Hackaday Prize 2022: An Eastern Bloc NES Clone

If Nintendo is known for anything outside of their characters and admittedly top-notch video games, it’s being merciless to fans when it comes to using their intellectual property. They take …read more Continue reading Hackaday Prize 2022: An Eastern Bloc NES Clone

Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals

Four Eastern European men pleaded guilty to a scheme overseeing websites that hosted malware used to cause victims hundreds of millions of dollars in losses, the Justice Department said Friday. Russian nationals Aleksandr Grichishkin and Andrei Skvortsov, along with Aleksandr Skorodumov from Lithuania and Pavel Stassi of Estonia, allegedly oversaw an organization that rented IP addresses, computers servers and domains to cybercriminals between 2008 and 2015.  The practice, known as “bulletproof hosting,” is popular with digital thieves trying to evade law enforcement agencies. Grichishkin, Skvortsov, Skorodumov and Stassi pleaded guilty to one count of RICO conspiracy. They each face up to 20 years in prison. Crooks have used the hacking tools allegedly hosted by the defendants’ organizations to repeatedly infect U.S. financial institutions and defraud victims. That includes Zeus, a notorious piece of malicious code that a variety of criminals have used to steal over $100 million from victims. Despite […]

The post Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals appeared first on CyberScoop.

Continue reading Four men plead guilty to being go-to ‘bulletproof’ hosts for cybercriminals

Before targeting Belarus, Eastern Europe-focused hackers flew under the radar

A mysterious cyber-espionage group, active for nearly a decade but documented in detail by private researchers for the first time Friday, has been hacking into government organizations in Eastern Europe in search of secrets. The hacking group has targeted military organizations, foreign ministries and private firms in Russia, Ukraine, Belarus and the Balkans with pinpoint espionage. Researchers from the anti-virus firm ESET, which claimed the discovery and christened the group “XDSpy,” said the attackers have been scouring a few dozen computers in search of sensitive PDF and Microsoft Word documents. One of the few other public indicators that XDSpy was on the prowl came from a February advisory from the Belarusian government’s National Computer Emergency Response Team. That statement listed four Belarusian government email accounts that had been compromised by the attackers, but warned that various government officials had been targeted. The broader region has long been subject to cyber-espionage activity, as hackers from […]

The post Before targeting Belarus, Eastern Europe-focused hackers flew under the radar appeared first on CyberScoop.

Continue reading Before targeting Belarus, Eastern Europe-focused hackers flew under the radar

‘Turla’ spies have been stealing documents from foreign ministries in Eastern Europe, researchers find

A notorious group of suspected Russian hackers have used a revamped tool to spy on governments in Eastern Europe and quietly steal sensitive documents from their networks, researchers said Tuesday. The discovery shines greater light on the operations of Turla, an elite cyber-espionage group that’s been around well over a decade and is widely believed to be working on behalf of Russia’s FSB intelligence agency. It’s the latest example of Turla’s ability to write code designed to lurk on victim computers for years and extract state secrets. Turla is “still actively developing complex and custom pieces of malware in order to achieve long-term persistence in their target’s network,” said Matthieu Faou, a malware researcher at anti-virus firm ESET, who analyzed the code. The attacks started roughly two years ago, and hit two foreign affairs ministries in Eastern Europe and a national parliament in the Caucasus region bordering Russia, according to […]

The post ‘Turla’ spies have been stealing documents from foreign ministries in Eastern Europe, researchers find appeared first on CyberScoop.

Continue reading ‘Turla’ spies have been stealing documents from foreign ministries in Eastern Europe, researchers find

Romanian police bust hackers allegedly plotting ransomware attacks on hospitals

Romanian authorities said Friday they had disrupted a cybercriminal group that planned to conduct ransomware attacks on hospitals in the country. The hackers intended to pose as government officials and send malicious emails to public health institutions that purported to contain information on the coronavirus, according to the Directorate for Investigating Organized Crime and Terrorism (DIICOT), one of Romania’s top law enforcement agencies. Such ransomware attacks could disrupt the IT systems of hospitals, DIICOT said. But before that could happen, police and security officials said they searched the suspects’ properties in Romania and neighboring Moldova. All four suspects were arrested, ZDNet reported. The hackers planned to threaten hospitals to protest Romania’s state of emergency, which has restricted public gatherings during the COVID-19 pandemic, according to Romanian news outlet Stirile Pro Tv. The threat of attacking hospitals would be a much more serious crime than the website defacements and other low-skill digital mischief usually […]

The post Romanian police bust hackers allegedly plotting ransomware attacks on hospitals appeared first on CyberScoop.

Continue reading Romanian police bust hackers allegedly plotting ransomware attacks on hospitals

Russian intelligence-backed hackers go after Armenian government websites with new code

Computer code used by hackers tied to Russia’s FSB intelligence agency has haunted governments around the world for years. The hackers’ tools have been associated with a damaging breach of U.S. military networks in the mid-to-late 1990s, and used in a cunning hijacking of Iranian infrastructure more than two decades later. Now, malware analysts have surfaced a new piece of code that they say the Russian hacking group, dubbed Turla, is using to spy on government websites in the Eurasian country of Armenia. The Turla operatives set up malicious web infrastructure known as a “watering hole” in an apparent attempt to surveil Armenian government officials last year. “It is likely that the Turla operators already know who they want to target and may even know the ranges of IP addresses they generally use” before carrying out an operation, said Matthieu Faou, malware researcher at ESET, the antivirus firm that discovered the campaign. ESET knows of […]

The post Russian intelligence-backed hackers go after Armenian government websites with new code appeared first on CyberScoop.

Continue reading Russian intelligence-backed hackers go after Armenian government websites with new code

Google will soon open a cloud region in Poland

Google today announced its plans to open a new cloud region in Warsaw, Poland to better serve its customers in Central and Eastern Europe. This move is part of Google’s overall investment in expanding the physical footprint of its data centers. Only a few days ago, after all, the company announced that, in the next […] Continue reading Google will soon open a cloud region in Poland

Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq

Facebook announced on Monday its taken hundreds of accounts, pages and groups offline upon determining they were engaged in separate information operations with roots in Iraq and Ukraine. The company caught 244 accounts, 269 pages, 80 groups and seven Instagram pages that were used to mislead legitimate Facebook users about their behavior, Nathaniel Gleicher, Facebook’s head of cybersecurity policy, said in a blog post. Facebook has for months publicized its account removals, in which the social media giant scrubs pages deemed to be violating Facebook policy, typically by lying about their true location or account owner. The company’s general term for the offenses is “coordinated inauthentic behavior.” Gleicher repeatedly has stressed that Facebook takes these actions based on apparent user behavior, not the content posted. In this case, Facebook removed 168 accounts, 149 pages and 79 groups for activity focused on Ukraine. People involved in this operation used fake identities […]

The post Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq appeared first on CyberScoop.

Continue reading Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq