2012, Hacking and Phishing - Cyber Security Informer

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. Department of Justice.

Cybersecurity

Cybersecurity Cybercrime Hacking Technology

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] us , a site unabashedly dedicated to helping people hack email and online gaming accounts. In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com

Hacking

Hacking Accountability Data breaches Marketing

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Image: FBI.

Antivirus

Antivirus Hacking Government Software

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams

Scams Hacking Malware Mobile

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. “Based on our observations, we believe Earth Preta tends to use spear-phishing emails and Google Drive links in its attacks.”

Malware

Malware Phishing Government Passwords

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. The logic of the raid mainly comes down to using unsecured RDP ports or spear-phishing to infiltrate networks and gain a foothold in them. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012.

Identity Theft

Identity Theft Cybercrime Advertising Hacking

Don’t trust links with known domains: BMW affected by redirect vulnerability

Security Affairs

JANUARY 3, 2024

They were used to access the internal workplace systems for BMW dealers and could have been useful to attackers for spear-phishing campaigns or malware distribution. This exploit could also be used for mass phishing campaigns, targeting customers,” our researchers said.

Phishing

Phishing Manufacturing Firewall Cybercrime

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

Government

Government Energy and Utilities Malware Hacking

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The attack chain associated with ARCHIPELAGO starts with phishing emails that embed malicious links.

Phishing

Phishing Media Passwords Malware

Actions Target Russian Govt. Botnet, Hydra Dark Market

Krebs on Security

APRIL 7, 2022

Security experts say both VPNFilter and Cyclops Blink are the work of a hacking group known as Sandworm or Voodoo Bear , the same Russian team blamed for disrupting Ukraine’s electricity in 2015. SANDWORM AND TRITON. energy facilities. and international companies and entities, including U.S. ” HYDRA. . ” HYDRA.

Marketing

Marketing Energy and Utilities Malware Ransomware

Hackers planting cyber crime evidence onto devices of innocent computer users

CyberSecurity Insiders

FEBRUARY 13, 2022

A report published by Sentinel One states that a hacking group named “Modified Elephant” was seen carrying out such criminal activities since 2012 and has started the game of planting criminal evidence on devices of innocent online users.

Surveillance

Surveillance Passwords Malware Hacking

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The threat actor that employed the Kraken technique, likely an APT group, launched a phishing attack that used messages with a.ZIP file attachment. SecurityAffairs – hacking, Kraken). Pierluigi Paganini.

Advertising

Advertising Hacking Manufacturing Phishing

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Security Affairs

APRIL 14, 2020

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. The attacks against the Canadian healthcare organizations were discovered between March 24 and March 26, they started with coronavirus -themed phishing campaigns that were carried out in the last months.

Healthcare

Healthcare Ransomware Phishing Government

Technical analysis of China-linked Earth Preta APT’s infection chain

Security Affairs

MARCH 27, 2023

Earth Preta, also known as “RedDelta” or “Bronze President,” has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. The link points to a password-protected archive, the document also includes the password.

Malware

Malware Phishing Passwords Government

Experts disclose security flaws in Oracle’s iPlanet Web Server

Security Affairs

MAY 11, 2020

.” The second issue, tracked as CVE-2020-9314 , could be exploited to inject external images which can be used for phishing and social engineering attacks. When used in combination with the “ productNameHeight ” and “ productNameWidth ” parameters, this can be used to inject an external image into a site to facilitate phishing.

Social Engineering

Social Engineering Phishing Advertising Encryption

Security Affairs newsletter Round 355

Security Affairs

FEBRUARY 28, 2022

SecurityAffairs – hacking, newsletter). Are both linked to Evil Corp? worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware. worth of NFTs from tens of OpenSea users Trickbot operation is now controlled by Conti ransomware. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Phishing

SideWinder carried out over 1,000 attacks since April 2020

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. SecurityAffairs – hacking, SideWinder). The experts observed some newly registered domains that were likely used to expand the list of targets in other countries. Pierluigi Paganini.

Encryption

Encryption Malware Phishing Hacking

Experts uncovered a new wave of attacks conducted by Mustang Panda

Security Affairs

MAY 9, 2022

In February 2022, Cisco Talos researchers started observing China-linked cyberespionage group Mustang Panda conducting phishing attacks against European entities, including Russian organizations. “The threat actor heavily relies on sending lures via phishing emails to achieve initial infection. To nominate, please visit:?

