TL;DR

TL;DR: State of Emergency (6th and 7th Week)

A city in California had to declare a state of emergency after a ransomware attack; a source code leaked from a social news aggregation platform; Dota players need to be more careful with game modes; and Cloudflare successfully blocked a record-breaking DDoS attack. Ransomware decryptors were also released; and the slowdown of the Tor anonymization network was explained.

Theft of social news aggregation platform data

Social news aggregation platform Reddit has become a target of a cyberattack leading to the theft of internal documents and the source code. The attacker gained access to the systems through a “sophisticated and highly-targeted phishing attack” (spearphishing).

Freely accessible database

The Russian electrical engineering company Elevel had a freely accessible database containing 1.1 TB of data about its customers. Names, email addresses, delivery addresses and login details (names and passwords) were available in URL encoding, which could be easily decrypted.

Analysis of modes in Dota

Avast security researchers have published their analysis of the modes in Dota 2 game. The analysis revealed three malicious modes allowing cybercriminals to gain unauthorized access to devices on which the modes are installed. These modes were named Overdog no annoying heroes (id 2776998052), Custom Hero Brawl (id 2780728794) and Overthrow RTZ Edition X10 XP (id 2780559339).

Convicted cybercriminal

A cybercriminal was convicted of stealing documents containing earning reports of US companies. The theft enabled him and other cybercriminals to cause a damage worth 90 million dollars. He faces up to 30 years in prison for the crimes and also a fine of 250,000 dollars, or a fine twice the caused damage or twice the gross gain.

SHORTS

  • According to the U.S. Federal Trade Commission (FTC) 70,000 victims reported losses of 1.3 billion dollars to romance scams in 2022.
  • Emsisoft issued a warning against cybercriminals misusing its name to create fake certificates. They use the certificates to sign their malware, which increases the trustworthiness and makes any detection by antivirus appear to be a false-positive.
  • Cloudflare successfully blocked a record-breaking DDoS attack that reached a peak of 71 million requests per second.
  • The City of Oakland, California, USA, declared a local state of emergency due to a ransomware attack on 8 February 2023. The attack successfully impacted non-emergency city systems (e.g. ability to collect payments and issue permits and licenses). Emergency calls have not been impacted.
  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a script to recover servers encrypted by ESXiArgs ransomware attacks.
  • Data of approximately 1.1 million customers of the US-based online grocery delivery platform Weee! is circulating on BreachForums. Cybercriminals managed to steal full names, email addresses, phone numbers, customers’ operating system information and order notes.
  • Director of the Tor Project, disclosed that the Tor anonymization network has been under constant DoS attack since around July 2022.
  • A cybercriminal pleaded guilty to money laundering worth more than 400,000 dollars. The funds came from the activities of the Ryuk ransomware group.

« Späť na zoznam
Current threats
all publications
Links