The FBI, CISA, and the U.S. Treasury Department are warning that North Korean state-sponsored hackers are using ransomware to target healthcare and public health sector organizations across the United States.
In a joint advisory published Wednesday, the U.S. government agencies said they had observed North Korean-backed hackers deploying Maui ransomware since at least May 2021 to encrypt servers responsible for healthcare services, including electronic health records, medical imaging, and entire intranets.
“The FBI assesses North Korean state-sponsored cyber actors have deployed Maui ransomware against Healthcare and Public Health Sector organizations,” the advisory reads. “The North Korean state-sponsored cyber actors likely assume healthcare organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health. Because of this assumption, the FBI, CISA, and Treasury assess North Korean state-sponsored actors are likely to continue targeting [healthcare] organizations.”
The advisory notes that in many of the incidents observed and responded to by the FBI, the Maui ransomware caused disruption to healthcare services “for prolonged periods.”
Maui was first identified by Stairwell, a threat-hunting startup that aims to help organizations determine if they have been compromised, in early-April 2022. In an analysis of the ransomware, Stairwell principal reverse engineer Silas Cutler notes that Maui lacks many of the features commonly seen with tooling from ransomware-as-a-service (RaaS) providers, such as an embedded ransom note or automated means of transmitting encryption keys to attackers. Rather, Stairwell concludes that Maui is likely manually deployed across victims’ networks, with remote operators targeting specific files they want to encrypt.
North Korea has long used cryptocurrency-stealing operations to fund its nuclear weapons program. In an email, John Hultquist, vice president of Mandiant Intelligence, said that as a result “ransomware is a no-brainer” for the North Korean regime.
“Ransomware attacks against healthcare are an interesting development, in light of the focus these actors have made on this sector since the emergence of COVID-19. It is not unusual for an actor to monetize access which may have been initially garnered as part of a cyber espionage campaign,” said Hultquist. “We have noted recently that North Korean actors have shifted focus away from healthcare targets to other traditional diplomatic and military organizations. Unfortunately, healthcare organizations are also extraordinarily vulnerable to extortion of this type because of the serious consequences of a disruption,” he added.
The advisory, which also includes indicators of compromise (IOCs) and information on tactics, techniques and procedures (TTPs) employed in these attacks to help network defenders, urges organizations in the healthcare industries to strengthen their defenses by limiting access to data, turning off network device management interfaces, and by using monitoring tools to observe whether Internet of Things devices have become compromised.
“The FBI, along with our federal partners, remains vigilant in the fight against North Korea’s malicious cyber threats to our healthcare sector,” said FBI Cyber Division assistant director Bryan Vorndran. “We are committed to sharing information and mitigation tactics with our private sector partners to assist them in shoring up their defenses and protecting their systems.”
The U.S. government’s latest warning follows a spate of high-profile cyberattacks targeting healthcare organizations; University Medical Center Southern Nevada was hit by a ransomware attack in August 2021 that compromised files containing protected health information and personally identifiable information, and Eskenazi Health said in October that cybercriminals had access to their network for almost three months. Last month, Kaiser Permanente confirmed a breach of an employee’s email account led to the theft of 70,000 patient records.
Q3 outlook forecasts cloudy days ahead for fintech M&A – TechCrunch
Welcome to The Interchange! If you received this in your inbox, thank you for signing up and your vote of confidence. If you’re reading this as a post on our site, sign up here so you can receive it directly in the future. Every week, I’ll take a look at the hottest fintech news of the previous week. This will include everything from funding rounds to trends to an analysis of a particular space to hot takes on a particular company or phenomenon. There’s a lot of fintech news out there and it’s my job to stay on top of it — and make sense of it — so you can stay in the know. — Mary Ann
Last week, Paystand — a blockchain-enabled B2B payments startup — announced it had acquired Mexican fintech Yaydoo — creating a new unicorn in the resulting new entity.
Execs from the two startups say the combined company will have processed over $5 billion in payments and built a network of over 500,000 connected businesses by creating B2B DeFi payment networks in both the U.S. and Mexico.
