New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing

In one of his regular sweeps for new malicious software targeting Android phones, security researcher Vitor Ventura came across what looked like a run-of-the mill hacking tool. Like so many pieces of code before it, the malware was capable of stealing information from a mobile device and sending it back to a command and control server. But when Ventura dug deeper, he found that the remote access trojan (or RAT, as the tool is commonly known) was capable of surreptitiously recording conversations and taking screenshots. Spying, rather than immediately making money off of the illicit access, was the apparent goal. On Tuesday, Ventura and his colleagues at Talos, Cisco’s threat intelligence unit, publicly connected the new Android tool to the malware developers behind a multi-year effort to spy on people from South America to Bangladesh. Much about the people behind the hacking campaign is a mystery. Ventura and his colleagues […]

The post New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing appeared first on CyberScoop.

Continue reading New hacking tool targeting Bangladesh Android users blurs lines between spying and stealing

Facebook links activities of OceanLotus hackers to IT firm in Vietnam

By Deeba Ahmed
The social network has barred Vietnamese APT32 and a Bangladeshi group of hackers from using its platforms for their malicious purposes.
This is a post from HackRead.com Read the original post: Facebook links activities of OceanLotus hac… Continue reading Facebook links activities of OceanLotus hackers to IT firm in Vietnam

Financial system not keeping up with cyberthreats, new report says

Four years after the biggest bank hack ever, the global financial system remains vulnerable to cyberattacks that could cause severe disruptions, according to a report Wednesday that draws advice from government officials, the financial industry and other experts. The assessment from the Carnegie Endowment for International Peace and the Word Economic Forum is the culmination of years of work, with touchstones ranging from the 2016 Bangladesh Bank heist where hackers made off with $81 million to a recent Chilean bank ransomware attack that shut down all of its branches. “Our big concern is that if you look at what’s happened during the pandemic, but even before with the escalating threat that’s targeting the financial system from the Bangladesh incident to the Chile outage back in September, we’re clearly not keeping up with the threat and how quickly it’s evolving,” said Tim Maurer, director of Carnegie’s Cyber Policy Initiative. “The government and industry need […]

The post Financial system not keeping up with cyberthreats, new report says appeared first on CyberScoop.

Continue reading Financial system not keeping up with cyberthreats, new report says

$3 million hack of Bangladesh ATMs was by Russian group called Silence, researchers say

A small Russian hacking group should be considered the main suspect in a bank heist of $3 million in Bangladesh, according to research published Wednesday. The group, which researchers are calling “Silence,” appears to have softened up access controls on Dutch Bangla Bank ATMs before money mules made a series of cash withdrawals ending on May 31, according to Group-IB, an international security vendor with headquarters in Singapore. Infrastructure used in the past by Silence hackers communicated with external IPs from Dutch Bangla Bank in the months prior to the cash extractions, Group-IB said. By abusing access to the banking system, Silence could have removed withdrawal limits on the ATMs. The money mules were caught on security cameras. Local law enforcement officials previously said the crooks might be connected with Lazarus Group, a cybercrime organization linked to North Korea, according to local news reports. Lazarus is the same hacking team that was blamed for trying to steal nearly $1 […]

The post $3 million hack of Bangladesh ATMs was by Russian group called Silence, researchers say appeared first on CyberScoop.

Continue reading $3 million hack of Bangladesh ATMs was by Russian group called Silence, researchers say

Hackers turn Bangladeshi embassy website into cryptomining scheme

The websites of foreign embassies are often where people go to download visa applications and other documents They are also ripe openings for embedding malware. Criminal hackers have taken notice. In the case of the Bangladesh Embassy in Cairo, attackers appear to be using the website to mine cryptocurrency, according to research published Wednesday by SpiderLabs, the security team of Chicago-based company Trustwave. Almost the entire embassy website appears to be compromised, with nearly every attempt to access a URL ending in a request to save a malicious file, the researchers said. Only three of 69 antivirus engines detected the infected website as malicious. “This level of compromise usually indicates the attacker’s ability to not only upload their own data, but also change the web server’s configuration,” SpiderLabs’ Nikita Kazymirskyi wrote in a blog post. The hackers appear to have breached the website in October. In January, SpiderLabs noticed a Microsoft Word […]

The post Hackers turn Bangladeshi embassy website into cryptomining scheme appeared first on CyberScoop.

Continue reading Hackers turn Bangladeshi embassy website into cryptomining scheme

U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy

The DoJ said a DPRK spy, Park Jin-hyok, was involved in “a conspiracy to conduct multiple destructive cyberattacks around the world.” Continue reading U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy

Pakistani hackers deface Google Bangladesh domain

By Waqas

A group of Pakistani hackers going by the online handle of Team Pak Cyber Attackers hacked and defaced the official Google Bangladesh domain Tuesday morning. The group left a deface page along with a message on the targeted domain taunting security measures implemented by Google. The Internet users in Bangladesh were shocked when they witnessed their search […]

This is a post from HackRead.com Read the original post: Pakistani hackers deface Google Bangladesh domain

Continue reading Pakistani hackers deface Google Bangladesh domain