Government

Government Malware Phishing Hacking

Chinese threat actor Scarab targets Ukraine, CERT-UA warns

Security Affairs

MARCH 25, 2022

Scarab APT was first spotted in 2015, but experts believe it has been active since at least 2012, conducting surgical attacks against a small number of individuals across the world, including Russia and the United States. The attacker spread their malware through phishing messages using weaponized documents that deploy the HeaderTip malware.

Malware

Malware Phishing Hacking Information Security

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

“Amnesty Tech’s Security Lab found technical evidence in phishing emails sent to two prominent Vietnamese human rights defenders, one of whom lives in Germany, and a Vietnamese NGO based in the Philippines, showing that Ocean Lotus is responsible for the attacks between 2018 and November 2020.” SecurityAffairs – hacking, APT32).

Spyware

Spyware Government Surveillance Phishing

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. Most of the data come from previously known source s, it could expose affected people to scams and phishing campaigns.

Data breaches

Data breaches DNS Advertising Engineering

Facebook links cyberespionage group APT32 to Vietnamese IT firm

Security Affairs

DECEMBER 11, 2020

The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. Threat actors were contacting people of interest with romantic lures, they set up pages that were specifically designed to target followers with malware and phishing attacks.

Retail

Retail Malware Mobile Accountability

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Security Affairs

MAY 2, 2023

” ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. RokRat is believed to be the handiwork of the ScarCruft group. .”

Malware

Malware Education Media Phishing

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

Security Affairs

APRIL 23, 2020

The Vietnam-linked cyberespionage group tracked as APT32 carried out hacking campaigns against Chinese entities to collect intelligence on the COVID-19 crisis. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists.

Government

Government Advertising Phishing Malware

DOJ Indictment Links Russian Nationals to Supply Chain Attacks

Security Boulevard

MARCH 30, 2022

Three Russian computer hackers, who were officers in Center 16, carried out energy sector attacks between 2012 and 2014 in phase one of the campaign. The hacking campaigns were directed at hundreds of companies and organizations in 135 countries. What the supply chain hackers did. During the Dragonfly 2.0

Software

Software Government InfoSec Malware

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko. Adobe, Last.

Data breaches

Data breaches DNS Advertising Engineering

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The campaign, which may have started as far back as 2012, featured a multi-stage approach and was dubbed EasternRoppels.”

Encryption

Encryption Government Advertising Cyber Attacks

Hackers Sell Access to Bait-and-Switch Empire

Krebs on Security

MARCH 4, 2019

In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. I also pinged several customer support email addresses tied to the data-broker Web sites that were hacked. at the victim in this hacking case. Nor has Mr. Willms.

Marketing

Marketing Passwords Hacking Advertising

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

Malware

Malware Spyware Advertising Encryption

APT40 cyberespionage group supporting growth of China’s naval sector

Security Affairs

MARCH 5, 2019

The APT levera ges a variety of techniques for initial compromise, including web server exploitation, phishing campaigns delivering publicly available and custom backdoors, and strategic web compromises. SecurityAffairs – China APT40, hacking). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Technology

Technology Advertising Government Phishing

How to lose your password

Thales Cloud Protection & Licensing

NOVEMBER 14, 2017

The modern era of mass data breaches perhaps began in 2009, with the hack of 32 million account credentials held by software developer RockYou, in which a SQL injection attack revealed that passwords were simple held in cleartext in a database table. The following year saw a leak from Gawker Media’s servers, with another 1.5

Passwords

Passwords Internet Internet Data breaches

Google introduced G Suite alerts for state-sponsored attacks

Security Affairs

AUGUST 3, 2018

If an admin chooses to turn the feature on, an email alert (to admins) is triggered when we believe a government-backed attacker has likely attempted to access a user’s account or computer through phishing, malware, or another method.” ” reads the security advisory published by Google.

Accountability

Accountability Advertising Government Phishing

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Attacks on bank customers: The decline of Android Trojans and the triumph of phishing. This trend aimed at reducing threats from banking Trojans for PCs has been continuing in Russia since 2012. Using web phishing, criminals have managed to steal $3.7 On average, approximately $15 are stolen in each phishing attack.