In announcing the deal, they said: “DeFi-enabled B2B payment networks that are on chain can unlock transformative working capital efficiencies, and make financial services more fair and open, especially in developing markets like LATAM.”
Paystand CEO Jeremy Almond told me over email that combined revenues have been growing at over 100% year over year since inception. In particular, he said Paystand has experienced over 700% revenue growth in the last three years. The company has raised over $86 million over its lifetime and counts NewView Capital and SoftBank’s SB Opportunity Fund among its backers.
Meanwhile, Yaydoo has raised over $20 million from investors such as Base10 Partners, monashees, SB Opportunity Fund and Leap Global Partners.
With nearly 400 employees, the combined company will “have a very unique ability to transform entire B2B Payments ecosystems in each country we operate because of our combined scale and access to resources,” wrote Yaydoo CEO Sergio Almaguer in an email.
“Today the U.S. has a legacy, centralized financial infrastructure that needs to be disrupted and re-imagined by fintechs with blockchain technology. However, in emerging markets like LATAM, the basic financial infrastructure for B2B payments is either missing or not accessible by businesses of all sizes,” added Almond, noting that the payments tech ecosystem in LATAM is generally 10–15 years behind that in the U.S. Fintechs like Paystand + Yaydoo have a huge opportunity to build next-gen payments tech infrastructure from the ground up.”
Notably, word on the street is that Payday is now eyeing an IPO.
We haven’t been hearing about too many M&As as of late, so this deal caught our eye. It also is a good lead-in to talk about some recent M&A data we got our hands on.
Unsurprisingly, dealmaking in financial services declined in the second quarter due to macroeconomic headwinds, according to a recent KPMG US report. Aggregate deal volume fell 30.9%, to 1,442 from 2,087 in the first quarter, and deal value dropped 14.8%, to $163 billion from $191 billion.
Bob Ruark, principal and banking and fintech strategy leader for KPMG US, noted that pricing is difficult now given the rapid decline in valuations. As he pointed out, pricing in some fintech categories dropped almost 60% according to Pitchbook, and digital and crypto companies are down over 65%.
“We are starting to see some of the public market valuations impact private market valuations. We have seen several high-profile companies raising new money at much lower valuations, which shows this is starting to happen,” Ruark said. “Klarna recently raised $800 million at a $6.7 billion valuation, which is 85% below its June 2021 raise…As prices and valuations stabilize, we will see deals ramp back up.”
On the bright side, the fact that VCs are more discriminating about where they put their dollars could actually lead to more M&A activity, according to Ruark.
“There is plenty of money available, but investors are looking for stronger performance, profitable performance. That is one reason why a number of VC firms have told their portfolio companies to focus on performance and cut costs,” he told TechCrunch. “Given a large number of startups will not generate a profit near and are cash-flow negative in the near term, they will have to raise more capital in a difficult environment. As a result, they may have to sell.”
What about the acquisitions that are still taking place? Most of those are product buys to drive or accelerate revenue growth with the secondary benefit of getting new talent, Ruark said. And, after crypto, payments companies — as illustrated in the example above — are among the most attractive targets.
Looking ahead, KPMG’s view on the prospects for financial services M&A over the next six to 12 months is mixed. The firm said: “On one hand, the fundamental trends that have been driving activity remain in place. On the other, market sentiment is largely pessimistic and the outlook for interest rates and inflation is challenging.”
Counting 300 U.S.-based companies as customers already, Alloy announced it has now expanded its platform to 40 countries across North America, EMEA, LatAm, and APAC. The startup says it will also continue to grow its local presence and team in EMEA. The goal behind the expansion, a spokesperson told TechCrunch, is to help financial services companies “manage changing global regulatory requirements for their customers, no matter where they are located.”
QED Investors said it has expanded its mental health initiative aimed at tackling addiction among entrepreneurs to its Spanish-language portfolio companies. Last year, TechCrunch published an op-ed from Nigel Morris around mental health stigma in the tech community when the initial program was announced. The firm says the program is focused on eliminating the stigma around talking about substance misuse in the workplace by offering an online program that “delivers critical concepts and facts regarding addiction in just 5 minutes per lesson.” This will now be offered to 22 fintech companies across Mexico, Argentina, Chile, Colombia and Peru.
