Jeff Stone – Page 24 – WindowsTechs.com

Malicious coronavirus-themed emails are lucrative for crooks, FBI warns

Posted on April 7, 2020 by Jeff Stone

If you’re not already skeptical of emails asking for money in response to the coronavirus pandemic, the FBI wants you to remember this: It’s a common scam these days. And it works. The bureau has issued multiple warnings highlighting how crooks are updating a profitable fraud technique to capitalize on pandemic concerns. A news release issued Monday notes that business email compromise (BEC) attacks — scams in which the perpetrators pose as co-workers or friends, then ask for money — have targeted U.S. municipalities that are trying to purchase supplies to mitigate the COVID-19 pandemic. The warning coincided with a bulletin Monday noting that U.S. businesses have reported $2.1 billion in losses from BEC scams between January 2014 and October last year carried out through just two email services, which the bureau did not identify by name. Business email compromise was the most profitable form of cybercrime in the U.S. last year, with victims reporting $1.7 billion in losses, according […]

The post Malicious coronavirus-themed emails are lucrative for crooks, FBI warns appeared first on CyberScoop.

Continue reading Malicious coronavirus-themed emails are lucrative for crooks, FBI warns→

A Chinese security firm says DarkHotel hackers are behind an espionage campaign, but researchers want more details

Posted on April 6, 2020 by Jeff Stone

A well-resourced hacking group with possible ties to South Korea has launched an apparent espionage campaign against the Chinese government as international governments grapple with the COVID-19 pandemic, according to a Chinese security firm. An advanced persistent threat group known as DarkHotel has compromised more than 200 virtual private network servers to infiltrate “many” Chinese institutions and government agencies, Qihoo 360 said in a report published Monday. In one case, DarkHotel hackers used a previously unknown software vulnerability in the enterprise Sangfor SSL VPN software, then installed malicious software onto victim machines to collect user data. The timing of the attack coincides with instructions from the Chinese government forcing citizens to work from home in order to mitigate COVID-19’s spread. Outside security researchers with experience chasing nation-state hacking groups immediately questioned whether Qihoo 360 could be sure that the DarkHotel group could be behind the campaign. “I’m going to be […]

The post A Chinese security firm says DarkHotel hackers are behind an espionage campaign, but researchers want more details appeared first on CyberScoop.

Continue reading A Chinese security firm says DarkHotel hackers are behind an espionage campaign, but researchers want more details→

A French page impersonating Politico was nabbed in Facebook’s latest takedown

Posted on April 2, 2020 by Jeff Stone

Facebook says it removed more than 300 accounts, pages and groups last month after catching operators misrepresenting themselves in a number of ways. The social media company on Thursday announced it removed 180 Facebook accounts, 170 Instagram accounts, 160 groups and one page for violating company policies around coordinated inauthentic behavior. The activity involved unrelated campaigns targeting elections in France, Egypt and Russian efforts to launder information operations through accounts based in Africa, first detailed last month. It’s the latest in a series of monthly updates from Facebook clarifying the different ways that governments, marketing firms and individual users game the website to try to make money or influence public opinion. Most recently, the company disclosed that Russia’s Internet Research Agency, which U.S. intelligence officials say was dedicated to amplifying divisive social media activity ahead of the 2016 election, had outsourced some of its work to users in Africa. In […]

The post A French page impersonating Politico was nabbed in Facebook’s latest takedown appeared first on CyberScoop.

Continue reading A French page impersonating Politico was nabbed in Facebook’s latest takedown→

Ransomware strikes biotech firm researching possible COVID-19 treatments

Posted on April 2, 2020 by Jeff Stone

As the COVID-19 pandemic was spreading through the U.S. last month, hackers struck a California-based biotechnology company which makes tools that researchers are using to learn about the coronavirus. In a financial disclosure form filed to the U.S. Securities and Exchange Commission Wednesday, 10x Genomics Inc. said it experienced an attempted ransomware attack that also involved the theft of company data. The firm restored normal operations “with no material day-to-day impact,” and said it is working with law enforcement to investigate the breach. The company currently is part of an international alliance that is sequencing cells from patients who have recovered from COVID-19 as part of an effort to understand possible treatments for the disease. Representatives from 10x Genomics did not return multiple requests for comment. Exact details of the attack remain unclear, though it occurred some time in March, as the healthcare sector in the U.S. became gripped with […]

The post Ransomware strikes biotech firm researching possible COVID-19 treatments appeared first on CyberScoop.

Continue reading Ransomware strikes biotech firm researching possible COVID-19 treatments→

Nigerian email scammers upped their game, averaging 90,000 attacks monthly in 2019

Posted on March 31, 2020 by Jeff Stone

A group of Nigerian scammers blamed for email fraud accelerated their attacks last year by attempting an average of more than 90,000 attacks per month. The hacking crew, dubbed SilverTerrier by security researchers, began around 2014 as a small group that experimented with easy-to-detect hacking tools. By 2019, though, it had evolved into a team of “mature cybercriminals” who have produced 81,300 malicious software samples connected to 2.1 million attacks, according to Palo Alto Networks findings published Tuesday. SilverTerrier specializes in business email compromise attacks, the kind of email scam in which fraudsters impersonate a victim’s coworker or friend, then ask for wire transfers. It’s a relatively unsophisticated technique that nonetheless cost U.S. victims $1.7 billion in 2019, according to internet crime figures from the FBI. Nigeria, meanwhile, remains a hotspot, if separate indictments against dozens of Nigerian citizens from November and August last year are any indication. The SilverTerrier group is partly responsible […]

The post Nigerian email scammers upped their game, averaging 90,000 attacks monthly in 2019 appeared first on CyberScoop.

