCloud. 1Password claims it only ever holds your data and never looks at it. The company takes privacy seriously.
This, of course, isn’t the only password manager from Linux. Far from it! Other noteworthy, purely open-source managers include Bitwarden, Buttercup, and KeePassXC. But, 1Password easily has the biggest security company behind its password management promise.
Antivirus software, explained
Over the past few years, consumers and enterprises alike have become more aware of the importance of adequate cybersecurity hygiene and the need to be able to recognize common threats online.
Cyberattackers, scam artists, and malware developers have all moved on from the days that a computer infection simply meant an unresponsive PC, advertising pop-ups, and, in the worst-case scenario, the blue screen of death.
Instead, consumers are faced with complex scams and convincing phishing attempts designed to load covert Trojans onto a victim’s device for the purpose of data theft, fake mobile applications that masquerade as cryptocurrency trading apps but will, instead, allow operators to take your money and run, and spyware that will track your every move and action without your knowledge.
Cyberattacks are not just about potentially wreaking havoc on a machine; they may be focused on data theft, surveillance, and sabotage, instead.
As threats have evolved, the defenses required to mitigate the risk of a successful attack have also had to improve.
Technology vendors are constantly working to update their software and tackle vulnerabilities before they are exploited in the wild, governments and non-profits take out television ads to warn us of what to look for in online scams, and companies now offer advanced protection solutions for everything from consumer devices to enterprise networks.
A baseline layer of defense for home systems, however, is antivirus software — and it is recommended you have this software not just on your home PC, but now your mobile device, too.
What is antivirus software?
Antivirus (AV) software is a software package designed to detect, isolate, and remove malicious code (otherwise known as malware) from a computer system.
When active, antivirus software will monitor traffic to and from a device, as well as scan files, applications, and other content.
Many forms of antivirus software will use databases of malicious signatures, built up over time by cybersecurity vendors, to detect suspicious code.
Malware signatures linked to today’s threats are added to a database and provide a digital fingerprint for AV software to check. However, signature-based databases need to be constantly updated as new malware strains are discovered and developers tamper with their creations to avoid detection (or as they release polymorphic malware strains that change their own code signatures over time).
Modern AV software will often also employ heuristic analysis methods to catch as of yet unknown, new, and altered malware strains in the wild.
If a file is matched with or detected as similar to a database entry, the file will be deemed malicious and users will be alerted to a potential infection. Files can then be quarantined for further investigation or deleted entirely.
Applications built with specific behaviors in mind, such as an illegal crack for software built to avoid licensing requirements, are also usually flagged the same way. It should be noted, however, that AV products may sometimes generate false positives.
The terms antivirus and anti-malware are often interchangeable, although antivirus software generally focuses on preventing infections from occurring on your PC or mobile device in the first place, whereas anti-malware solutions may be more geared toward deep scans and malware removal. Both categories, however, are designed to protect computer systems.
AV software may also prevent you from opening and executing suspect files and it may alert you when you visit compromised websites.
Overall, you should consider antivirus software as an active layer of defense against malware and other threats, but an AV solution should not be the only barrier you have in place.
Popular AV software includes products offered by Kaspersky, ESET, Norton, McAfee, Malwarebytes, Bitdefender, and Avast.
Consumers can select free or paid versions — the latter usually including extra, premium features — whereas businesses usually need to pay for a subscription covering the number of devices they need to protect.
Free options may be on a trial basis only or offer basic antivirus protection without advanced features or support.
See also: Best antivirus software in 2021
Do I need antivirus software?
Microsoft Defender is an anti-malware component of modern Windows operating systems, and Apple’s macOS also includes built-in antivirus protection.
However, these solutions on their own are not enough to protect you from modern threats. In addition, our mobile devices are also now at risk of compromise by malware operators, and most AV product vendors offer software to protect not just your PC, but your handset, too.
What can antivirus software do?
Functionality varies depending on what kind of software you choose to use. However, features often include:
- Scanning: Users can perform scans of their devices manually, or set up a schedule for system checks to launch automatically. Alternatively, AV products often offer real-time background scanning capabilities that will check new files, archives, and browser activities for potential threats. Users can select individual files, drives, or full systems that need to be scanned, as well as perform quick scans — which normally take no more than a few minutes — for general ‘health’ checks.