Just one week after closing on its acquisition of Metromile (and laying off about 20% of the latter company’s staff), Lemonade announced on August 4 that it has sold Metromile’s enterprise business solutions unit, a SaaS-based claims automation and fraud detection product, to EIS. Well, that was fast!
According to my colleague Zack, “hackers had access to dashboards used to remotely manage and control thousands of credit card payment terminals manufactured by digital payments giant Wiseasy, a cybersecurity startup told TechCrunch. Wiseasy is a brand you might not have heard of, but it’s a popular Android-based payment terminal maker used in restaurants, hotels, retail outlets and schools across the Asia-Pacific region. Through its Wisecloud cloud service, Wiseeasy can remotely manage, configure and update customer terminals over the internet.”
Attentive, which describes itself as a “conversational commerce platform,” has launched its “text-to-buy” solution with Shop Pay, “enabling consumers to make purchases directly from an SMS conversation with a brand.” Built with Shopify’s Shop Pay checkout flow, Attentive’s new offering is aimed at “turning browsers into buyers with a frictionless checkout flow built for mobile devices.”
Retail investment behemoth Robinhood laid off 23% of its staff — just 3 months after letting go of 9% of its workforce. Besides the fact that the company has shed about 1,000 workers this year alone, we also were struck by the fact that CEO Vlad Tenev took responsibility for Robinhood’s overhiring in the frenzy that was 2021. Whether he was sincere or not (and many of you had wildly different views on that based on a little poll I posted on Twitter), it was still not a typical CEO move and we took notice. You can listen to Alex, Natasha and I share our thoughts on it all on Friday’s episode of Equity Podcast.
Opendoor has agreed to pay $62 million to settle charges by the Federal Trade Commission, which says the company’s claims that it helps people make more money by selling their house to the company rather than listing it on the open market were deceptive. For years, the real estate technology company has touted itself as using its pricing technology to provide “more accurate offers and lower costs,” said the FTC. Such “iBuyers” use this method to make quick offers on homes, with enthusiastic claims that sellers would make thousands of dollars more than they would on the open market. But according to the FTC, that wasn’t true.
While extension rounds are popular even beyond fintech today, there are often more startups hunting for the round type than there are checks. So, to better understand the market for fintech extension rounds today, we have a set of answers from a group of fintech venture investors we recently surveyed.
Another day, another Q2 funding report. PitchBook reported that “on the heels of a breakthrough year for fintech investment, VC activity in the sector is simmering down.” Specifically, it said, in Q2 2022, “VC investment in fintech companies fell 17.8% from the previous quarter” to $24.1 billion, “the largest percentage drop since Q3 2018.” Also in the report: “Exits have also stalled as IPO activity grinds to a halt, and analysts expect fintech startups will attract the attention of incumbents looking for M&A opportunities.” Guess we’ll see about that.
Nice scoop from former TCer Katie Roof: “TripActions, a travel startup (that has expanded into general expense management), is close to filing confidentially for an initial public offering, according to people familiar with the matter, as people get back on planes and trains following the easing of the Covid-19 pandemic.”
Manish reports that the “State Bank of Pakistan, the South Asian nation’s central bank, has ordered fintech Tag to ‘immediately’ refund all funds to customers, citing violation of regulatory requirements and ‘other concerns,’ posing existential questions on the startup’s future. The regulatory action follows a months-long probe into Tag, which offers banking and financial services to users in Pakistan.”
Corporate spend startup Brex has named Doug Adamic as its chief revenue officer. According to a company spokesperson, Adamic will lead revenue and growth strategy for Brex as the company expands into financial software with Brex Empower and aims to grow its global offerings for venture-backed startups, midmarket companies, and larger enterprises. Adamic most recently served as SAP Concur’s chief revenue officer.
Saving and investing app Acorns announced that Brent Callinicos — who most recently served as CFO of Uber — has joined Acorns’ board of directors; Marissa Dulaney has been named as the company’s first chief experience officer; Denise Chisholm has been tapped to serve as the new chief compliance officer; and Brent Williams is now the company’s head of banking. In a written statement, Acorns CEO Noah Kerner said: “We’re building a generational company from the inside out with our customers at the center.”
