Tag: cybercrime
Cybercriminals pose as law enforcement agencies
The US Federal Bureau of Investigation (FBI) has issued an urgent warning to business and law enforcement agencies that cybercriminals are using genuine stolen US and foreign government email addresses to hack into companies. As of August this year, the FBI has observed an increase in posts on criminal forums relating to fraudulent emergency data requests. In August 2024, a cyber-criminal known to the FBI offered for sale, “High Quality .gov emails for espionage/social engineering/data extortion requests, etc”, that included official US credentials. The cyber-criminals also offered to guide buyers through emergency data requests and to sell real stolen subpoena documents to allow the buyer(s) to pose as law enforcement officers.
Dutch Police Take Down major global cyber threat
The Dutch Police, Politie, claim to have removed a major threat to organizations all over the world by dismantling two of the most notorious ‘infostealers’, software designed to breach computer systems to steal sensitive information. “Operation Magnus,” conducted in collaboration with Team Cybercrime Limburg, is reported to have taken down the Redline and META info stealers, which have been responsible for infecting millions of computers worldwide with malware, leaving them open to devastating ransomware attacks and other threats.
Hackers infiltrate SEC’s X Account to Boost Bitcoin
A cybercriminal in Alabama, suspected of hacking into the US Securities and Exchange Commission’s (SEC’s) X account, has been arrested. He is accused of using the compromised account to post fake messages, causing the value of Bitcoin to boost by $1,000. Hacker Eric Council Jr, also known as “EasyMunny” and “AGiantSchnauzer,” was allegedly able to secure the credentials for the SEC’s X account through a method called “Sim Swapping.” The council created a fake ID using the stolen personal information of someone who had access to the X account. With the fake ID, he was able to purchase a SIM card linked to the victim’s phone in a cellphone provider store in Alabama, giving Council access to the victim’s personal information and log-in credentials.
Feds try to block N. Korea’s crypto-cash pipeline
The US Federal Bureau of Investigation (FBI) is conducting an ongoing investigation into the notorious North Korean cybercrime group Lazarus, formerly known as “God’s Apostles”. The group is alleged to have stolen over $800 million in virtual currency. Over the past decade, the Lazarus group has targeted entertainment companies, banks, and pharmaceutical companies both in the US and worldwide. One heist, in particular, is referenced in the court documents, where approximately $41 million worth of virtual money was allegedly stolen from the online casino platform Stake.com and laundered through VCM Sinbad. Sinbad has since been sanctioned by the US Treasury Department’s Office of Foreign Assets Control for its involvement in laundering money from the Stake.com heist, among others executed by Lazarus.
GoldenJackal targets top-secret installations
An as-yet-unidentified group, known only as GoldenJackal with suspected links to the Russian state, is targeting high-security networks that are intentionally isolated from the internet. Confidential data is frequently stored in “air-gapped” computers that do not have an online connection and were, until now, virtually impossible to hack. But cybersecurity firm ESET now reports that GoldenJackal was deploying “a highly modular toolset” against a government organization in a European Union (EU) country between May 2022 and March 2024. This follows similar ongoing attacks on air-gapped systems in Belarus that began in August 2019.
Cybercriminals ramp up AI-driven deepfake scams
Cyber toolkits for threat actors are now harnessing the latest deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’ According to cloud cybersecurity firm Egress, a staggering 82 percent of phishing toolkits mentioned deepfakes, and 75 percent referenced AI. The growing threat presented by the use of deepfakes by cybercriminals was highlighted earlier this year at InfoSecurity Europe in London. Widely available toolkits now enable even relatively unskilled hackers to create highly convincing video and audio clips of chief executives (CEOs) and other senior staff members in any specific organization. All the threat actor needs is a short video clip of the person they wish to impersonate. This can easily be copied from a corporate seminar or from a video podcast.
Cybercrime gets physical
Cyber-physical systems (CPS), such as operational technology (OT), the Internet of Things (IoT), building management systems (BMS) and connected media devices have now become a prime target for ransomware attacks. According to security firm, Claroty, cyber-physical attacks are now placing significant financial strain across organizations in several key sectors. Almost half of the respondents, 45 percent, to an independent survey commissioned by Claroty report financial losses of $500,000 or more over the last 12 months from cyber-attacks affecting CPS. Over a quarter, 27 percent, report losses of $1 million or more. “The most financially impacted sectors are chemical manufacturing, power and energy, and mining and materials, with 54-55 percent of respondents in each sector reporting more than $500,000 in losses from incidents in the last 12 months,” says the report, The Global State of CPS Security 2024.