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Somewhat quietly since about 2012 or so, nation states in that region, led by Saudi Arabia and the United Arab Emirates, commenced a quiet surge to the forefront of implementing comprehensive cybersecurity regulations. Ransomware hacking groups extorted at least $144.35 That shortfall can be seen in windfall of criminal profits.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

Necurs Botnet adopts a new strategy to evade detection

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – Necurs botnet, hacking). ” continues the blog post. Pierluigi Paganini.

DNS

DNS Banking Advertising Ransomware

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

Probably, the infection vector was a phishing mail containing a specific attachment. Finally, all the loot is sent to the remote command and control hosted at 66.154.98.108, operated by “Total server solutions LLC”, an US hosting provider operating since 2012. Technical Analysis. Figure 9: C2 connection.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

In March 2014, hackers used login information leaked by eBay employees to access sensitive user data of 145 million customers , putting these users at risk of identity theft, password theft and phishing risks. A 2015 report by Risk Based Security found that hacking accounted for over half of all reported data breaches during the year.

Data breaches

Data breaches Passwords Backups Mobile

CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

Security Affairs

SEPTEMBER 5, 2018

The group is back and is targeting once again Vietnam running a spear phishing campaign that uses weaponized documents featuring Vietnamese-language lures and themes. GOBLIN PANDA was focused on Vietnam, most of the targets were in the defense, energy, and government sectors.

Advertising

Advertising Government Malware Phishing

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Inova has been operating since 2012 and has handled thousands of cases since then. Although your data may not have been found by anyone else, in case any ill-intentioned hacker discovered it, here are some of the risks people exposed could face: Phishing Scams and Malware. SecurityAffairs – hacking, Data Breach).

Data breaches

Data breaches Insurance Identity Theft Education

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

According to Microsoft, the Platinum has been active since at least 2009, it was responsible for spear phishing attacks on ISPs, government organizations, intelligence agencies, and defense institutes. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption

Encryption Passwords Malware Software

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

In February 2019, SI-LAB captured multiple samples of phishing campaigns using an Office Excel document carrying a malicious Excel 4.0 This threat has been closely observed by researchers from Proofpoint that discovered the RAT used since the beginning of 2016 in targeted phishing campaigns as well as massive, multi-million message campaigns.

Malware

Malware Antivirus Technology Phishing

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? The attack vectors have broadened past spear phishing and vulnerable software. It gives the example of Hacking Team, based in Italy, and Vupen Security, based in France.

Cyber threats

Cyber threats Ransomware Cyber Attacks Manufacturing

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Trending Sources

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The Olympics: a timeline of scams, hacks, and malware

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Don’t trust links with known domains: BMW affected by redirect vulnerability

US indicted 4 Russian government employees for attacks on critical infrastructure

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Actions Target Russian Govt. Botnet, Hydra Dark Market

Hackers planting cyber crime evidence onto devices of innocent computer users

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

Technical analysis of China-linked Earth Preta APT’s infection chain

Experts disclose security flaws in Oracle’s iPlanet Web Server

Security Affairs newsletter Round 355

SideWinder carried out over 1,000 attacks since April 2020

Experts uncovered a new wave of attacks conducted by Mustang Panda

Chinese threat actor Scarab targets Ukraine, CERT-UA warns

APT32 state hackers target human rights defenders with spyware

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Facebook links cyberespionage group APT32 to Vietnamese IT firm

North Korea-linked ScarCruft APT uses large LNK files in infection chains

Vietnam-linked APT32 group launches COVID-19-themed attacks against China

DOJ Indictment Links Russian Nationals to Supply Chain Attacks

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Platinum APT and leverages steganography to hide C2 communications

Hackers Sell Access to Bait-and-Switch Empire

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

APT40 cyberespionage group supporting growth of China’s naval sector

How to lose your password

Google introduced G Suite alerts for state-sponsored attacks

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

Necurs Botnet adopts a new strategy to evade detection

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

How to Prevent Data Leaks

CrowdStrike uncovered a new campaign of GOBLIN PANDA APT aimed at Vietnam

Data Breach: Turkish legal advising company exposed over 15,000 clients

The Platinum APT group adds the Titanium backdoor to its arsenal

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Growing Cyber Threats to the Energy and Industrial Sectors

Stay Connected