Collaborate Disseminate
DOJ charges six Russian nationals for their alleged part in the NotPetya, Ukraine power grid and Olympics cyberattacks. Continue reading DOJ Charges 6 Sandworm APT Members in NotPetya Cyberattacks
The Justice Department on Wednesday announced a wide-ranging operation to map and disrupt a botnet linked to North Korea that has infected numerous computers across the globe over the last decade. Through a search warrant and court order, the department inflicted a potentially damaging blow to the so-called Joanap botnet, which U.S. officials attributed to the North Korean government. The search warrant allowed the FBI to control servers that mimicked computers within the botnet, giving the bureau a clearer picture of the zombie computer army and the ability to alert victims. Joanap is malware that targets Microsoft Windows. It works in tandem with a worm dubbed Brambul that stalks computers, looking for a vulnerable way in, the Justice Department said in a press release. “Once installed on an infected computer, Joanap would allow the North Korean hackers to remotely access infected computers,” giving them root-level access and the chance to […]
The post U.S. announces disruption of ‘Joanap’ botnet linked with North Korea appeared first on CyberScoop.
Continue reading U.S. announces disruption of ‘Joanap’ botnet linked with North Korea
A California man who pleaded guilty Tuesday to causing dozens of swatting attacks — including a deadly incident in Kansas last year — now faces 20 or more years in prison. Continue reading Calif. Man Pleads Guilty in Fatal Swatting Case, Faces 20+ Years in Prison
The Department of Justice on Thursday announced criminal charges against seven Russian military officers for a wide-ranging hacking operation against sporting and anti-doping agencies in the United States, Canada, and Europe. Russian athletes were barred from representing their country at the 2018 Winter Olympics over alleged doping, and the indictment accuses the members of the GRU, Russia’s intelligence directorate, of using cyber-operations to obtain private health data on athletes at anti-doping agencies and then publicly leaking the data. Russian operatives dumped the private medical information of more than 250 athletes on social and traditional media toward that end, according to John Demers, assistant attorney general for national security. “All of this was done to undermine those organizations’ efforts to ensure the integrity of the Olympic and other games,” Demers said Thursday in announcing the charges. The indictment also accuses GRU hackers of targeting the Netherlands-based Organization for the Prohibition of […]
The post Justice Department charges 7 Russian intelligence officers appeared first on Cyberscoop.
Continue reading Justice Department charges 7 Russian intelligence officers
Citing “extraordinary cooperation” with the government, a court in Alaska on Tuesday sentenced three men to probation, community service and fines for their admitted roles in authoring and using “Mirai,” a potent malware strain used in countless attacks designed to knock Web sites offline — including an enormously powerful attack in 2016 that sidelined this Web site for nearly four days. Continue reading Mirai Botnet Authors Avoid Jail Time
The DoJ said a DPRK spy, Park Jin-hyok, was involved in “a conspiracy to conduct multiple destructive cyberattacks around the world.” Continue reading U.S. Ties Lazarus to North Korea and Major Hacking Conspiracy
The FBI seized a domain used to communicate with 500,000 infected routers Wednesday, cutting off a massive botnet that was possibly being used for a forthcoming cyberattack aimed at Ukraine. The Department of Justice obtained a seizure order Wednesday that allowed U.S. law enforcement to seize “toknowall.com,” which was used as the command and control in the “VPNFilter” botnet. VPNFilter was made public Tuesday, when it was announced that a combination of at least three groups — Cisco’s cybersecurity unit Talos, the non-profit information sharing group Cyber Threat Alliance (CTA) and U.S. law enforcement — have all been quietly notifying companies about the early stages of a potentially expansive cyberattack against Ukraine. In a seizure order made public Wednesday, the Department of Justice pinned the botnet on APT28, the hacking group known as “Fancy Bear.” The group is responsible for a number of high-profile hacks, including the 2016 hack of […]
The post FBI shuts down domain behind Russian ‘VPNFilter’ botnet appeared first on Cyberscoop.
Continue reading FBI shuts down domain behind Russian ‘VPNFilter’ botnet
The Justice Department filed motions in district court Monday to dismiss two lawsuits brought by Russian cybersecurity and anti-virus provider Kaspersky. It is the latest move in a protracted legal battle. All U.S. federal agencies have been prohibited from using any hardware, software, or devices developed by Moscow-based Kaspersky, following President Donald Trump’s signing of the annual National Defense Authorization Act (NDAA) on Dec. 12, 2017. Kaspersky claims that by prohibiting the use of their products, Congress has violated the Bill of Attainder Clause of the Constitution, which prohibits the singling out of a private entity for punishment without sufficient evidence of wrongdoing. But in the motion filed by Assistant Attorney General Chad Readler, the Justice Department argues that Kaspersky has neglected to consider the weeks of congressional meetings and debates that preceded the decision to prohibit their products. Lawmakers have had concerns about Kaspersky since at least April 2017, […]
The post Justice Department seeks dismissal of Kaspersky lawsuit, court documents show appeared first on Cyberscoop.
Continue reading Justice Department seeks dismissal of Kaspersky lawsuit, court documents show
The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks designed to knock Web sites and entire networks offline (including multiple major attacks against this site). Continue reading Mirai IoT Botnet Co-Authors Plead Guilty
A group of Chinese hackers recently indicted by the Department of Justice were involved in an international cyber espionage operation connected to a foreign intelligence agency, security researchers tell CyberScoop. On Monday, senior Justice Department officials announced eight relevant criminal charges against the Chinese hackers. Although the indictment was originally issued in September, it was sealed until Monday. The criminal activity allegedly dates as far back as 2011. Court documents describe that Chinese nationals Wu Yingzhuo, Dong Hao and Xia Lei hacked into and stole data from several American companies, including Siemens AG, Moody’s Analytics and GPS technology company Trimble. The trio worked together at a company named Boyusec, also known as the Guangzhou Bo Yu Information Technology Co. Business registration records show that Wu and Dong are executives at Boyusec. Conservative news outlet The Washington Free Beacon reported in November 2016 that Boyusec, which it described as a Chinese cybersecurity firm, […]
The post DOJ reveals indictment against Chinese cyber spies that stole U.S. business secrets appeared first on Cyberscoop.
Continue reading DOJ reveals indictment against Chinese cyber spies that stole U.S. business secrets