Cybercriminals are now grooming US and UK teens
By adopting such Nineteenth-Century criminal grooming methods to the online world of the Twenty-First Century, today’s threat actors are effectively criminalizing an entire generation not to pick pockets but to rifle fat online crypto wallets instead. When the media reports that a nineteen-year-old hacker has been arrested at his parent’s house for a major hack, such as the one that recently occurred at Transport for London (TfL), the sinister cybercriminals who may have orchestrated the cyber-attack doubtless breathe a sigh of relief. “What the police should be asking in a case like is who has been grooming the teenage hacker and for how many years?” says Fraser Hay, CEO and co-founder of one-year-old UK start-up The Hacking Games, whose aim is to use online gaming, TV and other media to encourage teenagers away from a life of online crime and towards careers in ethical hacking.
Cyber gets physical at Expo ‘24
Chief executives frequently vie with one another for the spotlight when delivering key speeches at major conferences. But the most-talked-about address of the day, given to a packed auditorium at the International Cyber Expo in London’s Olympia showground, forbade any recording or photographing of his talk. He also insisted he be referred to only as “Paul F”. “Paul F”’s bashfulness became understandable when he explained that the UK’s National Protective Security Authority (NPSA), where he is head of physical security, is now part of Britain’s secret intelligence service MI5. His talk neatly summed up the central theme of the show by providing evidence that the difference between cybercrime and physical crime has become blurred to the point of invisibility. He asked the very relevant question of whether a small drone spying into a City office using a telescopic lens and an 8k camera to read the staff’s log-in details through the window is a physical or a cyber-crime.
Lebanon pager attack signals new era in cyber warfare
As the whole world is now aware, Beirut was thrown into chaos yesterday by 5,000 exploding weaponized pagers, leaving 900 people dead and a further 300 in critical condition. Iran’s ambassador to Lebanon, Mojtaba Amani, sustained injuries to his face and hand. Lebanon-based Islamist and paramilitary group Hezbollah claims that Israel was responsible. If so, then yesterday afternoon’s event in Beirut will have global repercussions for cyber warfare and targeted cyber-attacks. The idea of weaponizing communications devices is hardly new. Over a decade ago, for example, former US Vice President Dick Cheney disabled a function that allowed the pacemaker regulating his heart to be administered wirelessly. Because he believed terrorists might hack the device to deliver a fatal shock. Israel has also been previously accused of killing Hamas terrorists with booby-trapped cellphones.
India Enlists Army of 5000 “Cyber Commandos”
The Indian Government is upping the ante with its fight against cybercrime. Indian Union Home Minister Shri Amit Shah this week announced the launch of four major platforms under cyber security program Indian Cyber Crime Coordination Center (I4C), including the training of 5,000 “Cyber Commandos,” to counter the increasing threat of cyber-crime. The Cyber Commando Program will create a special wing in every Central Police Organization, aiming to train 5,000 “Cyber Commandos” over the next five years. Trained Commandos will assist Central Agencies in “securing digital spaces”. Other platforms include a national Suspect Registry, a Cyber Fraud Mitigation Center, and an online portal for cyber-crime data analytics and crime mapping.
EU spyware scandal spreads
This week, Poland’s Supreme Court quashed an ongoing probe into spyware abuses allegedly conducted by its own government - claiming it to be “unconstitutional”. Comprehensive new research, published earlier this month by the Atlantic Council’s Digital Forensic Research (DFR) Labs, also now shows that government abuse of spyware is now widespread across the European Union (EU). The findings of DFR Labs’ research provide a truly damning description of the widespread abuse of spyware by governments across Europe, accusing the EU of effectively turning a blind eye to the widespread abuse of its citizens’ rights despite being made aware of the widespread abuses at least two years ago. In 2022, the European Parliament (EP), frustrated by the Commission’s reluctance to tackle the growing scandal, established the PEGA Committee to investigate the misuse of surveillance spyware.