Tag: cybercrime
Secret Service Hot on the Trail of Cybercriminal “Stalin”
The United States Secret Service is doubling down on the search for cybercriminal “Stalin.” On August 26, 2024, the U.S Department of State partnered with the US Secret Service to put out a bounty of up to $2.5 million for information leading to the arrest of Belarusian hacker Volodymyr Kadariya, sometimes going by the alias “Stalin.” Kadariya was allegedly part of a malicious advertising (“malvertising”) ring responsible for transmitting the Angler Exploit Kit, a toolkit utilized by threat actors to exploit vulnerabilities in a system or code.
“Voldemort” impersonates tax authorities worldwide
A threat actor named “Voldemort” is impersonating tax authorities from governments in Europe, Asia, and the US – targeting dozens of organizations worldwide. Cybersecurity company Proofpoint believes “with moderate confidence” that Voldemort’s ultimate goal is cyber-espionage. Since August 5 this year, Voldemort, named after the main villain in J. K. Rowling’s Harry Potter children’s books, has sent over 20,000 messages purported to be from various tax authorities to over 70 organizations around the world. The threat actor poses as the US Internal Revenue Services, the UK’s HM Revenue & Customs, France’s Direction Générale des Finances Publiques, Germany’s Bundeszentralamt für Steuern, Italy’s Agenzia delle Entrate, India‘s Income Tax Department and Japan’s National Tax Agency.
Telegram chief’s arrest ignites global cyber-war
In the wake of Telegram owner and founder Pavel Durov’s shock arrest in Paris on Saturday, the French state is being hit by a growing wave of cyber-attacks designed to cause maximum embarrassment to beleaguered French president Emmanuel Macron. Durov was released from police custody in France on Wednesday and has been transferred to court for questioning ahead of a possible indictment that could result in a long prison sentence. A post on X by SaxX, reportedly the nom de Twitter of cybersecurity consultant Clément Domingo, listed 10 websites in France that bore the brunt of the first wave of cyber-attacks orchestrated by a new online hacktivist group, #opDurov.
Telegram chief arrested in Paris
Speculation is today mounting concerning the arrest of the popular encrypted messaging app Telegram head and founder, Pavel Durov, at Le Bourget airport north of Paris on Saturday evening. The arrest has been widely reported in France, although the authorities have yet to issue a full statement. In the past, the French president. Emmanuel Macron and his team have been enthusiastic users of Telegram, using it to orchestrate their political strategies. But Durov’s arrest on Saturday is now being seen as part of an attempt by the UK and the European Union to curtail the reach and influence of largely unregulated communications platforms such as Telegram and X (formerly Twitter). This theory is born out of sources close to the situation, who believe that Durov will face charges of complicity in drug trafficking, crimes against children, and fraud – all allegedly stemming from a lack of moderation controls on Telegram.
Latest Microsoft outage ‘triggered’ by a cyber-attack
A second outage of several Microsoft services in two weeks, this one attributed to a cyber-attack, is fuelling further questions about the underlying security of the Windows operating system. According to Microsoft: "While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack... initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.” Services affected included Outlook, Azure, and Microsoft 365, with some people complaining on social media that they were unable to work. Starbucks customers also reported issues with the Starbucks app in Boston, New York, Washington DC, Dallas, Chicago, Los Angeles, Tampa and other cities. The disruption caused by this latest outage is, however, minor compared with the Windows outage caused by a mishandled CrowdStrike security upgrade, which resulted in canceled flights and marooned passengers in major international airports around the world last week.
Cybercriminals capitalize on CrowdStrike outage
Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses. According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”
Exclusive: Banks face a growing physical security threat
Banks, traditionally the main target for cybercriminal groups, are now being attacked not only by new online hacking techniques but also by a growing range of physical hacking tools and techniques. While financial institutions have high levels of cybersecurity and strong physical security, they currently face a growing threat from combined physical and digital assaults. “Physical security and cybersecurity convergence in the business environment. A favorite weapon in the hacker arsenal is the Flipper Zero, an inexpensive pocketable device that enables you to hack into nearby smartphones and IT systems,” says Tim Grieveson, Senior Vice President of Global Cyber Risk, BitSight.
AI-engineered email attacks are on the rise
Email scams aimed at business users are becoming increasingly sophisticated and increasingly tough to detect. Threat actors are now using artificial intelligence to research their targets in advance of an attack, a process known as ‘social engineering.’ Phishing attacks and email scams that appear to come from a trusted source make up 35.5% of all socially engineered threats, according to a report from cybersecurity firm Barracuda: Top Email Threats and Trends. Although these types of attacks have been around for some time, cybercriminals have recently devised ingenious new methods to avoid detection and being blocked by email-scanning technologies.
Healthcare attack exposes 200,000 Los Angeles patient records
The Los Angeles County Department of Public Health has been breached by a cyber-attack that has compromised the personal information of over 200,000 private individuals. This is the latest breach in a series of major cyber-attacks on the healthcare sector. As with so many breaches, the Los Angeles County breach was the result of a phishing attack aimed at unsuspecting staff. The attack enabled a hacker to gain the log-in credentials of 53 public health employees and subsequently compromised the personal information of 200,000 patients. According to the LA County Department of Public Health: “The information identified in the potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.”
Cyber Tsunami Set to Overwhelm Paris Olympics
The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism. “The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.
Bangladeshi Police Officer Caught Selling Citizen Data on Telegram – June 6th
In late April, the Brigadier General of Bandladesh's NTMC announced that two police officers had been caught selling citizen data on Telegram. Bangladeshi officials said the data allegedly sold included national identity details of citizens, cell phone call records, and other “classified secret information.”
Deepfakes dominate InfoSecurity Europe 2024
InfoSecurity Europe, widely acknowledged as the chief global challenger to RSA in the US, kicked off with a Keynote speech and panel discussion on “Mapping the Deepfake Landscape.” Broadcaster and researcher Henry Adjer quoted numerous examples of the increasing sophistication of malicious deepfakes. The most interesting example of a deepfake was a false image purporting to show an explosion near the Pentagon shared by multiple verified Twitter accounts last year, resulting in a brief dip in the value of the New York Stock Exchange. “Threat actors are starting to explore the possibility of using deepfakes to move share prices with fake podcasts and video interviews with company C-suite executives of listed companies. Even if the fake is quickly spotted and squashed and the company’s shares are only impacted for 10 minutes, the threat actor can make a huge profit by speculating on the movement of a specific stock,” says Tim Grieveson, senior vice president of global cyber risk at cybersecurity firm BitSight, which in 2021 received £250 million funding from financial services giant Moody’s.