Two Ukrainians charged with hacking into SEC’s EDGAR database

The Securities and Exchange Commission and Department of Justice announced charges Tuesday against an alleged Ukrainian hacker and several other suspects in a scheme where nonpublic information was taken from the commission’s corporate filing system and used for illegal financial trading. Oleksandr Ieremenko is alleged to have hacked into the SEC’s EDGAR system, accessing “test files,” which companies can use to submit information ahead of their public earnings reports. Sometimes companies include nonpublic information in those filings. According to the SEC and U.S. Attorney’s Office of  New Jersey, Ieremenko extracted nonpublic test files from SEC servers, and then passed the information to different groups of traders. The traders made transactions before at least 157 earnings releases from May to October 2016, generating at least $4.1 million in illegal profits. The SEC discovered the breach in 2016 after realizing there was a vulnerability in the EDGAR system. The agency didn’t suspect until […]

The post Two Ukrainians charged with hacking into SEC’s EDGAR database appeared first on CyberScoop.

Continue reading Two Ukrainians charged with hacking into SEC’s EDGAR database

Justice Department hopes to disrupt ‘dumbest tradition ever’ with latest DDoS seizure

Law enforcement may have just ruined what’s become a holiday tradition for cybercriminals who spend Christmas knocking gaming websites offline. The U.S. Department of Justice announced on Thursday officials had seized 15 internet domains that made it possible for web users to launch distributed denial-of-service attacks, which render software inaccessible by flooding targets with fake traffic. The sites involved in the takedown were known as “booter” and “stresser” websites, which enabled users to easily launch DDoS attacks like the kinds that have hit Sony’s PlayStation and Microsoft’s Xbox services in recent Christmas seasons. Prosecutors also filed charged against two men with conspiring to violate the Computer Fraud and Abuse Act by allegedly operating DDoS-for-hire services known as Downthem and Ampnode. In another case, investigators charged a 23-year-old Pennsylvania man with operating a criminal service that was used to launch more than 50,000 attacks in 2018 alone. “The attack-for-hire websites targeted […]

The post Justice Department hopes to disrupt ‘dumbest tradition ever’ with latest DDoS seizure appeared first on CyberScoop.

Continue reading Justice Department hopes to disrupt ‘dumbest tradition ever’ with latest DDoS seizure

U.S. indicts China-linked group over wide-ranging hacking operations

The Justice Department on Thursday unsealed charges against two hackers linked with China’s civilian intelligence agency for a lengthy campaign to break into global technology service providers in efforts to steal intellectual property. The campaign targeted more than 45 companies in a dozen countries, including sectors ranging from aviation to pharmaceuticals, along with U.S. Navy, a Department of Energy laboratory, and NASA, prosecutors alleged. The defendants also stole the Social Security numbers and other personal information of over 100,000 Navy personnel, U.S. officials said. “The list of victim companies reads like a who’s who of the global economy,” FBI Director Christopher Wray said while announcing the charges. Other companies targeted included those in manufacturing, oil and gas, and maritime technology, U.S officials said. The pair of hackers – Zhu Hua and Zhang Shilong – are accused of being part of a Chinese hacking group known as APT10 or Cloudhopper. Industry […]

The post U.S. indicts China-linked group over wide-ranging hacking operations appeared first on CyberScoop.

Continue reading U.S. indicts China-linked group over wide-ranging hacking operations

Five Men Responsible for 7,200-Foot Mushroom Cloud Explosion in Louisiana Sentenced to Prison

Employees of the company Explo Systems were sentenced on Friday for a criminal conspiracy involving Army explosives. Continue reading Five Men Responsible for 7,200-Foot Mushroom Cloud Explosion in Louisiana Sentenced to Prison

U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities

The Department of Justice unsealed indictments Wednesday against two Iranian men for conducting ransomware attacks against more than 200 organizations inside the United States, including municipalities, government agencies and hospitals. Prosecutors say that Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, used SamSam ransomware to lock the victims’ systems and demand bitcoin in order to decrypt their data. Savandi and Masouri racked up more than $6 million in ransom payments and caused more than $30 million in damages, according to the indictment issued by a grand jury in New Jersey. SamSam’s damage has been a public ordeal. The indictment includes notable cases like the attacks on the city of Atlanta, the city of Newark, the Port of San Diego, the Colorado Department of Transportation, and others. Six of the victims were health care-related organizations, prosecutors said. “Many of the victims were public agencies with missions that involve saving lives and performing other critical […]

The post U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities appeared first on Cyberscoop.