Plaid announced that financial services industry veteran Meghan Welch has joined the 1,200-plus-person company as its first chief people officer. A spokesperson told me: “Meghan’s more than 20 years of experience at Capital One, most recently as the Executive Vice President, Head of Enterprise HR and Chief Diversity Officer, will be a great asset to Plaid as we scale to support the millions of people who rely on Plaid to connect to fintech apps and services.” Welch will report to CEO Zach Perret.
Fundings and M&A
Seen on TechCrunch
Savana raises a fresh round of capital to digitize banks’ services
Kenyan insurtech Lami raises $3.7M seed extension led by Harlem Capital
Apple alum’s finance operations startup Bluecopa raises funds to expand globally
Argentinian fintech infrastructure startup Geopagos leaves the bootstraps behind with $35M funding round
Mudafy raises $10M in Founders Fund–led Series A to fix LatAm’s “broken” real estate process
Robinhood veterans’ fintech, Parafin, raises $60 million funding round
Online credit Marketplace FinanZero raises $4 million in a new round led by Swedish investors to further expand in Brazil
Rapidly scaling, Kansas City–based PayIt raises another $90 million amid “long-overdue transformation” of govtech
NG.CASH, which describes itself as “the financial hub for Brazil’s Generation Z,” closed on a $10 million seed funding round co-led by Andreessen Horowitz (a16z) and monashees. Founded in February of 2021 and launching that August, the startup says it has over 900,000 users. Its founding team is made up of young (under 25) repeat founders who say they are responsible for building one of Brazil’s largest YouTube channels (with over 8 million subscribers), along with another fintech, Trampolin, that was later sold to Stone (Brazil’s version of Stripe).
Remote payroll provider Deel announced it has acquired Legalpad, which aims to streamline “the hard-to-navigate US work visa process, making it faster and more efficient for companies.” Since its founding in 2018, Legalpad says it has helped thousands of workers relocate to the U.S., and a Deel spokesperson told me the company’s next move will be to integrate the tech and expand visa capability to additional countries. Canada will come first, followed by others. The spokesperson added: “As US visas have become harder to secure, the move ensures more talent can be matched to opportunities, while helping companies hire. And actually, Legalpad helped Alex get the O-1 visa he needed to start Deel.” Recently, Deel has been making moves to broaden its products with a public offer to acquire PayGroup, a partnership with the UAE unveiled to help foreign workers secure visas, and launching Global Payroll.
Weltio, a Mexico City–based wealth management startup targeting Spanish-speaking LatAm, says it has raised $1.2 million in pre-seed funding from Y Combinator, as well as from Wealthsimple founder Brett Huneycutt, Mercado Bitcoin founder Reinaldo Rabelo, and Rhombuz VC, among others. The company says it provides the ability for Latin Americans to open an account in USD (fully regulated/protected by U.S. relevant bodies) and offers the ability to trade over 10,000 financial products and over 20 crypto coins. As the company evolves, the founders aim to offer a full suite of banking services.
That’s all for this week. Once again, thank you for joining me on this crazy fintech ride. See you next time! xoxoxo Mary Ann
Amazon buys Roomba’s maker, Bolt vanishes, and YC slims down – TechCrunch
Hello again! Welcome back to Week in Review, the newsletter where we quickly recap the top stories to cross TechCrunch dot-com over the past seven days. Want it in your inbox? Get it here.
The most read story this week is kind of a wild one: Bolt Mobility, an on-demand bike/scooter rental company co-founded by Usain Bolt, kinda just…vanished. “The departure has been abrupt,” writes Rebecca, “leaving cities with abandoned equipment, unanswered calls and emails, and lots of questions.”
Amazon buys iRobot: Bezos wants all the things. Whole Foods! One Medical! And now…Roomba? In this latest in a series of seemingly sudden and somewhat surprising acquisitions, Amazon is dropping $1.7 billion for the company best known for its robo vacuums.
Facebook shuts down live shopping: If you use Facebook’s “live shopping” feature to sell things via stream, it might be time to find a new platform. While live streaming isn’t going away, the dedicated shopping-focused features will go dark come October.
