The Cuba ransomware gang extorted more than $60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned.
The latest advisory is a follow-up to a flash alert released by the FBI in December 2021, which revealed that the gang had earned close to $44 million in ransom payments after attacks on more than 49 entities in five critical infrastructure sectors in the United States. Since, the Cuba ransomware gang has brought in an additional $60 million from attacks against 100 organizations globally, almost half of the $145 million it demanded in ransom payments from these victims.
“Since the release of the December 2021 FBI Flash, the number of U.S. entities compromised by Cuba ransomware has doubled, with ransoms demanded and paid on the increase,” the two federal agencies said on Thursday.
Cuba ransomware actors, which have been active since 2019, continue to target U.S. entities in critical infrastructure, including financial services, government facilities, healthcare and public health, critical manufacturing, and information technology.
In August this year, the gang was linked to a ransomware attack targeting the nation state of Montenegro that targeted government systems and other critical infrastructure and utilities, including electricity, water systems, and transportation. At the time of the attack, the Cuba ransomware gang claimed it had obtained “financial documents, correspondence with bank employees, account movements, balance sheets, tax documents, compensation [and] source code” from Montenegro’s parliament.
Cuba was also linked to a breach of California’s Department of Motor Vehicles in April this year, which saw the attackers compromise California vehicle registration records that contain names, addresses, license plate numbers, and vehicle identification numbers.
FBI and CISA added that the ransomware gang has modified its tactics, techniques, and procedures since the start of the year and has been linked to the RomCom malware, a custom remote access trojan for command and control, and the Industrial Spy ransomware.
The advisory notes that the group — which cybersecurity company Profero previously linked to Russian-speaking hackers — typically extorts victims by threatening to leak stolen data. While this data was typically leaked on Cuba’s dark web leak site, it began selling stolen data on Industrial Spy’s online market in May this year.
CISA and the FBI are urging at-risk organizations to prioritize patching known exploited vulnerabilities, to train employees to spot and report phishing attacks and to enable and enforce phishing-resistant multi-factor authentication.
The release of CISA and the FBI’s advisory comes as the Cuba ransomware gang continues to list new victims on its website. The most recent additions include Generator Power, a U.K.-based generator hire company, and German media monitoring firm Landau Media.
A network of knockoff apparel stores exposed 330,000 customer credit cards
If you recently made a purchase from an overseas online store selling knockoff clothes and goods, there’s a chance your credit card number and personal information were exposed.
Since January 6, a database containing hundreds of thousands of unencrypted credit card numbers and corresponding cardholders’ information was spilling onto the open web. At the time it was pulled offline on Tuesday, the database had about 330,000 credit card numbers, cardholder names, and full billing addresses — and rising in real-time as customers placed new orders. The data contained all the information that a criminal would need to make fraudulent transactions and purchases using a cardholder’s information.
The credit card numbers belong to customers who made purchases through a network of near-identical online stores claiming to sell designer goods and apparel. But the stores had the same security problem in common: any time a customer made a purchase, their credit card data and billing information was saved in a database, which was left exposed to the internet without a password. Anyone who knew the IP address of the database could access reams of unencrypted financial data.
Anurag Sen, a good-faith security researcher, found the exposed credit card records and asked TechCrunch for help in reporting it to its owner. Sen has a respectable track record of scanning the internet looking for exposed servers and inadvertently published data, and reporting it to companies to get their systems secured.
But in this case, Sen wasn’t the first person to discover the spilling data. According to a ransom note left behind on the exposed database, someone else had found the spilling data and, instead of trying to identify the owner and responsibly reporting the spill, the unnamed person instead claimed to have taken a copy of the entire database’s contents of credit card data and would return it in exchange for a small sum of cryptocurrency.
A review of the data by TechCrunch shows most of the credit card numbers are owned by cardholders in the United States. Several people we contacted confirmed that their exposed credit card data was accurate.
TechCrunch has identified several online stores whose customers’ information was exposed by the leaky database. Many of the stores claim to operate out of Hong Kong. Some of the stores are designed to sound similar to big-name brands, like Sprayground, but whose websites have no discernible contact information, typos and spelling mistakes, and a conspicuous lack of customer reviews. Internet records also show the websites were set up in the past few weeks.
Some of these websites include:
If you bought something from one of those sites in the past few weeks, you might want to consider your banking card compromised and contact your bank or card provider.
It’s not clear who is responsible for this network of knockoff stores. TechCrunch contacted a person via WhatsApp whose Singapore-registered phone number was listed as the point of contact on several of the online stores. It’s not clear if the contact number listed is even involved with the stores, given one of the websites listed its location as a Chick-fil-A restaurant in Houston, Texas.
