Posts

Google sues two Russian nationals for allegedly hacking computers


Google is suing two Russian nationals it claims are part of a criminal enterprise that has silently infiltrated more than a million computers and devices around the world, creating “a modern technological and borderless incarnation of organised crime.”

In a complaint being unsealed Tuesday in the US District Court for the Southern District of New York, Google names two defendants, Dmitry Starovikov and Alexander Filippov, as well as 15 unnamed individuals. Google claims the defendants have created a “botnet” known as Glupteba, to use for illicit purposes, including the theft and unauthorised use of Google users’ login and account information.

A botnet is a network of internet-connected devices that have been infected with malware. When summoned together, they can do the bidding of a hacker, often with the devices’ owners not realising their machines have been hijacked. A swarm of devices can jam traffic at websites, run malware to steal login credentials, sell fraudulent credit cards online and grant unauthorized access to other cyber criminals.

Botnet attack

The Glupteba botnet stands out from others because of its “technical sophistication,” using blockchain technology to protect itself from disruption, Google said in the complaint. At any moment, the power of the Glupteba botnet could be used in a powerful ransomware attack or distributed denial of service attack, Google said.

It’s the first time that Google is going after a botnet, a spokesperson for the Mountain View, California-based company said in an email. “We are taking this action to further protect internet users and to send a message to cyber criminals that we will not tolerate this type of activity.”

The spokesperson said the company worked with the…

Source…

Google disrupted the Glupteba botnet used to steal personal information and mine cryptocurrency


Google found that Glupteba has infected about a million Microsoft Windows devices worldwide, which would put it among the largest botnets analyzed by security experts. In a complaint filed in federal court in New York on Tuesday, Google detailed several different crimes it alleges hackers use the botnet to perpetuate, including stealing and selling log-in information for Google accounts, and selling access to captured devices to other criminals who want to hide their Internet activity.

Source…

Google warns users to improve your password NOW


GOOGLE users need to double-check their passwords in the face of phishing schemes, data grabs and other attempts to steal personal information via Gmail, Google Drive and Google Chrome activity.

Because Google accounts act as a centralized hub for many users, they can be a valuable mine of data for hackers, especially when it comes to Gmail accounts that are tied to other websites.

Google users need to change their passwords to avoid these seven ways hackers target your account

1

Google users need to change their passwords to avoid these seven ways hackers target your account

Hackers can exploit a Google account through various avenues to obtain personal information, so users need to be wary of the many openings for

“It’s risky to use the same password on multiple sites,” Google advises on its security page.

“If your password for one site is hacked, it could be used to get into your accounts for multiple sites,” the tech company explains.

The Sun has contacted Google for comment on password security.

The following means of stealing information pose an especially severe threat and make it crucial for Google users to renew their passwords on a regular basis.

Public WiFi

The very same factors that make public WiFi so easily accessible also open it up to the most risk on phones and other devices.

Because there are so many avenues for hackers to take advantage of WiFi, it’s important for consumers to be vigilant of multiple security shortcomings to keep their personal information safe.

One scheme operates by making replicas of popular websites, and presenting that page when someone tries to log on to the legitimate site on public WiFi. 

Unencrypted networks also open the door to a practice called “packet sniffing,” which allows hackers to acquire information that they analyze later.

This makes it possible for hackers to steal your password over a basic WiFi connection.

Phishing Attempts

Phishing emails look legitimate, so the untrained eye doesn’t hesitate to click a link, open a document or respond with information.

But researchers at Google discovered more than two million phishing websites last year – an increase of 25 percent compared to 2019.

Phishing is a type of social engineering where an attacker sends a fraudulent email designed to trick the victim into…

Source…

Google warns cryptocurrency miners are hacking cloud accounts, suggests ways to counter cyber threat




The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)


© Provided by The Financial Express
The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)

Global search engine giant Google has revealed that hackers are increasingly targeting compromised cloud accounts to mine cryptocurrency. The revelation is part of a new report from Google’s in-house cybersecurity action team.

Google’s cybersecurity team, which spots cyber threats and gives advice on how to tackle them, has come out with a report called “threat horizon” that sheds light on multiple threats currently looming in cyberspace.

As per the report, Russian state hackers have been attempting to dupe users into giving away their passwords on the pretence that they were being targeted by government-backed attackers. In North Korea, hackers have been trying to lure users with fraudulent job offers from big-ticket firms like Samsung.

Crypto miners hacking Google cloud accounts

The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency.

Since “mining” blockchains that underpin cryptocurrencies require a significant amount of computing power and expensive software, 86 per cent of the cloud computing hacks are said to be used to perform cryptocurrency mining.

Democratic countries need to think about creating safe, accountable internet: MoS IT

The cryptocurrency mining software area is downloaded within 22 seconds after the cloud account has been hacked. Cyber-attackers take advantage of vulnerable third-party software and poor customer security to perform the hacks.

Other forms of cyber threat

The Google report says in one instance 12,000 Gmail accounts were targeted by the Russian government-backed hacking group APT28, also known as Fancy Bear, where users were tricked into handing over their user details through email.

Google says the attack was neutralised after all the phishing emails were blocked –’which focused on the UK, the US and India-and no users’ details had been compromised.’

Apple, Google get slapped with EUR 20-Million antitrust fine in Italy over ‘aggressive’ data practices

In another…

Source…