Tag Archive for: info

Vietnamese Hackers Hit Digital Marketers With Info Stealers

/in


Anti-Phishing, DMARC
,
Endpoint Security
,
Fraud Management & Cybercrime

Under Fire: US, UK and India; Attackers Often Wield DarkGate Info-Stealing Malware

Jayant Chakravarti (@JayJay_Tech) •
October 20, 2023    

Vietnamese Hackers Hit Digital Marketers With Info Stealers
Image: Shutterstock

Cybercrime groups in Vietnam are targeting the digital marketing sector in the United Kingdom, United States and India with multiple malware strains, including the widely used DarkGate information stealer, security researchers report.

See Also: Defending Against the Rising Tide of Fraud: Resilience Strategies for Businesses


Security firm WithSecure’s Detection and Response Team said it tracked multiple Vietnamese cybercrime groups running social engineering campaigns in September, designed to trick marketing professionals into downloading malicious files masquerading as job descriptions and salary details.


Schemes used by attackers included using fake job openings at Corsair, a computer memory and hardware manufacturer, to convince individuals to download a malicious file called Job Description of Corsair.docx. They also used job openings at Indian finance company Groww as bait in India.


The Vietnam-based groups likely purchased the information-stealing malware from cybercrime marketplaces and used them interchangeably when attacking specific sectors or groups, researchers said. The malware samples used in the campaigns included the well-known DarkGate info stealer, as well as Ducktail, Lobshot and Redline.


Researchers said attackers’ tactics and choice of malware overlapped heavily, making it difficult to attribute any given…

Source…

Cloud gaming outfit Shadow warns hackers stole users’ personal info during a security breach

/in


Shadow, the French cloud gaming company that allows subscribers to run games via high-powered PCs over the internet, has emailed customers to warn them that it has suffered a security breach in which customer data was stolen. While Shadow hasn’t confirmed how many people were affected, it’s thought that around 530,000 users have had their information stolen.

In an email sent to customers and reported on by TechCrunch, Shadow said that it was the victim of a social engineering attack that targeted one of its employees at the end of September 2023. The attack apparently began on Discord and then resulted in the employee downloading a game on Steam at the suggestion of a third party. That third party was also a victim of the attack.

Cloud gaming outfit Shadow warns hackers stole users' personal info during a security breach 02

Open Gallery 2

VIEW GALLERY – 2 IMAGES

The data itself was collected after the attacker was able to gain access to an as-yet-unnamed software-as-a-service (SaaS) provider.

TechCrunch reports that an individual on a popular hacking forum has already claimed responsibility for the attack, saying that they are now willing to sell the data after being ignored by Shadow. The post says that the data covers more than 530,000 people.

As for Shadow, it hasn’t confirmed how many people are impacted nor exactly which service the attacker was able to access. They did say which types of data were stolen, however, with full names, email addresses, dates of birth, billing addresses, and credit card expiry dates all swiped. Shadow does say that there were no passwords or sensitive banking data taken during the attack, however.

Shadow also warned customers to be on the lookout for any suspicious emails and to set up multi-factor authentication on their accounts.

Source…

Ransomware Hackers Publish Patient Info from Mayanei Hayeshua Hospital | The Jewish Press – JewishPress.com | Hana Levi Julian | 21 Elul 5783 – Thursday, September 7, 2023

/in


Photo Credit: Chaim Goldberg / Flash 90

Hackers who stole patient information from the servers at Mayanei Hayeshua Medical Center in Bnei Brak have made good on their threat to publish the data.

The “Ragnar Locker” group demanded a ransom totaling tens of millions of shekels for the information after the break-in, which took place about a month ago, according to Israel Hayom.

Not having received the money, the ransomware hackers announced on their Telegram account that they had released 402 gigabytes of data in the first tranche.

The group threatened to publish the rest of the information it claimed it was holding if the ransom is not paid, including the personal, medical and psychiatric records of patients who include government and Knesset members, rabbonim, Torah sages and other prominent haredi religious patients.

Prime Minister Benjamin Netanyahu underwent treatment for a prostate issue at the hospital in 2015, according to the report.

There is fear in the haredi public that the hackers will create a “Medical WikiLeaks” that could cause serious damage to many members of the Orthodox population, according to the haredi B’Chadarei Haredim news outlet.

Health and Interior Minister MK Moshe Arbel said in response to the initial threat that the government has not previously succumbed to extortion attacks on government data and will not succumb to such attacks on the health system either.

“Along with my instructions to budget tens of millions of shekels for a multi-year cyber preparedness plan in the health system, I also believe it appropriate to publish, on my own initiative, the results of a CT scan I performed at Mayanei Hayeshua Medical Center after a partial resection of my right kidney for a cancerous tumor that was found during tests to determine my eligibility to donate the kidney.

“There is no room for surrendering to blackmail and threats from cyber attackers,” he said. “We must stand as a wall to protect the right to privacy of every patient in the Israeli health system.”

Mayanei Hayeshua Medical Center also responded to the threat, saying in a statement, “The hospital, in cooperation with the Ministry of Health, the…

Source…

U.K Nuke Submarine Base Security Leak; Russia-linked Hackers Put Top Secret Info On Dark Web

/in


The United Kingdom has been hit by hackers linked to Russia, and secret information has reportedly been put on the internet’s dark web. According to Mirror, notorious hacking group LockBit is behind the leak, and in the past had even tried to unsuccessfully extract millions from Royal Mail.

 

Source…