Cybersecurity news provided by NetworkTigers on Monday, 14 February 2022.
SAN MATEO, CA — “ModifiedElephant” hacking group evades detection for over a decade, Washington state licensing department hacked, report: half of all emails sent in 2021 were spam, Colorado University hacked, over $1 billion in ransomware payments made since 2020, Portugal suffers telecom cyberattack, 25% of new online accounts are fraudulent, QR codes create security concerns, News Corp hack points to China, Swiss airport services disrupted by ransomware, Meter loses millions of dollars in crypto theft.
“ModifiedElephant” hacking group evades detection for over a decade
“ModifiedElephant,” an APT hacking group that has been taking over devices belonging to lawyers and human rights advocates since 2012, has finally been revealed. Mostly active in India, the group spies on its targets while also planting incriminating evidence on their devices. The group mainly uses spear phishing tactics to ensnare victims. Read more.
Washington state licensing department hacked
The Washington State Department of Licensing has suffered a data breach that affected around 650,000 residents. The database breached includes information such as Social Security numbers, drivers license numbers and dates of birth. The department’s system was shut down as soon as suspicious activity was noticed and those affected will be offered free credit monitoring services. Read more.
Report: half of all emails sent in 2021 were spam
According to Kapersky’s Spam and Phishing in 2021 report, up to 48% of all global email in 2021 was spam. Most of the junk came from machines in Russia, followed by Germany, the US and China. The theme of much of the spam and phishing attempts pertained to COVID-related topics such as testing and government money. Read more.
Colorado University hacked
A cyberattack levied against Colorado University has resulted in campus-wide password changes. According to the university, the attack was quickly contained and no access to sensitive data took place. The school is working with the authorities, as well as security firm Mandiant, to investigate the attack and determine who was responsible. Read more.
Over $1 billion in ransomware payments made since 2020
Chainanalysis, a blockchain investigations and analytics firm, has compiled a Ransomware Crypto Crime Report that has revealed that $692 million in ransomware payouts took place in 2020. 2021 saw $602 million in payouts, but the firm believes that additional data will reveal that 2021 payments actually surpassed those made in the previous year. The ransomware gang Conti was the most profitable in 2021. Read more.
Portugal suffers telecom cyberattack
Portugal has sustained a cyberattack that disrupted services from Vodafone, one of the country’s largest telecommunications companies. Vodafone says that no customer data was compromised during the hack which they say was meant to result in “damage and disruption.” The hack affected a wide spectrum of the country, from individuals to emergency services to ATMs. No ransom demand has been made regarding the attack. Read more.
25% of new online accounts are fraudulent
After analyzing 150 billion transaction requests across 254 countries, research from fraud prevention firm Arkose Labs indicates that one in four new accounts made in 2021 were fake. Their findings also show one out of every five logins was an account takeover and one fifth of all traffic was linked to fraud. Most of this activity is generated by sophisticated bots that can be difficult to distinguish from actual people. Read more.
QR codes create security concerns
The FBI is warning individuals about the dangers potentially posed by scanning QR codes. The codes, more present than ever as the pandemic has ushered in a “touchless” world of menus and advertisements, automatically direct people to a URL upon scanning. Authorities warn that bad actors may replace legitimate QR codes with their own that lead to malicious code. In some cases, a malicious QR code may take a user to an identical looking site or menu but, in fact, skim them for data. Read more.
News Corp hack points to China
As the investigation of the hack of News Corp continues to unfold, it is becoming more clear that the attack was likely a cyberespionage effort carried out by China. Typically targeting the military or organizations that have valuable intellectual property, China also focuses on journalists that cover the country in search of their otherwise anonymous sources. Read more.
Swiss airport services disrupted by ransomware
Swissport, a Zurich-based firm that provides airport services including security and baggage handling, was reportedly hit with a ransomware attack. The attack was seemingly contained quickly and has had little impact on the company’s global airport services, as only a few flights were delayed. Following attacks on other European ports and oil industry centers, it is unclear if the attack is connected. Read more.
Meter loses millions of dollars in crypto theft
Meter, a provider of decentralized currency services, has been hacked. An unauthorized user has made off with $4.4 million in crypto, revealed the company. It has pledged to be sure to return any stolen funds to affected users and has asked the thief to return the crypto, but has not publicly announced offering a bug bounty in exchange. Read more.
More cybersecurity news
NetworkTigers was founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms. Today, NetworkTigers provides consulting and network equipment to businesses, health care and government agencies globally. www.networktigers.com
NetworkTigers provides the latest industry and cybersecurity news in a weekly roundup at news.networktigers.com.