Starbucks is getting into web3: I’d roll my eyes, but given how many people I know insist on buying a Starbucks mug from every major city they visit…
More Robinhood layoffs: Oof. Just a few months back, Robinhood cut 9% of its full-time staff; this week, the company confirmed it’s letting go of another 23%. Citing overhiring over the last few wild years, CEO Vlad Tenev writes “I approved and took responsibility for our ambitious staffing trajectory — this is on me.”
YC gets smaller: It had to happen eventually. Y Combinator had been getting bigger and bigger with each accelerator class, peaking at an absurd 414 companies in the last batch. They’re scaling things back a bit with the next cohort — but at approximately 250 companies, it’s still relatively huge.
Podcasts! Get your podcasts!
This week in the world of TechCrunch podcasts, the Equity crew talked about YC’s smaller (but still pretty huge) cohort, Darrell and Becca talked about “Instagram being MySpaced by TikTok” on The TC Podcast, and Burnsy talked with Convoy co-founder Dan Lewis about the freight company’s “secret growth hack” on TechCrunch Live.
Glambook’s $2.5 million seed deck: Glambook recently raised millions to build what it calls “Uber for the beauty industry.” How’d they convince investors to get on board? In this latest edition of his Pitch Deck Teardown series, Haje buzzes through the deck and helps explain why certain things made the cut.
What really happens when your startup gets acquired?: There’s more to getting acquired than waiting for a bag of cash to appear on your desk. Yair Snir, VP at Dell Technologies Capital, gives us the high-level overview of the whole process, “from NDA to LOI.”
Dear Sophie: “How long am I required to stay at my current job after I get my green card?” It’s a reasonable question! Immigration attorney Sophie Alcorn weighs in.
Turn down for what? – TechCrunch
Welcome to Startups Weekly, a fresh human-first take on this week’s startup news and trends. To get this in your inbox, subscribe here.
Gumroad’s Sahil Lavingia broke into the venture world as one of the early testers of the rolling fund, an AngelList product that allows investors to raise capital on a subscription-like basis. That was in 2020. Fast-forward to 2022 and a lot has changed.
One of those changes? The number of pitches from founders looking to raise. “Since March, it’s gone down about 90%,” Lavingia told TechCrunch. “I was probably seeing more than most — about 20 to 40 well-vetted decks a week – and that number is down to about two to four a week now.” He’s also seen the quality of talent rise for people wanting to work for Gumroad — which he partially attributes to the steady stampede of layoffs — and a decline of founders starting companies.
A downturn in the number of founders raising capital suggests that early-stage startups aren’t as immune to macroeconomic shifts as some investors claim; in contrast, a boom of fresh startups would support the idea that recessions — and the accompanying spate of layoffs — are the time when startups are born.
Lavingia breaks down the state of founders into three buckets: “tourist founders, immigrant founders and ‘born and raised’ founders.” Tourist founders, he said, are the ones who only start companies in bull markets, a cohort he said has dropped by about 100%.
“They’re rarely fundable in bear markets,” Lavingia said. “They need to hire others to build stuff.” Immigrant founders, meanwhile, care less about the reputation and status of starting a company but do weigh its risk and return. This founder cohort has been cut in half, per Lavingia. Finally, “born and raised” founders are founders regardless of the market: “They all existed and therefore raised money in 2020-2021, so they too are not starting companies and raising money at the same rate.
There are two sides forming in early-stage venture capital: the investors who admit that talent has shifted and those who stand by deal flow that is as loud as ever.
If you want to read my full take, check out my TechCrunch+ column, “Investors prepare for a founder downturn. Or influx. Wait, what?”
In the rest of this newsletter, we’ll get into Y Combinator on its shrinking class size and debut fund managers on their collective mood. As always, you can support me by forwarding this newsletter to a friend or following me on Twitter.
Y Combinator cuts its class size
Y Combinator says it has intentionally shrunk the number of startups within its accelerator for the Summer 2022 batch. As first reported by The Information and independently verified by TechCrunch, Y Combinator’s Summer 2022 cohort — currently in action — boasts nearly 250 companies, down 40% from the previous cohort, which landed at 414 companies.