- Web browsing: Real-time monitoring for internet-based threats can be enabled to protect users from phishing attempts, malicious websites, suspicious executable file downloads or execution, unintentional drive-by downloads, and more.
- Firewalls: Modern operating systems will include a firewall, which is a network monitoring system that will block traffic — incoming and outgoing — based on set rules. Unauthorized or suspicious connections can be stopped to prevent intrusion.
- Virtual Private Network (VPN) connections: Some AV products now offer an optional, inbuilt VPN connection. A VPN is not a replacement for an AV product, but rather should be considered a useful addition to hide your IP address, encrypt the communication between you and online services, and prevent both monitoring and tracking by third parties.
- Password managers: Password managers lock up, manage, and generate the passwords used to access online services, and may also auto-fill forms on a user’s behalf. Some AV products now even include a password manager.
- Parental controls: These may include website blocks on adult content and keyword monitoring.
- Junk clean-up, system optimization: Bolt-on AV software features can include cleaning up junk and unnecessary files, therefore freeing up space on your PC or mobile device.
- Payment protection: AV products may include a feature to monitor visits to suspected fake banking or payment provider websites and warn you if you may be about to input your details on a malicious website. In addition, AV products may provide a custom browser window that is isolated and hardened, providing a more secure environment to make online purchases.
- Automatic updates: AV software will automatically upgrade to new versions, and these updates will include changes to signature databases.
- Multiple device protection: Depending on the terms of an AV software license, you may be able to use the same subscription to protect more than one PC or mobile device. This is usually a paid-only option for users.
- Wi-Fi monitoring: An AV product may also watch what Wi-Fi access point your device connects to in order to warn you if it is not secure, such as an open hotspot in public areas or in hotels.
How do machines become infected with malware?
Fraudulent emails, SMS messages, fake websites, and shared resources — such as storage drives or files — can all be used as avenues for malware deployment.
One of the most common avenues for attack is phishing or spam emails that may appear to be from your bank, tax offices, or well-known brands such as Amazon, PayPal, or Facebook.
Fraudsters will often use social engineering tactics to lure victims into clicking suspicious links or falling for these fake emails by trying to generate fear, panic, or greed. For example, they may contain:
- Threats from a tax office demanding payment on pain of a criminal prosecution
- Delivery notices sent from Amazon or PayPal alerts concerning a transaction
- Promises that you have won a prize, money from the lottery, or free cryptocurrency
- Threats to let all of your contacts know what adult websites you have been visiting
- Get rich quick schemes
In the business world, business email compromise (BEC) attacks will often be tailored to relate to HR departments, invoices, and quote inquiries.
If a target falls for a phishing email — which may be sent during a “spray and pray” mass spam campaign or through a tailored, spear-phishing exercise — they may be asked to click a link to a compromised or malicious website containing a payload, or alternatively, the email may contain a malicious attachment such as a Microsoft Word document, in which macros will fetch malware.
Other common infection vectors include:
- Malvertising via internet pop-ups: While technology vendors are clamping down on the older methods to deploy malware — such as pop-ups that claim your PC has been infected with malware — malvertising, the use of fake and malicious ads to drive malware, is still common. Victims may be asked to visit a website and download a file, such as a fake browser plugin or AV solution, that actually executes malware instead.
- Malicious, compromised websites: Malvertising, when served by third-party ad networks, can turn a legitimate domain into a springboard for malware distribution. In the same way, websites that have been compromised — such as through a back-end vulnerability in a content management system (CMS) — may serve visitors malicious packages or may reroute them to other domains owned by attackers.
- Malicious software updates: Cyberattackers are constantly evolving their tactics and techniques for infecting systems, and one relatively new way to do so is by performing a supply-chain attack. Threat actors compromise a central entity, such as a company that develops popular software, and tampers with software updates that are automatically pushed to users. The SolarWinds incident is a recent example of how much havoc this kind of cyberattack can cause. This attack vector is more commonly used to break into company networks.
- Software bundles: Some software may come bundled with malware or unwanted software, such as adware or spyware.
- Shared resources: There are malware variants in the wild that contain wormable functionality, allowing the programs to spread through shared resources including individual files, external storage, and USB drives.
Common online threats and malware to watch out for
The threats that can land on your PC are extensive, ranging from destructive malware to spyware that covertly monitors your activities, adware that constantly serves you adverts during browser sessions, and Potentially Unwanted Programs (PUP), also known as junk or nuisanceware. PUPs may serve ads, slow your PC, or download additional software without your explicit consent.
Malware is a blanket term for different kinds of malicious software, as explained below:
- Virus: A computer virus is designed to latch onto a legitimate file, corrupt it, and self-propagate through devices and emails. They may steal data, damage systems, and maintain persistence on an infected machine by executing every time the legitimate, compromised application runs. Viruses may be polymorphic and change their code to avoid AV programs.
- Worm: Many malware variants now contain “worm” capabilities as part of a wider toolset. However, worms may also be standalone programs that spread through system networks or via email as malicious attachments. A worm is able to propagate once it lands on a vulnerable system and may also be designed to steal data, corrupt files, or degrade PC performance.
- Trojan: A Trojan, or Trojan horse, is a malware variant that is often disguised as a legitimate program. Once installed on a victim’s system, Trojans may establish a backdoor for persistent access, perform surveillance, download and execute additional malware, and steal information. Many Trojans today are focused on the theft of financial data.
- Ransomware: Ransomware has become one of the most potentially damaging types of malware to land on both consumer and enterprise systems. This malware variant will encrypt an infected system, prevent users from accessing their files and services, and will throw up a ransom note, demanding payment in cryptocurrency in return for a decryption key. Some of the worst ransomware incidents impacting businesses to date are the global WannaCry attack, the outbreak at Ireland’s health service, and the closure of Colonial Pipeline’s operations across the United States.
- Spyware: Spyware, also known in its worst forms as stalkerware, is unethical, privacy-invading software that spies on device users, collecting data including — but not limited to — browser activities and logs, email records, contact lists, social media activity, images, video, and VoIP logs. When installed on a mobile device, GPS data, location, and SMS/MMS messages may also be monitored.
- Adware: Legitimate adware may be installed with consent — for example, in return for a copy of otherwise paid-for software. However, abusive variants of adware unscrupulously push adverts to a user’s system in order for its operators to be paid.
- Rootkits: Rootkit malware can be injected into applications, hypervisors, firmware, or the kernel level of an operating system. These bundles of tools may be used to hide the activity of other malware payloads, operate with high privileges, and can often be very difficult to detect. A recent example of rootkit use has been described by Kaspersky under Operation Tunnelsnake.
- Botnets: Botnet-based malware is designed to enslave PCs, mobile devices, and Internet of Things (IoT) devices into a broader network that may have further payloads deployed to ‘slave’ systems, forcing them to become payers in distributed denial-of-service (DDoS) attacks, send spam, and more.
- Hybrid: Today’s malware strains cannot always be cleanly categorized, and they may include modules for different purposes, such as ransomware functionality, backdoors, spyware functions, or the ability to perform fileless attacks.
- Cryptocurrency miners: While not inherently malicious, cybercriminals may deploy cryptocurrency mining software such as XMRig on vulnerable servers and PCs in order to leverage stolen computer resources to covertly mine for coins. These coins are then sent to a wallet controlled by the attacker.
What are the symptoms of a malware infection?
There are a number of changes to your device’s typical behavior that can indicate the existence of malware. These include:
- Poor performance: One of the first indicators that something isn’t quite right on your PC is changes to typical performance levels, such as a high CPU load, freezes, crashing, and lags during browser sessions. If processing speed or performance suddenly changes, this may be an indicator of a malware infection. When it comes to your handset, similar symptoms may occur, such as plummeting battery life, extra heat generation, lags, and crashes. However, you can’t rely purely on CPU or resource usage alone as a sign that you’re infected. Some malware, including cryptocurrency miner strains, will boot out competing malware and manage their resource usage to prevent performance issues — and, therefore, potentially detection.
- Pop-up windows and browser redirection: If you experience unexpected advert bombardment or browser redirection, this may be a sign your sessions are being manipulated.
- PC and device changes: If you find programs suddenly appearing and executing that you are not familiar with, changes to a browser’s home page or search engine, or settings tweaks that you did not make, this could also be an indicator of infection.
- Loss of storage space: If your hard drives are filling up without any known reason, this could mean you have been compromised. This symptom is more common with adware and nuisanceware programs.
- Reports of unusual communication: If friends, colleagues, or associates ask you about emails or messages you have allegedly sent that appear to be suspicious, this could indicate that either your device is compromised or an account belonging to you has been hijacked.
- Locked screens: A typical sign of ransomware, in particular, is the inability to access your system beyond the home screen — on which a ransom note, demanding payment, will be loaded. In these cases, it is likely that your files have been encrypted and cannot be recovered without a ransomware decryptor.
- Existing antivirus solutions: If your existing antivirus software or firewalls have been disabled without warning, this is a common indicator of malware infection.
Do mobile devices need antivirus protection?
Mobile malware is nowhere near as common as PC-based strains, but mobile threats should be treated just as seriously. If allowed access to your handset, mobile malware variants may be able to conduct surveillance (such as in the case of stalkerware apps), download nuisanceware and adware, steal your personal data, harvest credentials used to access mobile banking services, or fleece your bank account by automatically calling or sending messages to premium numbers.
Mobile app repositories including Apple’s App Store and Google Play do have protections in place to stop developers from using them as hosts for malicious apps, but there are cases when either malware slips through the net or benign apps are suddenly updated to push malware. Therefore, a mobile AV product can be invaluable in preventing infections from taking root.
Do I have to pay?
Most antivirus products are either free or based on six-monthly/yearly subscriptions following a trial period, with discounts on offer if you pay for the full term upfront.
Free AV software offered by reputable vendors has all — or most — of the core, basic functionality required for adequate protection of a home PC or mobile device. As with most kinds of free software, however, you will have to endure the occasional pop-up asking you to upgrade and pay.
The most impressive features of modern AV products are kept behind a paywall, but free solutions provided by cybersecurity vendors are not designed to be detrimental to user security — after all, some form of antivirus is better than none. If there are some features that you absolutely must have (such as a VPN, parental controls, multiple device coverage, or payment protection), then most AV solutions are affordable and you should consider signing up.
Businesses, no matter how small, should seriously consider the extra features usually provided by premium, paid-for AV software as an investment rather than a luxury.
What should I look for in an antivirus product?
You should first consider what type of antivirus product suits your needs. Real-time scanners are one of the most useful features of an AV product and you should certainly select one that offers this form of protection. However, adequate security cannot just be based on scans and malware signature databases — they must be constantly updated to remain effective and current, considering that new malware strains are found on a daily basis.
Usability and the potential impact on PC or mobile performance should also be considered. For example, if you are running an older machine, a lightweight AV product may be more suitable than robust, business-grade software.
If you are looking to subscribe to a premium option, it is also important to decide how many devices you need protection for, whether this is just for one PC or a mobile device, or whether or not you need a family plan. You may also want to consider the vendor’s reviews when it comes not just to protection, but also to customer support.
Antivirus products that offer parental controls should be among the top choices for parents who want to manage the content their children are allowed to view online.
What else can I do to protect my computer and mobile device?
No AV product is a catch-all security solution, and so they should be considered an important aspect of protecting your devices alongside general awareness, caution, and in tandem with other security solutions.
- Stay wary: If an email looks suspicious, trust your gut. If you receive a message from what appears to be a trusted source containing a link, for example, visit the organization’s domain directly rather than clicking through.
- Website downloads: Downloading files from dubious websites — such as crack, warez, or pirate domains, is usually asking for trouble.
- Third-party apps: It is generally recommended to only download apps from sources that have their own security mechanisms in place, such as Google Play or the Apple App Store.
- Firewalls: You should keep your operating system’s firewall software enabled at all times.
- Wi-Fi: Public, unsecured Wi-Fi hotspots should be avoided as they may be honeypots or allow threat actors to monitor your activity — and potentially redirect you to malicious websites. Instead, stick to secure spots or mobile connectivity.
- Backups: You should make sure you backup valuable content on your devices frequently. While this won’t protect your system, this practice can help you recover, should the worst happen.
After just 9 months, Darkside ransomware gang brings in $90 million in Bitcoin
A new report from blockchain analytics firm Elliptic has found that the Darkside ransomware group, which has been in the news for its recent attack on the Colonial Pipeline, brought in $90 million in Bitcoin from an estimated 47 victims.
In a blog post on Tuesday, Elliptic co-founder and chief scientist Tom Robinson said the $90 million in ransom payments came from 47 different wallets over the last nine months, indicating that almost half of DarkSide victims paid a ransom. At least 99 organizations have reported being attacked by DarkSide, according to data from DarkTracer.
The figures mean that on average, victims of the group paid about $1.9 million in ransoms, with the peak coming in February. The group brought in more than $20 million in Bitcoin that month and were on track to beat their record in May before they allegedly shut down their operations following the outcry over the Colonial attack.
Elliptic’s research showed that DarkSide’s developers have designed a detailed framework for how ransoms are split.
DarkSide and other ransomware groups have pioneered the ransomware-as-a-service model, where the developers of the malware can effectively outsource the actual hacking and infecting of a target and then split whatever ransom comes in. The practice has democratized ransomware use, allowing less experienced cybercriminals to get in on the scam without any of the technical know-how.
Robinson wrote that the developers of DarkSide take a 25% cut of all ransoms that are less than $500,000 and a 10% cut of ransoms that are more than $5 million. He said it was clear to see how the ransoms were split among different Bitcoin wallets on the blockchain.
The “developer” behind DarkSide has brought in at least $15.5 million while the other $74.7 million has gone to subcontractors or affiliates, according to Robinson.
Elliptic is able to track the money all the way to unregulated cryptoasset exchanges, where the Bitcoin is exchanged for other cryptocurrencies.
While the group made a public show of disbanding last week following increased scrutiny from U.S. law enforcement, many cybersecurity experts were sceptical, noting that it is commonplace for ransomware gangs to close shop only to resurface months later under a new name.
Next Dimension Podcast – Pico Neo 3, PSVR 2, HTC Vive Pro 2 & Vive Focus 3!
Hong Kong in Talks with China to Stretch Cross-Border Testing of Digital Yuan
Online Cybersecurity Certification Programs
Technoblade’s Minecraft settings
Disney’s streaming growth slows as pandemic lift fades, shares fall
Proof-of-Work Cryptocurrencies Spikes After Elon Musk Ditches Bitcoin
Playbase offers an instant solution to organizing simple and cost-effective competitive gaming platforms
Elon Musk on crypto: to the mooooonnn! And back again
MicroStrategy Acquires an Additional 271 Bitcoins for $15 Million
AlphaESS lance de nouveaux produits et programmes au salon Smart Energy Conference & Exhibition de 2021
US pipeline ransomware attack serves as fair warning to persistent corporate inertia over security
Extra Salt, O PLANO secure wins in cs_summit 8 closed qualifier openers
The World’s Most Interesting Boeing 747 Uses
Valorant Error Code VAN 81: How to Fix
CS:GO Update 184.108.40.206 adds several updates to new map Ancient
Shiba Inu (SHIB) Mania, Dogecoin, Tesla’s Bitcoin Halt and Crypto Market Volatility: The Weekly Recap
How Young Entrepreneur Jeff Clayton Is Innovating the Dropshipping Logistics Industry
Understanding dimensionality reduction in machine learning models
Aero-Engine Coating Market to grow by USD 28.43 million|Key Drivers, Trends, and Market Forecasts|17000+ Technavio Research Reports
Tesla Model S Plaid Sets A New 1/4 Mile Record: 9.23 Seconds
Blockchain1 week ago
Yieldly announces IDO
Aviation1 week ago
JetBlue Hits Back At Eastern Airlines On Ecuador Flights
AI7 days ago
Build a cognitive search and a health knowledge graph using AWS AI services
Esports6 days ago
‘Destroy Sandcastles’ in Fortnite Locations Explained
Blockchain6 days ago
Shiba Inu: Know How to Buy the New Dogecoin Rival
Blockchain1 week ago
“Privacy is a ‘Privilege’ that Users Ought to Cherish”: Elena Nadoliksi
Esports1 week ago
Resident Evil Village: Chamber of Solace Full Items List and Locations
Blockchain News1 week ago
Goldman Sachs Managing Director Reportedly Resigns After Making Millions from Dogecoin
Energy1 week ago
ONE Gas to Participate in American Gas Association Financial Forum
Blockchain7 days ago
Meme Coins Craze Attracting Money Behind Fall of Bitcoin
Blockchain6 days ago
Texas House Passes Bill that Recognizes Crypto Under Commercial Law
Blockchain1 week ago
NYC Comptroller Candidate Suggests Crypto Investments as Inflation Hedge