Tag Archive for: carried

court finds teenagers carried out hacking spree

/in


A court has found an 18-year-old from Oxford was a part of an international cyber-crime gang responsible for a hacking spree against major tech firms.

Arion Kurtaj was a key member of the Lapsus$ group which hacked the likes of Uber, Nvidia and Rockstar Games.

A court heard Kurtaj leaked clips of the unreleased Grand Theft Auto 6 game while on bail in a Travelodge hotel.

The audacious attacks by Lapsus$ in 2021 and 2022 shocked the cyber security world.

Kurtaj is autistic and psychiatrists deemed him not fit to stand trial so he did not appear in court to give evidence.

The jury were asked to determine whether or not he did the acts alleged – not if he did it with criminal intent.

Another 17-year-old who is also autistic was convicted for his involvement in the activities of the Lapsus$ gang but can not be named because of his age.

The group from the UK, and allegedly Brazil, was described in court as “digital bandits”.

The gang – thought to mostly be teenagers – used con-man like tricks as well as computer hacking to gain access to multinational corporations such as Microsoft, the technology giant and digital banking group Revolut.

During their spree the hackers regularly celebrated their crimes publicly and taunted victims on the social network app Telegram in English and Portuguese.

The trial was held in Southwark Crown Court in London for seven weeks.

Hacking spree one

Jurors heard that the unnamed teenager started hacking with Kurtaj in July 2021 having met online.

Kurtaj aided by Lapsus$ associates, hacked the servers and data files of telecoms company BT and EE, the mobile operator, before demanding a $4m (£3.1m) ransom on 1 August 2021.

Lapsus text message

The hackers sent out threatening text messages to 26,000 EE customers

No ransom was paid but the court heard that the 17-year-old and Kurtaj used stolen SIM details from five victims to steal a total of nearly £100,000 from their crytpocurrency accounts which were secured by their compromised mobile phone SIM identities.

Both defendants were initially arrested on 22nd January 2022, then released under investigation.

Hacking spree two

That did not deter the duo who continued hacking with Lapsus$ and successfully breached Nvidia, a Silicon Valley tech giant…

Source…

Tokyo risks being carried away by intel craving

/in



Japanese Prime Minister Fumio Kishida speaks during his news conference in Tokyo, Japan, on February 24, 2023. [Photo/Agencies]

The reforms implemented by Tokyo over the past 10 years have seen a break with the so-called postwar Yoshida Doctrine that emphasized concentrating resources on economic development and letting the US take care of the country’s security.

By bolstering its capacity for decision-making and removing some of the legal constraints on the use of force, Tokyo has positioned itself for a more integrated military alliance with the US while giving itself room to act in what it perceives to be its interests.

Japan released three documents last year that defined its change of security policy. With a sharp increase in military spending, the most significant take-away from the three documents is the US-Japan alliance is entering a new phase. With its own combat-credible forces, Japan will be proactively involved in international security affairs.

Since war-fighting requires a much higher level of information acquisition and analysis, as well as information sharing between militaries, to better enable this new approach, Japan is looking to strengthen its intelligence gathering and analysis capabilities by building an intelligence network in the Asia-Pacific. It has been proposed that Japan should be included in the Five Eyes intelligence-sharing group that comprises Australia, Canada, New Zealand, the United Kingdom, and the US, and the plan to set up a NATO liaison office in Tokyo was aimed at facilitating this.

But with that plan stalled, due to the opposition of some NATO members, the Fumio Kishida government has been prompted to take a new tact.

According to Japanese media reports, it intends to build an intelligence network to deal with cyberattacks with countries and regions in the “Indo-Pacific” region. It will begin by building cyber defense capabilities for vulnerable Pacific Island countries, and eventually establish a system that can share information about the symptoms and methods of attacks. This has in part been prompted by the hybrid warfare in Ukraine, where cyberspace…

Source…

Cybercriminals carried out a record number of ransomware attacks last year; experts expect more in 2022

/in


It might be a different year, but old threats linger—especially in cyberspace.  An advisory covering the current cyberthreat situation issued by federal agencies and international partners Wednesday outlines a growing threat posed by ransomware that’s expected to continue through 2022. 

“Cybercriminals are increasingly gaining access to networks via phishing, stolen remote desktop protocols, credentials or brute force, and exploiting software vulnerabilities,” the advisory says. Over the last year, especially, “The market for ransomware became increasingly ‘professional’ and there has been an increase in cybercriminal services-for-hire.”

With this expansion of cybercrime into more of an enterprising space, the advisory notes that ransomware groups have begun sharing victim information with each other, including victims’ network access information. They’re also diversifying extortion methods to get around defenses and evolving their practices to best exploit vulnerabilities, such as by targeting public organizations on holidays and weekends. 

And from local school districts to vital infrastructure vendors, cybercriminals have broadened their targets. The advisory highlights that nearly every aspect of the nation’s critical infrastructure was digitally attacked in some way last year, including the emergency services sector, food and agriculture, and government facilities. 

“We live at a time when every government … must focus on the threat of ransomware and take action to mitigate the risk of becoming a victim,” said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), in a statement. CISA, along with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA) and several international organizations including Australia and the United Kingdom collaborated on the advisory. “While we have taken strides over the past year to increase awareness of the threat, we know there is more work to be done to build collective resilience.” 

While action has been taken by federal agencies to make local governments aware of the threat, more education is needed, Easterly said, urging “organizations to review…

Source…

Researchers say Chinese hackers carried out attacks on US, European firms | TheHill – The Hill

/in

Researchers say Chinese hackers carried out attacks on US, European firms | TheHill  The Hill

Chinese-backed hackers targeted firms in the U.S. and Norway with an extended cyber espionage campaign over the course of nearly a year, security …

“chinese hackers” – read more