Internet records showed that the database was operated by a customer of Tencent, whose cloud services were used to host the database. TechCrunch contacted Tencent about its customer’s database leaking credit card information, and the company responded quickly. The customer’s database went offline a short time later.
“When we learned of the incident, we immediately contacted the customer who operates the database and it was shut down immediately. Data privacy and security are top priorities at Tencent. We will continue to work with our customers to ensure they maintain their databases in a safe and secure manner,” said Carrie Fan, global communications director at Tencent.
All Raise CEO steps down again
Less than a year after assuming the role, All Raise CEO Mandela SH Dixon has stepped down from her position at the nonprofit. The entrepreneur, who previously ran Founder Gym, an online training center for underrepresented founders, said in a blog post that the decision was made after she realized “being in the field working directly with entrepreneurs everyday” is her passion. Dixon said that she will be exploring new opportunities in alignment with that.
Her resignation is effective starting February 1st, 2023. She will remain an advisor to the Bay Area-based nonprofit.
This is the second chief executive to leave All Raise since it was first founded in 2017. In 2021, Pam Kostka resigned as the helm of the nonprofit to rejoin the startup world as well; Kostka is now an operator in residence and limited partner at Operator Collective, according to her LinkedIn. With Dixon gone, Paige Hendrix Buckner, who joined the outfit as chief of staff nine months ago, will step in as interim CEO. In the same blog post, Buckner wrote that “Mandela leaves All Raise in a strong position, and I’m grateful for the opportunity to continue the hard work of diversifying the VC backed ecosystem.”
Dixon did not immediately respond to comment on the record. It is unclear if All Raise is immediately kicking off a permanent CEO search.
The nonprofit has historically defined its goals in two ways: first, it wants to increase the amount of seed funding that goes to female founders from 11% to 23% by 2030, and, second, it wants to double the percentage of female decision-makers at U.S. firms by 2028.
In previous interviews, Dixon said that the company will work on creating explicit goals around what impact it wants to have for historically overlooked individuals. The data underscores the challenge ahead. Black and LatinX women receive disproportionately less venture capital money than white women; non-binary founders can also face higher hurdles when seeking funding, as All Raise board member Aileen Lee noted in the blog post. The nonprofit has created specific programs for Black and Latinx founders but has not disclosed a specific goal for the cohort yet. These disconnects can be lost if not tracked. All Raise’s last impact report was published in 2020 and they’re working on bringing that analysis back, Lee tells TechCrunch in an interview.
“All Raise is in great hands with Paige as interim leader and we’ve got a lot of exciting things that we’re shaping and scaling,” Lee said. “We have to all continue to link arms to try and continue to make improvements for our industry…we’ve made good progress that we can’t let up.”
Since launch, the nonprofit has raised $11 million in funding, and opened regional chapters in New York, Boston, Los Angeles, Chicago, DC and, soon, Miami.
Shopping app Temu is using TikTok’s strategy to keep its No. 1 spot on App Store
Temu, a shopping app from Chinese e-commerce giant Pinduoduo, is having quite the run as the No. 1 app on the U.S. app stores. The mobile shopping app hit the top spot on the U.S. App Store in September and has continued to hold a highly-ranked position in the months that followed, including as the No. 1 free app on Google Play since December 29, 2022. More recently, Temu again snagged the No. 1 position again on the iOS App Store on January 3 and hasn’t dropped since — even outpacing competitor Shein’s daily installs in the U.S.
Offering cheap factory-to-consumer goods, Temu provides access to a wide range of products, including fast fashion, and pushes users to share the app with friends in exchange for free products, which may account for some of its growth. However, the large majority of its new installs come from Temu’s marketing spend, it seems.
When TechCrunch covered Temu’s rise in November, the app had then seen a little more than 5 million installs in the U.S., according to data from app intelligence firm Sensor Tower, making the U.S. its largest market. Now, the firm says the app has seen 5 million U.S. installs this January alone, up 19% from 4.2 million in the prior 22 days from December 10 through December 31.
According to Sensor Tower estimates, Temu has managed to achieve a total of 19 million lifetime installs across the U.S. App Store and Google Play, more than 18 million of which came from the U.S.
The growth now sees Temu outpacing rival Shein in terms of daily installs. In October, Temu was averaging around 43,000 daily installs in the U.S., the firm said, while Shein averaged about 62,000. In November, Temu’s average daily installs grew to 185,000 while Shein’s climbed to 70,000 and last month, Temu averaged 187,000 installs while Shein saw about 62,000.
The shopping app’s fast rise recalls how the video entertainment platform TikTok grew to become the most downloaded app worldwide in 2021, after years of outsized growth. The video app topped 2 billion lifetime downloads by 2020, including sister app Douyin in China, Sensor Tower said. Combined, the TikTok apps have now reached 4.1 billion installs.
