Tag Archive for: Admits

NRA finally admits it was hacked by a ransomware group in 2021

/in


The National Rifle Association (NRA) has just said for the very first time that, yes, the organization was indeed treaded on when it became victim of a massive hack last year.

The right wing organization best known for fighting common sense gun control measures after school shootings like the ones at Sandy Hook and Stoneman Douglas — and also acting as a “foreign asset” to Russia –– confirmed the ransomware attack in a Federal Election Commission filing made by the NRA’s political action committee (PAC).

The NRA finally admitted to the attack it suffered in the filing because it needed to explain discrepancies in its financial reports previously submitted to the government. The filing says that around $2,485 in contributions to the organization hadn’t been “processed correctly.” The NRA blamed the hack for the disparity. 

In October 2021, a ransomware group known as Grief targeted the NRA and boasted about the data it had stolen from the gun organization. Grief, which has ties to the Russia-based cybercriminal ring Evil Corp., allegedly stole tax, grant, and investor information from the NRA and posted the stolen information on its website. Grief later released more sensitive personal and financial data, such as bank accounts numbers.

At the time, the NRA would not confirm or deny the hack, releasing a statement that claimed that the “NRA takes extraordinary measures to protect information regarding its members, donors, and operations – and is vigilant in doing so.”

SEE ALSO:

Brands are cutting ties with the NRA after student-led campaign

We now know they weren’t quite vigilant enough. Grief’s ransomware campaign attacked the NRA on Oct.20 and the gun group felt the effects well into November. The NRA’s internet access, emails, and online networks were subject to varied levels of downtime for weeks.

It’s unclear if the NRA ever paid a ransom to Grief in order to avoid the further release of any other stolen data.

Ransomware hacks can be detrimental to an organization. Businesses have shut down after suffering losses from such attacks. It’s too bad this wasn’t one of those cases.

Source…

Massachusetts Man Admits to Attempting to Entice a Minor, Traveling to Engage in Illicit Sex, Attempting to Transfer Obscene Material to a Minor | USAO-RI

/in


PROVIDENCE, R.I. – A Massachusetts man faces between 10 years to life in federal prison when he is sentenced in U.S. District Court in Providence after pleading guilty on Wednesday to an indictment charging him with attempted enticement of a minor, attempted transfer of obscene material to a minor, and travel with intent to engage in illicit sexual conduct, announced United States Attorney Zachary A. Cunha.

Appearing before U.S. District Court Chief Judge John J. McConnell, Jr., Cody J. Hansen, 38, of Orange, MA., admitted that he posted an online classified advertisement seeking to connect with “someone that likes to play when the girl is passed out.” In May 2018, he engaged in a series of online communications with a person who responded to his posting; Hansen believed this person to be the father of 12 and 8-year-old girls living in Rhode Island. The father provided Hansen with an email address he could use to contact the 12-year-old girl. In actuality,  Hansen was communicating with an undercover Rhode Island State Police (RISP) detective assigned to the Rhode Island Internet Crimes Against Children (ICAC) Task Force.

Hansen admitted to the court that he engaged in a series of email communications with someone whom he believed to be the 12-year-old girl, admitting that these email communications turned sexually graphic and included an obscene photo of his genitalia. Hansen then arranged with the RISP detective, still acting as the girl, to travel to Rhode Island on May 21, 2018, to engage in sex with the girl and her younger sister.

According to information presented to the court, on May 21, 2018, the RISP detective and Hansen spoke by telephone, during which time Hansen confirmed that he was traveling to Rhode Island the next day with the intention of having sex with his daughters. When he arrived at the agreed upon location, he parked his car next to the detective’s vehicle and got into the front passenger seat of the detective’s car.  In conversation with the detective, Hansen confirmed that he knew the ages of the girls that he came to meet and to have sex with. He was immediately arrested by members of the ICAC Task Force and Homeland Security…

Source…

Cyber Security Today – More ransomware gangs now using DDoS attacks, more data thefts and an ADT technician admits spying on women

/in


More ransomware gangs now using DDoS attacks, more data thefts and an ADT technician admits spying on women

Welcome to Cyber Security Today. It’s Monday January 25th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:

There’s a new ransomware tactic going around: Launching distributed denial of service (DDoS) attacks against websites, then demanding organizations pay up to get decryption keys for scrambled data or the attack will continue. Denial of service attacks are like someone knocking on a door for hours. The door is a website. Too many knocks and the website crashes, and the organization has trouble doing business. Last fall the Bleeping Computer news service said two ransomware gangs started using this strategy. Now, it says, a third gang is doing it.

Organizations used to ignore ransomware attacks by restoring data from backups. Then gangs began stealing data in addition to encrypting it, as extra leverage: Pay for decryption keys to unscramble the data or you’ll be embarrassed by the release of the stolen data. The distributed denial of service attack is a variation of this threat.

Organizations should consider adding denial of service defences to their cybersecurity strategies. Typically these services blunt denial of service attacks by spreading the huge wave of knocks across the Internet.

Separately a security firm called Radware warned last week that other gangs continue to launch denial of service extortion attacks against websites and demand bitcoin to stop. These gangs don’t use ransomware. Their weapon is the denial of service attack alone.

Where do denial of service attacks come from? They come from huge numbers of internet-connected devices like computers that are unknowingly infected and chained together into a botnet that a crook can weaponize. Then the power of thousands or tens of thousands of devices are fired at a web site. Those devices usually get infected because they haven’t got the latest security updates installed, or they haven’t been configured right. Last week a security vendor called Netscout warned that Windows computers that haven’t properly secured their…

Source…

Home security technician admits hacking customers’ security cameras

/in


A former ADT security company employee has admitted to breaking into the cameras he installed in users’ homes in the Dallas area to watch their private moments. Telesforo Aviles has pleaded guilty to computer fraud and now faces up to five years in federal prison. According to the Department of Justice, Aviles has admitted that he would take note of the homes of women he deemed attractive to log into their accounts and view feed from their cameras for sexual gratification.



a person standing in front of a mirror posing for the camera


He was able to access customers’ footage by adding his email addresses to their “ADT Pulse” accounts. Aviles added his address without their knowledge at times, though there were also times when he told them he needed temporary access to their accounts for testing purposes. In his plea papers, he said he accessed over 200 customers’ accounts more than 9,600 times over the course of four-and-a-half years. He also admitted to watching video feeds of naked women and couples engaging in sexual activities.

FBI Dallas Special Agent in Charge Matthew J. DeSarno said in a statement:

“The defendant used his position of employment to illegally breach the privacy of numerous people. The FBI works with our law enforcement partners to thoroughly investigate all cyber intrusions and hold criminals accountable for their actions. Cyber intrusions do not only affect businesses, but also members of the public. We encourage everyone to practice cyber hygiene with all their connected devices by reviewing authorized users and routinely changing passwords. If you become the victim of a cybercrime, please contact the FBI through ic3.gov or 1-800-CALL FBI.”



a person standing in front of a mirror posing for the camera: Close Up Object Shot of a Modern Wi-Fi Surveillance Camera with Two Antennas on a White Wall in a Cozy Apartment. Man is Sitting on a Sofa in the Background.

© gorodenkoff via Getty Images
Close Up Object Shot of a Modern Wi-Fi Surveillance Camera with Two Antennas on a White Wall in a Cozy Apartment. Man is Sitting on a Sofa in the Background.

ADT has been updating a page about the situation over the past months. In its first statement from April, the company said a customer notified it about an unauthorized email on their account. “As soon as we discovered this, the unauthorized access was revoked, and the employee was terminated. We also reported him to law enforcement,” ADT wrote at the time.

As

Source…