Collaborate Disseminate
The Department of Justice and FBI announced they used remote access technology to shut down a Sandworm botnet.
The post DOJ’s Sandworm operation raises questions about how far feds can go to disarm botnets appeared first on CyberScoop.
The sixth and final defendant in a gang accused of perpetrating a multimillion-dollar SIM hijacking case was sentenced to 10 months in prison and ordered to pay more than $121,000 in restitution, the Department of Justice announced Tuesday. Garrett Endicott, 22, from Missouri, was connected to a hacking group known as “The Community,” which engaged in a string of SIM hijacking incidents targeting individual users’ cryptocurrency exchange accounts in seven states, according to DOJ. SIM hijacking, or SIM swapping, is a technique where an attacker takes control of a target’s phone number, allowing the attackers to receive text messages and other forms of two-factor authentication protocols that are then used to log into accounts. The gang, known as “The Community,” faced charges of conspiracy to commit wire fraud, wire fraud and aggravated identity theft. Three people who worked for mobile phone providers and helped the gang were also charged with […]
The post Final defendant in multimillion-dollar SIM hijacking scheme sentenced to prison appeared first on CyberScoop.
Continue reading Final defendant in multimillion-dollar SIM hijacking scheme sentenced to prison
Two Iranian nationals engaged in a sprawling effort to interfere in the 2020 U.S. elections — including by gaining access to confidential voter information from at least one state election website and attempting to access 11 states in total — according to a federal indictment unsealed Thursday. The defendants, Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, face charges of computer fraud, voter intimidation and transmission of interstate threats. Part of the campaign was allegedly sending emails to Democratic voters purportedly from the Proud Boys, a right wing nationalist hate group, demanding that they vote for former President Trump. That effort was quickly identified by journalists and the U.S. government as a likely Iranian interference effort. The initial reporting on the Proud Boys emails painted a picture of a crude campaign that was almost immediately unmasked. But Thursday’s indictment suggests a much more complex operation. Officials told reporters […]
The post Two Iranian hackers charged in sprawling effort to interfere in 2020 U.S. election appeared first on CyberScoop.
Continue reading Two Iranian hackers charged in sprawling effort to interfere in 2020 U.S. election
The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities. Continue reading Hoax Email Blast Abused Poor Coding in FBI Website
Federal prosecutors on Wednesday unsealed an indictment against a 22-year-old British man accused of stealing $784,000 in cryptocurrency from a Manhattan-based holding company. U.S. attorneys in the Southern District of New York say Joseph James O’Connor and his associates SIM-swapped three executives between March and May in 2019 at a company that maintained cryptocurrency wallet infrastructure for various international exchanges. SIM-swapping occurs when an attacker takes control of a victim’s phone number by linking the number to a device controlled by the attacker. CyberScoop could not immediately locate an attorney for O’Connor. The operation netted the group various amounts of litecoin, ethereum, and bitcoin totaling roughly $784,000. The indictment, originally filed on Aug. 25, charges O’Connor with conspiracy to commit computer hacking, conspiracy to commit wire fraud, aggravated identity theft and conspiracy to commit money laundering. O’Connor — also known as “PlugWalkJoe” — was arrested in Spain in July after […]
The post Suspect in scheme to breach major Twitter accounts is now charged with hacking crypto executives appeared first on CyberScoop.
Investigators recovered $2.3 million in bitcoin paid by the Colonial Pipeline Company to DarkSide following a ransomware attack in early May. On June 7, the Department of Justice (DOJ) revealed that law enforcement agencies had been tracking trans… Continue reading DOJ Recovers $2.3M in Bitcoin Ransom Paid by Colonial Pipeline
Top U.S. national security officials on Tuesday explained some ideal elements to a potential national data breach reporting law, describing the idea as one pathway to stopping massive security incidents like the SolarWinds hack. A national data breach reporting law would need to be clear and concise for companies to follow it, and generally not be a huge burden, said Tonya Ugoretz, deputy assistant director of the FBI. It also might function as an alternative to government surveillance of private sector networks, a controversial idea previously suggested as a means of detecting cyber-espionage. Such a law should be focused on receiving reports about only especially sensitive breaches, such as those which jeopardize national security and critical infrastructure or that compromise U.S. government information, Ugoretz said during a prerecorded segment that aired at the virtual 2021 RSA Conference. However, Ugoretz and Adam Hickey, the deputy assistant attorney general and the Justice […]
The post National security officials outline hopes for national data breach notification law appeared first on CyberScoop.
Continue reading National security officials outline hopes for national data breach notification law
Several Ticketmaster executives conspired a hack against a rival concert presales firm, in attempt to ‘choke off’ its business. Continue reading Ticketmaster Coughs Up $10 Million Fine After Hacking Rival Business
The underground payment-card data broker saw its blockchain DNS sites taken offline after an apparent law-enforcement effort – and now Tor sites are down. Continue reading Joker’s Stash Carding Site Taken Down
The U.S. Department of Justice on Wednesday announced that an unnamed defendant has pleaded guilty in connection with a cyberattack that rocked the internet in 2016. The October 2016 distributed denial-of-service attack affected Dyn, an internet infrastructure company, before rippling out to cause outages for sites including Twitter, Netflix, Spotify, AirBnb and Reddit, among others. DDoS attacks typically occur when attackers access a network of hacked computers, then direct those connections to a single point on the web, overwhelming the target with traffic and knocking it offline. In this case, the defendant in question conspired with others in September and October 2016 to leverage an offshoot of an army of hackers computers known as the Mirai botnet, the Justice Department said Wednesday. The malicious tool relied on connected video cameras, recorders and other devices to carry out the incident. Authorities withheld the name of the defendant because they were a […]
The post Suspect in case of Mirai botnet, which knocked major sites offline in 2016, pleads guilty appeared first on CyberScoop.