Category Archives: Eastern Europe

Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq

Posted on by

Facebook announced on Monday its taken hundreds of accounts, pages and groups offline upon determining they were engaged in separate information operations with roots in Iraq and Ukraine. The company caught 244 accounts, 269 pages, 80 groups and seven Instagram pages that were used to mislead legitimate Facebook users about their behavior, Nathaniel Gleicher, Facebook’s head of cybersecurity policy, said in a blog post. Facebook has for months publicized its account removals, in which the social media giant scrubs pages deemed to be violating Facebook policy, typically by lying about their true location or account owner. The company’s general term for the offenses is “coordinated inauthentic behavior.” Gleicher repeatedly has stressed that Facebook takes these actions based on apparent user behavior, not the content posted. In this case, Facebook removed 168 accounts, 149 pages and 79 groups for activity focused on Ukraine. People involved in this operation used fake identities […]

The post Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq appeared first on CyberScoop.

Continue reading Latest Facebook shutdown involves hundreds of accounts misleading users in Ukraine, Iraq

Bank heist with FIN7 traits went down while leaders were on the run, research suggests

Posted on by

Digital thieves who spent more than two months lurking inside the networks of an Eastern European bank last year used the same techniques as the infamous cybercriminal gang known as FIN7 or Carbanak, according to new research. Romanian security vendor Bitdefender said Tuesday its researchers have uncovered new details about a bank heist in which hackers patiently collected employee credentials and other data meant to help them access banking data and control ATM networks. These findings coincide with previous researchers’ suggestion that FIN7 is a relatively large group made of perhaps a dozen individuals who have been able to weather law enforcement pressure while updating their hacking tactics. The 2018 breach at the bank, which Bitdefender declined to identify, occurred as international authorities were taking action against alleged members of FIN7, an organized crime group that threat intelligence researchers may have stolen $1 billion. The group carried out the attack detailed in […]

The post Bank heist with FIN7 traits went down while leaders were on the run, research suggests appeared first on CyberScoop.

Continue reading Bank heist with FIN7 traits went down while leaders were on the run, research suggests

Researchers paint different portraits of hackers behind Ryuk ransomware

Posted on by

Analysts poring over the Ryuk ransomware are coming to different conclusions about the hackers responsible and the victims they’re targeting, highlighting the subjective side of cyberthreat studies. One thing, however, is clear: the infectious malware pays. Newly published research from McAfee and Coveware finds that the average ransom payment involving Ryuk is more than 10 times that of other types of ransomware. Some victims of Ryuk “either lost their data or took on staggering financial risk to pay the ransom,” the researchers wrote. In some cases, Ryuk’s purveyors took big payouts of over 100 bitcoin (nearly $400,000 at current rates), in others they were satisfied with squeezing smaller sums from the victims, the McAfee-Coveware report said. The research follows a January report from another company, CrowdStrike, saying that hackers had earned $3.7 million from Ryuk since the ransomware emerged in August. Victims have reportedly included a North Carolina water utility and multiple […]

The post Researchers paint different portraits of hackers behind Ryuk ransomware appeared first on CyberScoop.

Continue reading Researchers paint different portraits of hackers behind Ryuk ransomware

Facebook scrubs accounts spreading disinformation in Moldova ahead of heated election

Posted on by

Facebook has removed nearly 200 accounts and pages for spreading fake news about Moldova ahead of an election that could deepen the divide between the country’s pro-Russian and pro-Western lawmakers. The social media company announced Wednesday it took 168 Facebook accounts, 28 pages and eight Instagram accounts offline for misleading users in Moldova about who they were. The pages posted frequently about political issues such as required Russian language education and  Moldova’s supposed reunification with Romania posed as a fact-checking organization or spread doctored photos, Facebook said. “Although the people behind this activity attempted to conceal their identities, our manual review found that some of this activity was linked to employees of the Moldovan government,” Facebook said. Roughly 54,000 accounts followed at least one of the pages Facebook has removed, and some 1,300 accounts followed one of the Instagram pages. Moldova, one of the poorest countries in Europe, is scheduled to […]

The post Facebook scrubs accounts spreading disinformation in Moldova ahead of heated election appeared first on CyberScoop.

Continue reading Facebook scrubs accounts spreading disinformation in Moldova ahead of heated election

Kaspersky: Physical devices used to steal ‘tens of millions’ from Eastern Europe banks

Posted on by

Banks in Eastern Europe were targeted with cyberattacks that involved the planting of physical devices on premises, according to a report from Russian cybersecurity company Kaspersky Lab published Thursday. Researchers say the attacks have resulted in “tens of millions of dollars” in damage at at least eight banks. “In some cases, it was the central office, in others a regional office, sometimes located in another country,” the report says. Kaspersky says the attacks, dubbed “DarkVishnya,” were carried out by in-person by a third party who planted devices that connect directly to the banks’ networks. The attackers used one of three tools, the researchers say: a laptop, a Raspberry Pi computer or a Bash Bunny — a USB drive-looking device specifically designed to deliver a malicious payload. Sergey Golovanov, a security expert at Kaspersky, told CyberScoop in an email that the researchers realized that physical devices were being used because of a discrepancy between the number of authorized devices versus […]

The post Kaspersky: Physical devices used to steal ‘tens of millions’ from Eastern Europe banks appeared first on Cyberscoop.

Continue reading Kaspersky: Physical devices used to steal ‘tens of millions’ from Eastern Europe banks

Symantec reveals state-sponsored group that doesn’t care for malware

Posted on by

A newly revealed hacking group has been going after diplomatic and military targets in a malware-less campaign that researchers say makes it difficult to detect. Over the last 10 months, the so-called Gallmaker group has conducted what appear to be cyber-espionage operations against several embassies belonging to an Eastern European country, according to research from cybersecurity company Symantec published Wednesday. The group, which researchers say is likely state-sponsored, has also targeted military and defense organizations in the Middle East. “The type of targets seen in the attacks really fit that of what an espionage group would be interested in,” Jon DiMaggio, senior threat intelligence analyst at Symantec, told CyberScoop. “If simply for financial gain, it would be odd to restrict targets to diplomatic, military and defense personnel.” Gallmaker’s end goal appears to collecting intelligence on its targets in the form of documents and communications, according to DiMaggio. Gallmaker’s hackers use […]

The post Symantec reveals state-sponsored group that doesn’t care for malware appeared first on Cyberscoop.

Continue reading Symantec reveals state-sponsored group that doesn’t care for malware