TL; DR: You can’t do shopping on DarkMarket anymore and be careful what Netflix asks of you (3rd week)

Hackers staked on a new, relatively cheap and efficient Trojan horse. Attackers tried to get data from Netflix users on the British Isles.

However, the other side of the fence was also successful. Interpol has identified app fraudsters, several countries have successfully intervened against the dark web platform, and important leaks in the UN have also been found.

Once again, health-care facilities have not escaped the attacks, and thanks to a software bug in the police database, tens of thousands of people are starting with a clean slate.

Hackers staked on a new stallion

The black market for viruses offers a very effective Trojan known as Rogue. Trojan sold for less than 25 EUR focuses on mobile devices, communication recording, cameras, screens, written texts, GPS and others.

Since Google Play and Apple App Store are well monitored as to fraudulent apps, Rogue expands beyond these stores, most often using suspicious links and untrusted sources.

Dark shopping has a stop sign

The biggest illegal business on the dark web known as DarkMarket was attacked and shut down. In a coordinated action, the security authorities of the United States, UK, Germany, Australia, Denmark, Moldova and Ukraine have managed to do it.

DarkMarket had over half a million users, including 2,400 sellers, and enabled the illegal trade of drugs, stolen credit cards, anonymous SIM cards and malware.

Software amnesty

Reportedly, a software glitch resulted in the deletion of 150 thousand records from the national police database in the UK. Biometric data collected from the crime scenes and data of individuals who were arrested and released without charge were lost. Records of criminals and dangerous persons weren’t supposedly deleted.

Netflix doesn’t always mean Netflix

A new phishing campaign targeting Netflix users was detected in the UK. The aim is to steal the bank account details of users via an e-mail warning with a request for verification of payment data. Attackers urge victims to make payments for Netflix services within 48 hours, otherwise their account will be blocked or deleted. In this regard, Netflix notified its customers that they never asked to enter personal or banking data in e-mails.

However, the phishing campaign in Britain isn’t so rare. During the last week, a similar campaign was recorded in Denver, where hundreds of Netflix customers received an e-mail offering an annual free subscription. The e-mail contained a malicious link on which the phishing page was trying to get the victim’s banking details.

Unexpected contribution to the forum

IObit developer company forum has become a target of ransomware attack executed by DeroHE group. The group gained contacts on members of the forum and sent in bulk e-mails offering an extension of licences for a year as a special perk of being forum members.

After installing a malicious license file, users were asked to wait until the new licenses were loaded, but instead of the desired effect, all files on the disk were encrypted.

The attackers then ask the victims to motivate IObit to pay 100 thousand American dollars in the cryptocurrency called DERO coin.

Broken heart before a date

Interpol’s Financial Crimes Unit warns of fraudsters targeting dating apps. Through them, attackers lure victims to install fake trading apps. Victims are motivated to invest and afterwards their accounts on fake applications are blocked.

Leaky UN system

Researchers from the Sakura Samurai team discovered log-in data to GitLab repositories with more than 100 thousand data of the United Nations Environment Programme employees.

In addition to personal data of employees, researchers were able to obtain access to several password-protected repositories and seven other key pairs. It is possible that unauthorised persons have also accessed the data prior to them.

SHORTCUT

• The game developer Resident Evil and Monster HunterCapcom became a target of ransomware attack in November 2020. Hackers accessed the data of about 390,000 people and other phishing activities can be expected. Ragna Locker group was attacking.
• The Texas Health Company Hendrick Health System became a target of cyberattack in November 2020. The attackers managed to steal patients‘ personal information.
• The Australian trade organisation Kogan was fined of nearly 311 thousand Australian dollars for the spam advertising campaign. It sent more than 42 million marketing e-mails. Spam victims were able to log off the Kogan account and shut down the ads directly therein.

« Späť na zoznam