Continue reading Nigerian email scammers upped their game, averaging 90,000 attacks monthly in 2019→

FBI accuses Russian man of laundering money for a transnational cybercrime network

Posted on March 30, 2020 by Jeff Stone

FBI agents have arrested a Russian citizen accused of laundering money for a cybercriminal gang that allegedly stole funds from a range of U.S. banks. A complaint unsealed Monday against Maksim Boiko, 29, alleges that he worked with a transnational organized crime group, called QQAAZZ, by converting stolen money into cryptocurrency. The Russian man is “a significant cybercriminal who launders money for other cybercriminals” by giving them access to criminally controlled ban accounts, an FBI affidavit says. U.S. authorities previously indicted five Latvian men for their alleged involvement in the QQAAZZ operation. According to prosecutors, hackers who breached victims’ bank accounts would contact QQAAZZ seeking an account to wire stolen funds as part of a kind of “global, complicit bank drops service.” The Pittsburgh Post-Gazette and Seamus Hughes, the deputy director of the Program on Extremism at George Washington University and a specialist on court filings, first noticed the court records. […]

The post FBI accuses Russian man of laundering money for a transnational cybercrime network appeared first on CyberScoop.

Continue reading FBI accuses Russian man of laundering money for a transnational cybercrime network→

FBI turns to insurers to grasp the full reach of ransomware

Posted on March 30, 2020 by Jeff Stone

Tim Manley didn’t even know who to call. As the president of National Ink and Stitch, Manley had to figure out how to recover files that hackers had encrypted as part of a ransomware attack on the small screen-printing business. Malicious software called only “LockedIn” struck the Maryland company’s systems on Dec. 2, 2016, scrambling 16 years’ worth of the company’s intellectual property, like proprietary logos and designs. So Manley paid the two bitcoin that extortionists had demanded to free his files. It totaled about $1,500. Instead of letting National Ink and Stitch get back to work, though, the hackers asked for more money. That’s when the company president filed a report with the local police department and spent $110,000 on an IT contractor that, to this day, hasn’t recovered all the locked files. At the time, federal law enforcement wasn’t even on Manley’s list of potential allies. He didn’t alert the […]

The post FBI turns to insurers to grasp the full reach of ransomware appeared first on CyberScoop.

Continue reading FBI turns to insurers to grasp the full reach of ransomware→

Google catches North Korean, Iranian hackers impersonating journalists in phishing efforts

Posted on March 26, 2020 by Jeff Stone

Indiscriminate email hacking campaigns are so 2018. Some attackers have shifted away from sending a high volume of malicious emails in favor of more customized attacks aimed at high value targets. Google’s Threat Analysis Group, which tries to stop state-sponsored hacking, sent nearly 40,000 warnings in 2019 to users alerting them that they were the target of a government-backed phishing attempt. That figure is down by nearly 25% from 2018, the company said in a blog post Thursday. One-in-five of the accounts targeted in 2019 was targeted multiple times. “If at first the attacker does not succeed, they’ll try again using a different lure, different account, or trying to compromise an associate of the target,” Toni Gidwani, a security engineering manager at the company’s Threat Analysis Group, said in the blog post. Yet that drop preceded an uptick in 2020 in attempted attacks. The hackers behind the most recent wave […]

The post Google catches North Korean, Iranian hackers impersonating journalists in phishing efforts appeared first on CyberScoop.

Continue reading Google catches North Korean, Iranian hackers impersonating journalists in phishing efforts→

Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace

Posted on March 25, 2020 by Jeff Stone

Russian authorities arrested more than two dozen people as part of a law enforcement operation against an alleged network of illicit websites where users bought and sold stolen payment cards and personal data. The Federal Security Service (FSB) on March 20 apprehended 25 people, including Russians and foreign nationals, for their alleged roles in a digital identity theft ring, the agency announced on Tuesday. The accused scammers were allegedly running a dark web marketplace called BuyBest, or GoldenShop, and dozens of corresponding “mirror” websites, according to an alert from the threat intelligence firm Gemini Advisory, which was obtained by CyberScoop. Alexey Stroganov, an accused hacker who went by the name “Flint24,” was among those arrested, according to a court file posted on a Moscow city website. A partial list of those those charged appears to have been published on a LiveJournal page. Multiple discussion forums on Russian-language cybercriminal markets were focused on the […]

The post Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace appeared first on CyberScoop.

Continue reading Rare cybercrime enforcement in Russia yields 25 arrests, shutters ‘BuyBest’ marketplace→

Scammers tried using kids apps in the Google Play store to generate cash

Posted on March 24, 2020 by Jeff Stone

Fifty-six apps in Google’s Play store included malicious software that leveraged victims’ devices to click on mobile advertisements, artificially inflating the traffic to those ads and helping scammers make money. Research published Tuesday by the security firm Check Point Technologies details how fraudsters used the network of apps, which were downloaded more than 1 million times, to exploit users’ trust and make a buck. Unlike so many other ad fraud efforts, this campaign was tailored toward children, with 24 of the 56 apps marketed towards kids. Entertainment apps and games with titles like “Cooking Delicious” and “Let Me Go,” a puzzle app, tempted kids into downloading, and then launched the malicious tool. The apps included “Tekya,” a so-called clicker malware that clicked banners and other ads from a variety of sources. Along with kids’ apps, Tekya also came embedded in cooking, calculator, translation and other utility apps. Google removed all […]

The post Scammers tried using kids apps in the Google Play store to generate cash appeared first on CyberScoop.

Continue reading Scammers tried using kids apps in the Google Play store to generate cash→