04-02-202106-02-2021

Security daily (05-02-2021)

Serbian man extradited to US over cryptocurrency mining fraud scheme

Serbia extradited a man to the U.S. to face charges that he and his partners defrauded investors out of more than $70 million, in part by touting phony cryptocurrency mining companies, authorities announced Friday. The Serbian man, Antonije Stojilkovic, stands accused of conspiracy to commit fraud and money laundering, charges for which he could face 20 years in prison. “This $70 million scam spanned several continents, targeting American citizens and foreigners alike,” said Prerak Shah, acting U.S. Attorney for the Northern District of Texas. “The U.S. Department of Justice will not relent in our fight against cybercrime.” Stojilkovic and his co-conspirators advertised that their cryptocurrency mining platforms would allow investors to “purchase bitcoin at half market price!!” because of a “24-7 mining” operation at “facilities ‘worldwide,’” according to a Justice Department press release.  In propping up those companies and others devoted to binary options — more than 20 in all […] The post Serbian man extradited to US over cryptocurrency mining fraud scheme appeared first on CyberScoop. (CyberScoop)

FBI leaned on Dutch cops' hacking in Emotet disruption

U.S. and European law enforcement agencies last week conducted an extraordinary crackdown on Emotet, a botnet of infected computers that has defrauded victims of millions. The operation involved officials from nine governments, but one move was decisive: Dutch police used their cyber authorities to infiltrate Emotet infrastructure. They slipped a software update onto the servers that cut off communications between infected computers and the botnet, halting its spread. For the FBI, it was a lesson in how its foreign allies are sometimes better positioned than the bureau to make an arrest or even deploy offensive cyber capabilities. The bureau had tracked Emotet since 2017, when it caused more than $1.4 million in damage to a North Carolina school’s computer systems. The Department of Homeland Security has estimated that it cost an average of $1 million to clean up after each Emotet incident, though officials were not more specific in how […] The post FBI leaned on Dutch cops' hacking in Emotet disruption appeared first on CyberScoop. (CyberScoop)

Researchers find financial ties between notorious ransomware gangs

The number of ransomware strains that lock up systems throughout the global internet might suggest an immeasureable number of independent hackers are plundering victims’ data. In fact, new research suggests that digital extortion specialists are more closely connected than they may appear. Researchers at Chainalysis, a software firm that works with law enfocement agencies, on Thursday said they have found connections that suggest collaboration between hackers who have used the Maze, Egregor, SunCrypt and DoppelPaymer hacking tools. Each of these groups operate as ransomware-as-a-service, meaning they lease access to their malware to affiliates who then run ransomware attacks, which can make attribution trickier. When tracking some recent ransom payments to the Maze gang through a series of intermediaries, researchers determined that Maze was sharing some of the payout with a suspected SunCrypt cutout, according to a blog on the research, which was published Thursday. Maze has been tied to attacks […] The post Researchers find financial ties between notorious ransomware gangs appeared first on CyberScoop. (CyberScoop)

Signal issues workaround for Iran's ban of messaging app

Signal says it is introducing a connection method for the Android version of its app that can allow users in Iran to dodge their government’s efforts to block message traffic. The announcement comes after users in Iran began reporting issues with connecting to the end-to-end encrypted chat application in January, following a crackdown by the government. In a blog post Thursday, Signal said users of the Android version will be able to download the update “in a few days.” Signal’s popularity in Iran spiked recently after the popular WhatsApp messenger announced an update to its privacy policy that allowed more data to be shared with Facebook, its parent company. Users in Iran and elsewhere flocked to other options, particularly Signal, given its reputation for privacy. Iranian government officials noticed the increase in Signal users and blocked the app. Signal, which is run by a U.S.-based nonprofit foundation, vowed to fight. It […] The post Signal issues workaround for Iran's ban of messaging app appeared first on CyberScoop. (CyberScoop)

Chrome zero-day browser bug found – patch now!

Google is playing its cards close to its chest to avoid giving too much away. (Naked Security)

DDoSers Are Abusing Plex Media Server To Make Attacks More Potent

(News ≈ Packet Storm)

Amazon Faces Spying Claims Over AI Cameras In Van

(News ≈ Packet Storm)

Industrial Control System Vulnerabilities Up 25 Percent In 2020

(News ≈ Packet Storm)

Spy Planes Grounded In US Following Privacy Battle

(News ≈ Packet Storm)

Google Chrome Sync Feature Can Be Abused For C&C And Data Exfiltration

(News ≈ Packet Storm)

Instagram Unmasks High Profile OG Account Stealers

(News ≈ Packet Storm)

Industrial Networks See Sharp Uptick in Hackable Security Holes

Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks. (Threatpost)

Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites

An CRSF-to-stored-XSS security bug plagues 50,000 'Contact Form 7' Style users. (Threatpost)

Google Chrome Zero-Day Afflicts Windows, Mac Users

Google warns of a zero-day vulnerability in the V8 open-source engine that's being actively exploited by attackers. (Threatpost)

Ransomware Attacks Hit Major Utilities

Eletrobras, the largest power company in Latin America, faces a temporary suspension of some operations. (Threatpost)

04-02-202106-02-2021

/security-daily/ 06-02-2021 23:44:24