Tag Archive for: alleged

Alleged ShinyHunters Hacker Group Member Arrested

/in


Sebastian Raoult (Le Français Sébastien Raoult), aka Sezyo, was arrested on June 1st, 2022 from the Rabat international airport and is believed to be one of the alleged members of the infamous ShinyHunters group.

A French student has been detained in Morocco on Interpol Red Notice after the US FBI (Federal Bureau of Investigation) accused him of being “one of the important members” of the infamous ShinyHunters group and hacking into hundreds of American organizations.

Arrest Details

Sebastian Raoult (Le Français Sébastien Raoult), aka Sezyo, was arrested on June 1st 2022 from the Rabat international airport. The suspect wanted to board a flight to Brussels, Belgium. According to the FBI, the suspect is allegedly part of a group of hackers called ShinyHunters.

Sebastian Raoult (Le Français Sébastien Raoult) Image credit: L’Obs (Nouvel Obs)

Apart from Raoult, four other French residents were questioned upon the request of the FBI. Raoult was arrested after Interpol issued a red notice against him. A Washington State prosecutor issued the notice.

US Seeking Extradition of the Frenchman

The US now demands the suspect’s extradition to the USA for cyber fraud and cybercrime allegations. However, Raoult’s lawyer, Philippe Ohayon, has rejected this idea, claiming that the case falls under French jurisdiction since the alleged acts were committed in France by French national(s).

It is worth noting that extraditing a French national isn’t so easy because the country has previously refused to extradite young offenders for hacking charges. For instance, as pointed out by Dissent Doe of DataBreaches.net, none of the French citizens charged as GnosticPlayers were extradited to the USA.

The USA is currently seeking extradition from Morocco, though.

Who’s the Suspect?

The 21-year-old Raoult from Epinal was a computer science student. L’Obs, a weekly French news magazine reports that he has been held in Tiflet prison since he was arrested. He is facing a 116-year prison sentence for the charges attributed to him. The accused’s father stated that his son was just a student and he could not possibly be involved in…

Source…

Spanish Police Arrest Alleged Radioactive Monitoring Hackers

/in


Police in Spain have arrested two people on suspicion of hacking the country’s Radioactivity Alert Network (RAR).

The RAR, operated by Spain’s General Directorate of Civil Protection and Emergencies, is a network of gamma radiation sensors. It monitors parts of Spain – which operates nuclear power plants – for excessive radiation.

The two individuals are former workers for a third-party contractor responsible for maintaining the system, said Spanish police. It accused them of disabling over a third of the sensors in an attack between March and June 2021.

The Directorate warned police of the attack in June 2021, and the National Police Cyberattacks group analyzed the operation. The hackers compromised the RAR management’s computer system, allegedly operating from a public hospitality network in Madrid. They attempted to delete the RAR management web application and also attacked over 300 of the network’s 800 sensors, the police said.

“They had a deep knowledge [of the system] that made it easier for them to carry out the attacks and helped them in their efforts to mask their authorship, significantly increasing the difficulty of the investigation,” said police in a statement (translated).

The police did not elaborate on the motive for the attack. However, the attack caused the sensor connections to fail, reducing the ability to detect radiation around some of the country’s nuclear power plants.

“While it’s great to see that the Spanish police took the cyber-attack against the country’s radioactivity alert network (RAR) extremely seriously, it should also serve as a stark reminder of the need to secure cyber-physical devices within the critical infrastructure industry,” said Simon Chassar, CRO at industrial cybersecurity company Claroty.

“Cyber-physical devices such as Internet of Things (IoT) devices and Industrial IoT (IIoT), are not always designed with security in mind, meaning they can have a number of vulnerabilities for threat actors to exploit.”

Source…

China censors news of alleged hacking of Shanghai police database

/in


China is rapidly censoring news of the alleged hacking of a Shanghai police database that threatens to expose the personal data of more than 1bn people, in what could be one of the largest-ever leaks of private information.

An anonymous hacker advertised the data on an online cyber crime forum late last month, claiming the full file for sale contained multiple terabytes of details, including names, addresses, IDs, phone numbers and criminal records of more than 1bn Chinese people.

The alleged hack set Chinese social media abuzz for a brief period over the weekend, but by Monday microblogging network Weibo and Tencent’s WeChat had begun to censor the topic.

Hashtags such as “data leak”, “Shanghai national security database breach” and “1 billion citizens’ records leak”, which had amassed millions of views and comments, were blocked on Twitter-like Weibo.

One Weibo user with 27,000 followers said a viral post about the hack had been removed by censors and that she had already been invited by local authorities to discuss the post.

Tencent’s WeChat also appears to have removed the news, including a public post by a well-known cyber security blogger. The post, which was published on the blogger’s public page “JohnDoes loves study”, detailed the implications of the huge data breach. It was no longer accessible on Tuesday.

Chinese search engine Baidu showed few results about the topic, with links that it provided to discussions about the hack on Zhihu inaccessible as of Tuesday.

The hacker, writing under the name ChinaDan, uploaded a description and sample of the data haul to the online forum and named a purchase price: 10 bitcoin, or about $200,000.

While the US frequently accuses Chinese hackers of stealing information about American citizens and probing its networks, Beijing has long denied those claims and asserted that it was instead the country that faced the greatest number of cyber intrusions.

Usually, those leaks remain hidden from the public, as companies and governments across the country prefer to say little about any data losses.

Shanghai authorities did not comment on the alleged data leak. The Shanghai government did not…

Source…

Former Ontario bureaucrats charged in alleged $11M COVID-19 fraud are headed back to court

/in


The Ontario bureaucrats fired after the alleged theft of $11 million in provincial COVID-19 relief funds are headed back to court this week as criminal proceedings continue.

Sanjay and Shalini Madan, a married Toronto couple terminated from the public service in 2020 after the alleged fraud, will be in long trial assignment court on Wednesday.

They were charged last September by the Ontario Provincial Police, but their criminal trial might not begin in earnest until September 2023.

Police charged Sanjay Madan with two counts of fraud and two counts of breach of trust. He and Shalini Madan were also charged with laundering the proceeds of crime and possession of stolen property.

Two other men have also been charged in the case.

Toronto’s Vidhan Singh was charged with money laundering, fraud and possession of stolen property. Manish Gambhir of Brampton was charged with possession of stolen property and possession of an identity document related — or purported to relate — to another person.

Chris Sewrattan, Sanjay Madan’s defence lawyer, declined to comment Monday.

In separate Ontario Superior Court filings, the province alleges that “some or all of” the Madans, their adult sons, Chinmaya and Ujjawal, and Singh, funneled millions to thousands of TD, Bank of Montreal, Royal Bank of Canada, Tangerine, and India’s ICICI bank accounts in spring 2020.

Chinmaya and Ujjawal do not face any criminal charges, but the parallel civil court case is ongoing.

The province’s allegations against the Madans and Singh have not been proven in civil court.

The criminal charges have also not been proven in court.

Sanjay Madan was fired in November 2020 from a $176,608-a-year job as the Ministry of Education’s information technology leader on the Support for Families program.

That pandemic fund — later enriched and renamed the Ontario COVID-19 Child Benefit before being wound down a year ago — gave parents $200 per child under age 12 and $250 per child and youth under 21 with special needs to offset online educational expenses.

In civil court testimony, which may not be used against him in the criminal action if it violates his charter-protected rights against self-incrimination, Sanjay Madan…

Source…