Like Temu, much of TikTok’s early growth was driven by marketing spend. The video app grew its footprint in the U.S. and abroad by heavily leveraging Facebook, Instagram, and Snapchat’s own ad platforms to acquire its customers. TikTok was famously said to have spent $1 billion on ads in 2018, even becoming Snap’s biggest advertiser that year, for instance.
By investing in user acquisition upfront, TikTok was able to gain a following which then improved its ability to personalize its For You feed with recommendations. Over time, this algorithm became very good at recognizing what videos would attract the most interest thanks to this investment, turning TikTok into one of the most addictive apps in terms of time spent. As of 2020, kids and teens began spending more time watching TikTok than they did on YouTube. And earlier this month, Insider Intelligence data indicated all TikTok users in the U.S. were now spending an average of nearly 1 hour per day on the app (55.8 minutes), compared with just 47.5 minutes on YouTube, including YouTube TV.
While Temu is nowhere near TikTok’s sky-high figures, it appears to be leveraging a similar growth strategy. The company is heavily investing in advertising to acquire users, which it uses to personalize the shopping experience. One of Temu’s key features, in fact, is its own sort of For You page that encourages users to browse trending items “Selected for You.” In addition to gamification elements, Temu also puts heavy emphasis on recommending shops and products on its home page, which is informed by its user data.
But the app’s growth doesn’t seem to be driven by social media. While the Temu hashtag (#temu) on TikTok is nearing 250 million views, that’s not really a remarkable number for an app as big as TikTok where something like #dogs has 120.5 billion views. (Or, for a more direct comparison, #shein has 48.3 billion views.) That suggests Temu’s rise isn’t necessarily powered by viral videos among Gen Z users or influencer marketing, but rather more traditional digital advertising.
According to Meta’s ad library, for instance, Temu has run some 8,800 ads across Meta’s various platforms just this month. The ads promote Temu’s sales and its extremely discounted items, like $5 necklaces, $4 shirts, and $13 shoes, among other deals. These ads appear to be working to boost Temu’s installs, allowing the app to maintain its No. 1 slot on the App Store’s “Top Free” charts, which are heavily influenced by the number of downloads and download velocity, among other things.
Of course, having a high number of downloads doesn’t necessarily mean Temu’s app will maintain a high number of monthly active users. Nor does it mean those users won’t churn out of the app after their initial curiosity has been abated. Still, Temu’s download growth saw it ranking as the No. 1 “Breakout” shopping app by downloads in the U.S. for 2022, according to data.ai’s year-end “State of Mobile” report. (Data.ai calculates “Breakout” apps in terms of year-over-year growth across iOS and Google Play.)
Because Temu’s growth is more recent, the app did not earn a position on the Top 10 apps in 2022 in either the U.S. or globally in terms of downloads, consumer spend, or monthly active users, on this report. Instead, most of those spots still went to social media apps, streamers, and dating apps like Bumble and Tinder. The only retailer to find a spot on these lists was Amazon, which was the No. 7 app worldwide by active users and the No. 8 most downloaded in the U.S.
Temu’s marketing investment may not pay off as well as TikTok’s did, though, as other discount shopping apps saw similar growth only to later fail as consumers found that, actually, $2 shirts and jeans were deals that were too good to be true. Wish famously fumbled as consumers grew frustrated with long delivery times, fake listings, missing orders, poor customer service, and other things consumers expect from online retail in the age of Amazon.
Temu today holds a 4.7-star rating on the U.S. App Store, but those ratings have become less trustworthy over the years due to the ease with which companies can get away with fake reviews. Dig into the reviews further and you’ll find similar complaints to Wish, including scammy listings, damaged and delayed deliveries, incorrect orders and lack of customer service. Without addressing these issues, Temu seems more likely to go the way of Wish, not TikTok, no matter what it spends.
Interviews12 months ago
Interview with Jean-Francois Desormeaux, Real Estate Investor
Business News8 months ago
NFTMagazine.com Is Bringing NFTMag Conference 2022 to Miami this Year Says JetSetFly
Technology4 months ago
General Atlantic buys out SoftBank’s 15% stake in edtech Kahoot, now valued at about $152M vs the $215M SoftBank ponied up 2 years ago
Interviews10 months ago
Paying it Forward — Meet Dr. Jonathan Kenigson, the Founder of the World’s Leading Think-Tank in the Quadrivium
Entrepreneurship1 year ago
600% In Under 5 Years, Financial Advisors Grow Business By Podcasting And YouTube
Interviews2 months ago
Interview with Justice Mitchell, A 16-year-old Student-Athlete Who Received a Basketball Scholarship Offer from Pennsylvania University Greater Allegheny
Entrepreneurship11 months ago
Muminovic Benjamin E-commerce on Shopify the Course of the Business Man
Community7 months ago
The Bassnectar Community – It Belongs to All of Us