Here’s why it’s important: Over the years, Y Combinator’s ever-growing batch size has become a common — if not cliche — conversation among techies. I know this because we contribute to this conversation lots (especially on Equity). The biggest issue that folks have had with YC’s growing class size is that it threatens one of the accelerator’s biggest value propositions: network. The bigger the class, the harder it is to stand out.
While YC says it did not scale back due to critiques or the cost of its growing check size, the move will certainly help those within the current cohort stand out, simply due to lack of competition.
First-time fund managers have thoughts
TechCrunch+’s Rebecca Szkutak has spearheaded the latest investor survey, which gets a temperature check from seven first-time fund managers finding themselves in the beginning of a downturn. What advantages do first-time VCs have over more experienced competition in a challenging market? What steps are they taking to prepare for the fourth quarter? What is keeping them up at night given the market conditions today? These are all questions they answer and more in the piece now live on the site.
Here’s what’s important: There’s always a silver lining, but especially if you have a smaller portfolio. Szkutak gives us a teaser excerpt below:
“We don’t carry any of the baggage that may come with having previous funds or having a lot of capital tied up in what seems to be highly overpriced vintages,” Stuto said. “Just like a founder, who looks at the world differently than subject matter experts, we (first-time managers) bring a fresh outlook of how certain problems and industries are developing.”
Read Szkutak’s survey, and her extra analysis of it, on the site.
If you missed last week’s newsletter
Read it here: “The bootstrapped are coming, the bootstrapped are coming.” I also recorded a companion podcast with my favorite co-worker, Alex, which you can listen to here: “Is it the bootstrapper’s time to jump on the venture treadmill?”
Any requests for topics for me to dig into, either on Startups Weekly or on the show? Tweet me a big question and I’ll take a swing at it, either in an upcoming Startups Weekly or on Equity.
Seen on TechCrunch
Club Feast quietly pivoted to catering and left its consumer customers in a lurch
Uber turns the corner, generates massive pile of free cash flow in Q2
The 5 biggest takeaways from Tesla’s Cyber Roundup
Fish and CHIPs
Lyft assured no layoffs were coming — now employees are scrambling for their next gig
Clubhouse begins beta testing private communities called ‘Houses’ to foster curated interactions
Seen on TechCrunch+
Pitch Deck Teardown: Glambook’s $2.5 million seed deck
The road map for building the Uber of climate tech
From NDA to LOI: What really happens when your startup is being acquired?
Startups have to pay back all that equity compensation someday
Dear Sophie: How long am I required to stay at my current job after I get my green card?
And that’s a wrap. I’m off to the lake to enjoy these last few Summer weekends. Take care of yourself!
Q3 outlook forecasts cloudy days ahead for fintech M&A – TechCrunch
Welcome to The Interchange! If you received this in your inbox, thank you for signing up and your vote of...
Today’s Wordle Answer #413 – August 6, 2022 Solution And Hints
The answer to today’s Wordle puzzle (#413 – August 6, 2022) is alien, which means to be strange or exotic,...
Today's Wordle Answer #414 – August 7, 2022 Solution And Hints
Today’s simple Wordle won’t stump you so much as it might besmirch your reputation as a wordsmith, if you miss...
Amazon buys Roomba’s maker, Bolt vanishes, and YC slims down – TechCrunch
Hello again! Welcome back to Week in Review, the newsletter where we quickly recap the top stories to cross TechCrunch...
Turn down for what? – TechCrunch
Welcome to Startups Weekly, a fresh human-first take on this week’s startup news and trends. To get this in your...
Social4 months ago
Web.com website builder review
Social2 years ago
CrashPlan for Small Business Review
Gadgets4 years ago
A fictional Facebook Portal videochat with Mark Zuckerberg – TechCrunch
Cars4 years ago
What’s the best cloud storage for you?
Mobile4 years ago
Memory raises $5M to bring AI to time tracking – TechCrunch
Social4 years ago
iPhone XS priciest yet in South Korea
Security4 years ago
Google latest cloud to be Australian government certified
Social4 years ago
Apple’s new iPad Pro aims to keep enterprise momentum