TL; DR: The game as an attack vector (Week 36)
Security researchers published an analysis on the misuse of games to distribute malware, a network of hotels fell victim to a potential attack, and security forces saw significant successes in arresting several cybercriminals and dismantling a large cybercrime forum.
Gaming risk analysis
Kaspersky security researchers have published a detailed analysis of cyber threats related to gaming. The analysis was related to 28 games and attacks were analyzed between July 1, 2021 and June 30, 2022. For PC gamers, attackers targeted players of Minecraft, Roblox, Need for Speed, GTA, and Call of Duty. For mobile games, Minecraft, Roblox, GTA, PUBG and FIFA players were the most common targets.
Possible ransomware attack
The Holiday Inn hotel chain belonging to the InterContinental Hotels Group was the target of a cyberattack. The likely ransomware attack was described by the company as “unauthorised network access” and it has not yet disclosed whether there was also a data leak. The attack knocked out a number of services and external specialists were brought in to deal with it.
Arrest of the gang
Interpol security forces, in cooperation with the Singapore and Hong Kong police, successfully arrested 12 members of an international gang responsible for the extortion of dozens of victims (sextortion). The cyber criminals used social engineering to try to obtain various compromising photographs and recordings from the victims, which they then blackmailed them with. In this way, they obtained a total of $47,000 from the victims.
Elimination of the criminal forum
The U.S. Department of Justice has officially confirmed the successful shutdown of the WT1SHOP cybercrime forum. U.S. and Portuguese security forces were involved in the shutdown of the forum selling approximately 1.7 million login credentials, 25,000 scanned passports and driver’s licenses, 108,000 bank account details, and 21.8 thousand payment cards.
- The Chinese government has accused the U.S. of carrying out tens of thousands of cyberattacks on the Chinese government and universities. China attributed the attacks to the US National Security Agency (NSA) and specifically blamed the NSA’s TAO department, whose alleged aim was to steal sensitive data,
- ThreadFabric security researchers have discovered a new version of the SharkBot trojan in the Android Google PlayStore. The Mister Phone Cleaner and Kylhavy Mobile Security apps had a combined 60,000 installs among users in the US, Spain, Poland, Austria, Germany and Australia,
- Microsoft issued a warning regarding ransomware attacks by the Phosphorus group (a group attributed to Iran),
- Albania accused Iran of cyberattacks in July and subsequently expelled the entire Iranian embassy,
- cyber criminals successfully stole Samsung’s data on US users. The stolen data includes names, dates of birth, contact numbers and more,
- the Los Angeles Unified School District was the target of a ransomware attack. Despite the attack reportedly disrupting operations of several parts of the school’s infrastructure, the schools were open as scheduled.
« Späť na zoznam