Financial – Page 28 – WindowsTechs.com

FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme

Posted on November 17, 2020 by Jeff Stone

One of the ringleaders of FIN7, a global hacking crew accused of stealing more than $1 billion by posing as a cybersecurity vendor, has admitted his role in the scheme. Andrii Kolpakov pleaded guilty on Monday to conspiracy to commit wire and bank fraud and conspiracy to commit computer hacking as part of his involvement with FIN7. U.S. prosecutors had accused Kolpakov, a Ukrainian national, of working as a manager and recruiter for the crew, a role in which he hired and supervised computer specialists who spent their days stealing payment card information from dozens of companies, including Chipotle, Red Robin and Sonic Drive-In. “During the course of the scheme, [Kolpakov] received compensation for his participation in FIN7, which far exceeds comparable legitimate employment in Ukraine,” the plea deal notes. “For the purposes of this plea agreement, the parties agree that — during [Kolpakov’s] participation in the malware scheme — […]

The post FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme appeared first on CyberScoop.

Continue reading FIN7 recruiter Andrii Kolpakov pleads guilty to role in global hacking scheme→

Video game company Capcom details attack, data breach by ransomware gang

Posted on November 16, 2020 by Joe Warminsky

The Japanese video game company known for the “Resident Evil” and “Street Fighter” series confirmed Monday that a ransomware attack in early November potentially exposed data about thousands of customers and business partners. In a news release, Capcom said an investigation of the Nov. 2 breach showed that personal information of a handful of current and former employees definitely had been compromised, as well as company sales reports and other financial information. Another 350,000 records of employees, shareholders, customers and other business partners also may have been exposed, Capcom said, but it was unsure of the exact number because log files had been lost because of the attack. The company confirmed that the ransomware gang known as Ragnar Locker was responsible for the attack, and said it had referred the matter to law enforcement in Japan and the U.S., as well as data protection agencies in Japan and Europe. Earlier reports […]

The post Video game company Capcom details attack, data breach by ransomware gang appeared first on CyberScoop.

Continue reading Video game company Capcom details attack, data breach by ransomware gang→

TikTok gets extensions on US sale order, ban enforcement

Posted on November 13, 2020 by Tim Starks

The Trump administration is giving Beijing-based ByteDance 15 more days to divest in popular video-sharing app TikTok, the Treasury Department said Friday. The Treasury Department statement is the second executive branch reprieve in as many days for TikTok, which the Trump administration has sought to ban in the United States. The Commerce Department also said Thursday that it wouldn’t start enforcing a TikTok ban as a court battle continues. The Trump administration cited the national security threat posed by the China-based company as a reason for the ban, given the vast amounts of personal information TikTok collects. TikTok has said it doesn’t share data with the Chinese government. Thursday was the date the Commerce Department had set to implement an executive order that would have forbidden U.S. companies from providing internet and content delivery services to TikTok, which would have effectively shut down its ability to operate in the U.S. […]

The post TikTok gets extensions on US sale order, ban enforcement appeared first on CyberScoop.

Continue reading TikTok gets extensions on US sale order, ban enforcement→

Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say

Posted on November 12, 2020 by Joe Warminsky

Restaurants, bars and hotels are taking a big hit from the coronavirus pandemic, but they still can be inviting targets for cybercriminals. A point-of-sale-system widely used in the hospitality industry to process credit card payments and other transactions — ORACLE MICROS Restaurant Enterprise Series (RES) 3700 — is vulnerable to a backdoor that allows attackers to see some of the information in the system’s databases, according to researchers at Slovakia-based cybersecurity company ESET. The researchers stress that highly sensitive pieces of information — such as credit card numbers and expiration dates – do not appear to be vulnerable to the malware, which they’re calling ModPipe. The malicious software, for now, harvests only “data stored in the clear,” ESET says, including cardholder names. But ModPipe potentially could be the conduit for more harmful malware, given that it is modular — meaning that it’s designed for attackers to swap features in and out. […]

The post Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say appeared first on CyberScoop.

Continue reading Well-developed backdoor can harvest information from restaurants, bars and hotels, researchers say→

Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events

Posted on November 10, 2020 by Tim Starks

There’s a relatively small swath of cyberattacks mixed among the more common variety that are truly extreme, costing tens of million of dollars and beyond, or exposing millions of records. A report out Tuesday identified a little over 100 that fit that description over the past five years. The researchers learned that these massive events cost a median of $47 million and usually came via straightforward hacks or ransomware. They appear to be growing more frequent, and nation-state hackers are behind them to a surprising degree, the report says. But the report from the Cyentia Insitute, a data science firm, also found that these extreme attacks don’t affect all their targets in the same way. Some cost companies nearly 100 times their revenue, while others were still just a drop in the bucket, costing as little as 0.1 % of their revenue. And the financial, information and manufacturing sectors accounted for more than half of the 103 incidents. “What […]

The post Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events appeared first on CyberScoop.