Continue reading U.S. indicts two over SamSam ransomware attacks that hit Atlanta, other cities

U.S. cybercrime-fighters enter agreements with Indonesia, Singapore

When U.S. officials return from international conferences this week they can be thankful for bolstered cybersecurity alliances with two Southeast Asian countries.   The government has struck separate deals with Indonesia and Singapore to strengthen bilateral cooperation on fighting international cybercrime. Deputy Attorney General Rod Rosenstein and Indonesia’s police chief on Monday reached an agreement to increase U.S. training of Indonesian law enforcement officials to combat cyberattacks such as ransomware and to better use digital forensics, according to Straits Times newspaper. The State Department meanwhile signed a declaration of intent with Singapore’s Cybersecurity Agency to increase training and the sharing of technical information, ZDNet reported. Both Singapore and Indonesia are members of the Association of Southeast Asian Nations (ASEAN), an intergovernmental organization made up of members that increasingly have been targeted by hackers, researchers warned this year. Singapore in July said it had been victimized in its largest-ever cyberattack, in which suspected nation-state […]

The post U.S. cybercrime-fighters enter agreements with Indonesia, Singapore appeared first on Cyberscoop.

Continue reading U.S. cybercrime-fighters enter agreements with Indonesia, Singapore

Russian APT activity is resurgent, researchers say

Cybersecurity researchers have detected new spearphishing and malicious-email campaigns associated with two Russian-government-linked hacking groups known for breaching the Democratic National Committee in 2016. One campaign spotted by Palo Alto Networks featured a wave of malicious documents targeting government organizations in Europe, North America, and an unnamed former Soviet state. The documents, which researchers intercepted in late October and early November, included a variant of the Zebrocy Trojan that sends screenshots of a victim’s network back to a command-and-control server. Unit 42, Palo Alto Networks’ intelligence team, tied the malicious-email campaign to the Sofacy Group, a Russian hacking outfit also known as APT28 and Fancy Bear, which has deployed Zebrocy. Meanwhile, FireEye researchers on Monday published details on a spearphishing offensive that had technical similarities with a 2016 campaign from the APT29 Russian hacking group. Western governments have attributed APT28 and APT29 to different parts of Russia’s intelligence services. The campaign tracked by FireEye sent malicious […]

The post Russian APT activity is resurgent, researchers say appeared first on Cyberscoop.

Continue reading Russian APT activity is resurgent, researchers say

U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals

The Department of Justice’s second-in-command has called on other countries to step up their efforts to extradite accused cybercriminals, warning that the U.S. will “expose” countries that “manipulate the extradition process.” “We will identify nations that routinely block the fair administration of justice and fail to act in good faith,” Deputy Attorney General Rod Rosenstein told a general assembly of Interpol, an international police organization, on Sunday. “In some instances, nations shield their citizens from the rule of law with schemes that waste resources, cause needless delay, thwart investigative efforts, and undermine justice,” Rosenstein said in his prepared remarks. The U.S. processes extraditions “without regard to the nationality of the offender, but that cooperation must be reciprocated,” Rosenstein said. Rosenstein cited the case of Aleksey Belan, a Russian national charged with helping compromise 500 million Yahoo email accounts in 2014. In 2012, Belan was charged in a separate hack of […]

The post U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals appeared first on Cyberscoop.

Continue reading U.S. warns countries not to ‘manipulate the extradition process’ for cybercriminals

Chinese economic espionage is target of new Justice Department initiative

Department of Justice officials say alleged Chinese economic espionage is “increasingly rapidly,” and they have established a high-level initiative dedicated to countering what they call a pervasive threat to U.S. national security. Led by Assistant Attorney General John Demers and staffed by senior DOJ officials, the new initiative will work to counter various forms of Chinese economic espionage, including the targeting of U.S. centers of ingenuity like universities, Attorney General Jeff Sessions said Thursday. The effort could lead the department to make recommendations to Congress for legislation to address the threat, he added. “Chinese economic espionage against the United States has been increasing and it has been increasing rapidly,” Sessions said at a press conference. “We are here today to say, ‘Enough is enough.’ We’re not going to take it anymore.” The Chinese government, Sessions said, was “notorious around the world” for intellectual property theft. Beijing has denied such allegations. The new DOJ […]

The post Chinese economic espionage is target of new Justice Department initiative appeared first on Cyberscoop.

Continue reading Chinese economic espionage is target of new Justice Department initiative

DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits

In unsealing charges Tuesday against 10 Chinese nationals, the Department of Justice showed its focus is on China’s civilian intelligence agency, which analysts say has become Beijing’s preferred arm for conducting economic espionage. The agency, the Ministry of State Security, is more professional and technical in its hacking operations than China’s People Liberation Army, according to CrowdStrike co-founder Dmitri Alperovitch. “We have seen [the MSS], over the years, break into [corporate] organizations,” Alperovitch said Tuesday at an event hosted by The New York Times. “They were always better technically than the PLA.” After a landmark 2015 agreement between the United States and China not to steal intellectual property, Chinese activity in that vein tapered off for about a year, according to Alperovitch. Now, he said, it is back in full force. “[W]e’re seeing, on a weekly basis, intrusions into U.S. and other Western companies from Chinese actors,” with the MSS […]

The post DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits appeared first on Cyberscoop.

Continue reading DOJ indictment spotlights China’s civilian intel agency – and its hacker recruits