TL;DR: Even Banks Cannot Avoid Cyberattacks (9th and 10th Weeks)

A hacker sells the data of a multinational corporation and a subsidiary of an Indian bank; Emotet has resumed its activity; there has been a major ransomware attack on a hospital; and a manual for decrypting the MortalKombat ransomware has been published. Security forces arrested members of a well-known ransomware gang; and also managed to arrest three cybercriminals, one of whom worked as an ethical hacker.

Acer and HDFC Bank data breach

Acer has become a target of a cyberattack that resulted in the theft of 160 GB of data. The data is being sold on a hacker forum by an attacker using the alias Kernelware who declares that the data contains, among other things, confidential product models and employee technical manuals. Acer later confirmed the breach, informing that the data came from a server of service technicians and did not include any customer information. The same hacker also attacked a subsidiary of India’s largest bank HDFC Bank (HDB Financial Services), stealing 7.5 GB of data (nearly 73 million records) and directly posting it. In addition to complete personal information, the leaked data included a lot of details related to payment accounts and services provided by the bank to its customers.

Emotet resumed its activity

The cybercriminals running the Emotet botnet are again spamming after a three-month break. The spam campaign is small, according to security researchers, and the cybercriminals disguise the malware as .ZIP archives containing invoices. The documents contain a lot of unused data and their size is over 500 MB, which increases the detection time of antiviruses.

Ransomware attack on hospital

A hospital in Barcelona with more than half a million patients suffered a ransomware attack. The attack affected three medical centres (CAP Casanova, CAP Borrell and CAP Les Corts), slowing down the hospital’s operations, disabling applications and communication technologies, preventing access to patient records, cancelling 150 non-urgent operations and forcing the hospital to call off 3,000 appointments.

SHORTS

• Bitdefender security researchers released a free decryptor for the MortalKombat ransomware.
• The Play ransomware gang has begun to leak the data stolen from the City of Oakland in a recent ransomware attack. The leaked 10 GB archive contains employee information, including their IDs and passports.
• Security forces have successfully arrested two (believed to be high-value) members of the DoppelPaymer ransomware gang.
• Digital bank Hatch Bank revealed that by exploiting a zero-day vulnerability in Fortra’s GoAnywhere MFT secure file-sharing system, cybercriminals gained access to the names and social security numbers of nearly 140,000 customers.
• Meta sued Freenom, the domain name registry service. The reason for the lawsuit is supposed to be the failure to respond to abuse emails and cybersquatting violations (registration of domains imitating real companies for phishing purposes).
• Cybercriminals successfully stole the data of 550,000 users of GunAuction.com, the US online website that allows people to buy and sell guns. The compromised data includes full names, home addresses, emails, phone numbers and plaintext passwords.
• Data of current and former employees of British retail giant WH Smith has been leaked following a cyberattack. The data includes names, dates of birth, addresses and national insurance numbers.
• Three cybercriminals, one of whom was an ethical hacker, have been arrested for international cyberattacks. A total of 45,000 euros in cash and 550,000 euros in Bitcoin cryptocurrency were seized. Their activities caused damages worth millions of euros to the victims.

« Späť na zoznam