Continue reading Not all cyberattacks are created equal: What researchers learned from 103 ‘extreme’ events→

Crooks behind Ghimob banking trojan have ambitions far beyond Brazil, researchers say

Posted on November 9, 2020 by Sean Lyngaas

Cybercriminals have used a new malicious software kit to target banking customers in Brazil, but harbor ambitions far beyond the Latin American country, security researchers said Monday. The data that anti-virus company Kaspersky released shows how an enterprising group of crooks has used Brazil to fine-tune their banking trojan, as the financially-focused malware is called. After successfully infecting numerous victims in Brazil, the campaign has expanded to other Portuguese-speaking countries, from Angola to Mozambique to Portugal. Ghimob, as the newly discovered trojan is known, has a series of features that could make it more effective than previous attempts by Brazilian malware developers to target users abroad, according to the researchers. It is a “full-fledged spy in your pocket” that siphons off data through a number of means, Kaspersky researcher Fabio Assolini and his colleagues wrote in a blog post. It’s a fraudulent app, hosted outside of the Google Play Store, that once installed […]

The post Crooks behind Ghimob banking trojan have ambitions far beyond Brazil, researchers say appeared first on CyberScoop.

Continue reading Crooks behind Ghimob banking trojan have ambitions far beyond Brazil, researchers say→

DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market

Posted on November 5, 2020 by Tim Starks

The Department of Justice said Thursday that it seized approximately $1 billion worth of bitcoin, its biggest cryptocurrency seizure ever. The announcement solves a a years-old mystery about the shuttered Silk Road dark web market for illegal drugs and other unlawful goods, widely regarded as the largest and most extensive dark web marketplace of its time before its 2013 demise. The law enforcement action solves another riddle about a bitcoin wallet that just saw a nearly identically valued amount of cryptocurrency withdrawn after sitting dormant for a long time. “The successful prosecution of Silk Road’s founder in 2015 left open a billion-dollar question. Where did the money go?” said U.S. Attorney David Anderson. “Today’s forfeiture complaint answers this open question at least in part. $1 billion of these criminal proceeds are now in the United States’ possession.” Motherboard reported Wednesday on the Election Day emptying of the wallet. Then the complaint, filed Thursday, detailed […]

The post DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market appeared first on CyberScoop.

Continue reading DOJ seizes $1 billion in cryptocurrency tied to Silk Road dark web market→

Nothing is sacred: Ransomware attack hit toy maker Mattel’s systems this summer

Posted on November 4, 2020 by Tim Starks

Count the company behind Barbie dolls and Fisher-Price toys among the ever-growing list of digital extortion victims. A ransomware attack struck toy manufacturer Mattel this summer, the company said in a financial disclosure to the U.S. Securities and Exchange Commission. In a year when ransomware has threatened elections, hospitals and schools, the attack on Mattel demonstrates once more that the attack method is leaving no kind of target untouched. In its Nov. 3 quarterly report, Mattel said it emerged from the attack largely unscathed, however. It discovered the intrusion on July 28, when a number of its IT systems became encrypted. “Promptly upon detection of the attack, Mattel began enacting its response protocols and taking a series of measures to stop the attack and restore impacted systems,” the company said. “Mattel contained the attack and, although some business functions were temporarily impacted, Mattel restored its operations.” The report continued: “A forensic investigation of the […]

The post Nothing is sacred: Ransomware attack hit toy maker Mattel’s systems this summer appeared first on CyberScoop.

Continue reading Nothing is sacred: Ransomware attack hit toy maker Mattel’s systems this summer→

$100 million botnet scheme earns Russian man 8 years in prison

Posted on November 2, 2020 by Tim Starks

A U.S. judge sentenced a Russian national to eight years in prison over his role in stealing personal and financial information via a botnet conspiracy that aimed to generate an estimated $100 million. Prosecutors announced the sentence Monday for Aleksandr Brovko, who pleaded guilty in February to conspiracy to commit bank and wire fraud. From 2007 to 2019, according to the Department of Justice, Brovko collaborated with other cybercriminals to turn data troves harvested by botnets — networks of infected computers — into cash. Brovko’s role was to write software scripts to go through botnet logs and conduct data searches to extract highly sensitive personal information and online banking credentials, as well as scout out the value of compromised accounts to determine whether they’d be worth using to conduct fraud. In all, prosecutors said, Brovko possessed and trafficked more than 200,000 “unauthorized access devices,” a term for credit cards, mobile identification […]

The post $100 million botnet scheme earns Russian man 8 years in prison appeared first on CyberScoop.

Continue reading $100 million botnet scheme earns Russian man 8 years in prison→

EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack

Posted on October 22, 2020 by Tim Starks

The European Union on Thursday sanctioned the head of a Russian military intelligence unit, an alleged hacker wanted by the FBI and a Russian government-linked hacking group over a 2015 cyberattack against Germany’s parliament. It’s only the second time the EU has issued cyber-related sanctions, following July sanctions against Russia, China and North Korea in connection with a string of unrelated cyberattacks. Now, as then, the General Staff Main Intelligence Directorate, commonly known as the GRU, is among the targets of the EU’s ire. Igor Kostyukov, head of the GRU, was hit with sanctions in Thursday’s action over the Bundestag hack. So, too, was alleged intelligence officer Dmitry Badin, previously indicted in the U.S. for his role in 2016 election interference. The EU also sanctioned the GRU-connected hacking group known as Fancy Bear, among other names, which the U.S. has likewise connected to 2016 election meddling. “The cyber-attack against the German federal parliament targeted the parliament’s information […]

The post EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack appeared first on CyberScoop.

Continue reading EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack→