Hundreds arrested after police infiltrate secret criminal phone network
An encrypted messaging service used exclusively by criminals has been infiltrated by police in a major operation, leading to hundreds of arrests and the seizure of firearms, drugs, and millions of dollars in cash.

Use three PIN-codes for different situations to protect data in SafeUM.

1. ACCESS PIN-code gives full access to the application

2. If you enter FAKE PIN-code all encrypted chats will be hidden.

3. DESTRUCTING PIN-code deactivates the account without any possibility to recover it 

Enjoy truly secure messaging with SafeUM.

The army of those who want to spy on our lives and know more about each of us is getting bigger every day. Marketers, governments, hackers…

You can and have to protect your personal correspondence, chats and communication from spying eyes and ears. Secure messenger SafeUM is a professional solution to protect your privacy. Download SafeUM now and be sure the phrase “this is not a phone conversation” is no longer relevant. 

Malwarebytes is warning users of a trail run of a variant of DetoxCrypto ransomware that is imitating the security vendor's software. Researchers said there are a couple files of the ransomware going around although they are all broken in terms of functionality, download ability, and dropper URL, although there is no doubt that a fully functional version will appear in the near future.

It was also noted that the sample doesn't encrypt files which further suggests it may be a trial run or just a poorly coded malware, researchers said. The imitation file contains a type and misspells the firm's name as “Malwerbyte” which makes it easy to spot out as a fake.

Analysts and researchers agree that 2016 is the year when ransomware went really big. Cyber-crooks didn’t need much time to see the potential value of cryptolockers, and they readily added ransomware to their arsenals.

To give you an idea of the profitability, Cisco researchers reported in 2015 that a single Angler exploit kit brings cyber-criminals profits of up to $60 million annually, or on average $5 million every month! Hackers recently started focusing more attention on enterprises and organizations in possession of valuable data: Lately, a number of US hospitals became victims of ransomware attacks.

The most recent version of the CryptXXX ransomware came with lots of changes, among which the most important is an infostealer module that can dump and steal passwords from various applications on the infected machine.

Called StillerX, this module was seen part of CryptXXX, detected by Proofpoint for the first time on May 26. The US security firm says that this CryptXXX version comes with lots of new features, but StillerX makes it more dangerous than before. StillerX works just like classic password dumpers, also known as infostealers. CryptXXX's StillerX module is capable of targeting all sorts of software.

Microsoft has released an alert warning about a new ransomware variant called ZCryptor, which comes with the ability to self-propagate via removable and network drives. Microsoft 's security team took note of the new wave of infections.

“We are alerting Windows users of a new type of ransomware that exhibits worm-like behavior,” Microsoft's Malware Protection Center alert reads. “This ransom leverages removable and network drives to propagate itself and affect more users.” The company says that crooks use fake installers, along with macro-based booby-trapped Office files to distribute the Zcryptor ransomware.

CryptXXX is a new ransomware variant discovered during the past weeks, which, besides encrypting the user's data, is also capable of stealing Bitcoin from infected targets, along with passwords and other personal details, security researchers from Proofpoint have found.

Security experts say the ransomware is distributed via Web pages that host the Angler exploit kit. This crimeware kit uses vulnerabilities to push the Bedep click-fraud malware on the users' systems. Bedep is also known for having "malware downloading" capabilities, so it will download the CryptXXX ransomware as a second-stage infection, dropping it as a delayed execution DLL, set to wait 62 minutes before launching.

Strains of ransomware have been detected on Joomla domains, revealing a disturbing evolution of the malware's attack vectors. According to Brad Duncan, attacks based on the "admedia" campaign have shifted from the traditional target of websites supported by the WordPress content management system, and instead, have graduated to also hunt down vulnerable Joomla CMS Web domains.

The strings revealed an admedia iframe injection which led not only to the installation of multiple backdoors, but the admedia malicious domains generated on these sites sent unwitting visitors to an exploit kit containing the TeslaCrypt ransomware.