Tag: Notorious | Page 3

High-Level Organizer of Notorious Hacking Group Sentenced to Prison for Scheme that Compromised Tens of Millions of Debit and Credit Cards | OPA

April 16, 2021/in Computer Security

A Ukrainian national was sentenced today in the Western District of Washington to 10 years in prison for his high-level role in the criminal work of the hacking group FIN7.

Fedir Hladyr, 35, served as a manager and systems administrator for FIN7. He was arrested in Dresden, Germany, in 2018, at the request of U.S. law enforcement and was extradited to Seattle, Washington. In September 2019, he pleaded guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking.

“The defendant and his conspirators compromised millions of financial accounts and caused over a billion dollars in losses to Americans and costs to the U.S. economy,” said Acting Assistant Attorney General Nicholas L. McQuaid of the Justice Department’s Criminal Division. “Protecting businesses – both large and small – online is a top priority for the Department of Justice. The department is committed to working with our international partners to hold such cyber criminals accountable, no matter where they reside or how anonymous they think they are.”

“This criminal organization had more than 70 people organized into business units and teams. Some were hackers, others developed the malware installed on computers, and still others crafted the malicious emails that duped victims into infecting their company systems,” said Acting U.S. Attorney Tessa M. Gorman of the Western District of Washington. “This defendant worked at the intersection of all these activities and thus bears heavy responsibility for billions in damage caused to companies and individual consumers.”

“These cyber thieves orchestrated an elaborate network of hackers and systems to infiltrate businesses and exploit consumers’ personal information,” said Special Agent in Charge Donald M. Voiret of the FBI’s Seattle Field Office. “Their specialized skills to target certain industries amplified the damage exponentially. Thanks to the hard work of law enforcement partners both in the U.S. and overseas, these fraudsters are not beyond our reach and cannot hide from the law.”

According to documents filed in the case, since at least 2015, members of FIN7 (also referred to as…

Source…

The Internet’s Most Notorious Botnet Has an Alarming New Trick

December 3, 2020/in Internet Security

In just the last two months, the cybercriminal-controlled botnet known as TrickBot has become, by some measures, public enemy number one for the cybersecurity community. It’s survived takedown attempts by Microsoft, a supergroup of security firms, and even US Cyber Command. Now it appears the hackers behind TrickBot are trying a new technique to infect the deepest recesses of infected machines, reaching beyond their operating systems and into their firmware.

Security firms AdvIntel and Eclypsium today revealed that they’ve spotted a new component of the trojan that TrickBot hackers use to infect machines. The previously undiscovered module checks victim computers for vulnerabilities that would allow the hackers to plant a backdoor in deep-seated code known as the Unified Extensible Firmware Interface, which is responsible for loading a device’s operating system when it boots up. Because the UEFI sits on a chip on the computer’s motherboard outside of its hard drive, planting malicious code there would allow TrickBot to evade most antivirus detection, software updates, or even a total wipe and reinstallation of the computer’s operating system. It could alternatively be used to “brick” target computers, corrupting their firmware to the degree that the motherboard would need to be replaced.

The TrickBot operators’ use of that technique, which the researchers are calling “TrickBoot,” makes the hacker group just one of a handful—and the first that’s not state-sponsored—to have experimented in the wild with UEFI-targeted malware, says Vitali Kremez, a cybersecurity researcher for AdvIntel and the company’s CEO. But TrickBoot also represents an insidious new tool in the hands of a brazen group of criminals—one that’s already used its foothold inside organizations to plant ransomware and partnered with theft-focused North Korean hackers. “The group is looking for novel ways to get very advanced persistence on systems, to survive any software updates and get inside the core of the firmware,” says Kremez. If they can successfully penetrate a victim machine’s firmware, Kremez adds, “the possibilities are endless, from destruction to basically complete system takeover.”

While TrickBoot…

Source…

The 5 Most Notorious Organized Cybercrime Gangs

November 3, 2020/in Computer Security

Organized cybercrime gangs have embraced the potential of the internet. In recent years, their operations have become so sophisticated that they’ve launched widescale attacks on big corporations and initiated sinister cyber campaigns that caused millions of dollars in damages.