Tag Archive for: war’

Public security agencies wage war against hackers

/in


[Photo/IC]

Chinese police have pledged to continue to intensify their efforts on cybersecurity, as hacking into computer systems has become a major engine for criminal activities.

Statistics released by the Ministry of Public Security on Thursday showed that cybercrime has risen over the past three years at an annual average rate of 27.7 percent.

Since the start of last year, police officers across the country have solved 2,430 criminal cases involving hackers, with the capture of more than 7,000 suspects.

Highlighting the need for improving cybersecurity, Shi You, an official from the ministry, said it has stepped up efforts targeting hacking.

“While directly infiltrating and sabotaging computer information systems, criminals have also been discovered to have provided technical support and material information for other illegal activities such as telecom fraud, online gambling and online pornography,” he said.

The secondary crimes caused by hacking not only disrupt social stability and bring economic losses for people, but they also disturb market order and harm state security, he added.

In one case, for example, Beijing police detained 16 suspects involved in the fraudulent purchase and resale of tickets to scenic tourist spots in August after receiving reports from the public complaining of difficulties in booking the tickets.

The suspects were found to have illegally used software to purchase the tickets and then resell them at a higher price, the ministry said, adding that the illicit gains of the gangs were more than 2.3 million yuan ($315,000).

The capital”s police also seized 25 mobile phones, 21 computers and 26 software programs used to illegally access the tickets when they arrested the suspects, it said.

In another case, police officers in Foshan, Guangdong province, uncovered a group of 31 people in February who had allegedly obtained profits by tampering with an app’s system data.

Shi, from the ministry, stressed the focus on technology, “as the methods used by hackers have diversified with the rapid development of technologies, including artificial intelligence and blockchain”.

He expressed his concern about the…

Source…

Israel-Hamas War Spotlight: Shaking the Rust Off SysJoker

/in


Key Findings

  • Check Point Research is actively tracking the evolution of SysJoker, a previously publicly unattributed multi-platform backdoor, which we asses was utilized by a Hamas-affiliated APT to target Israel.
  • Among the most prominent changes is the shift to Rust language, which indicates the malware code was entirely rewritten, while still maintaining similar functionalities. In addition, the threat actor moved to using OneDrive instead of Google Drive to store dynamic C2 (command and control server) URLs.
  • Analysis of newly discovered variants of SysJoker revealed ties to previously undisclosed samples of Operation Electric Powder, a set of targeted attacks against Israeli organizations between 2016-2017 that were loosely linked to the threat actor known as Gaza Cybergang.

Introduction

Amid tensions in the ongoing Israel-Hamas war, Check Point Research has been conducting active threat hunting in an effort to discover, attribute, and mitigate relevant regional threats. Among those, some new variants of the SysJoker malware, including one coded in Rust, recently caught our attention. Our assessment is that these were used in targeted attacks by a Hamas-related threat actor.

SysJoker, initially discovered by Intezer in 2021, is a multi-platform backdoor with multiple variants for Windows, Linux and Mac. The same malware was also analyzed in another report a few months after the original publication. Since then, SysJoker Windows variants have evolved enough to stay under the radar.

As we investigated the newer variants of SysJoker that were utilized in targeted attacks in 2023, we also discovered a variant written in Rust, which suggests the malware code was completely rewritten. In addition, we also uncovered behavioral similarities with another campaign named Operation Electric Powder which targeted Israel in 2016-2017. This campaign was previously linked to Gaza Cybergang (aka Molerats), a threat actor operating in conjunction with Palestinian interests.

In this article, we drill down into the Rust version of SysJoker, as well as disclose additional information on other SysJoker Windows variants and their attribution.

Rust SysJoker…

Source…

Ukraine says it has evidence of 109,000 Russian war crimes

/in


As Ukraine struggles to make progress in its fight against Russia, Kyiv has been compiling evidence of war crimes since the full-scale invasion last year to present to the International Criminal Court in the Hague.

The vast majority of the charges being prosecuted were considered crimes against humanity, such as the mass executions of Ukrainians in Bucha in 2022.

Kostin’s figures also include 265 investigations into crimes against the environment, such as the Russian attack on the Ukrainian Nova Kakhovka Dam earlier this year that led to the evacuation of thousands of Ukrainians.

Four cases so far have also been opened into cyber war crime charges.

Kostin said the inclusion of cyber crimes and crimes against the environment for the ICC evidence is a new initiative by Ukraine during this war, stressing that “every crime has victims.”

He also acknowledged the challenge of convicting Russian citizens who may not be in Ukraine or have evaded capture, though he noted that some have been brought to trial.

“The bigger part is Russian war criminals who we charge and who we try in absentia. This is a quite longer process because it requires more procedural actions,” Kostin said. “While all of them receive defense, it’s our position to ensure a fair trial for everyone, including Russian war criminals.”

Source…

Ukraine Tracks a Record Number of Cyber Incidents During War

/in


Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime

Hackers Steal CCTV Footage to Study Efficacy of Missile Strikes and Drone Attacks

Mathew J. Schwartz (euroinfosec) •
November 16, 2023    

Ukraine Tracks a Record Number of Cyber Incidents During War
The aftermath of a Russian drone attack on a Kyiv energy facility on Oct. 27, 2022 (Image: State Emergency Service of Ukraine)

The tempo of cyberattacks against Ukrainian critical infrastructure has intensified this year – the second year in which Kyiv is fending off a Russian war of conquest.

See Also: OnDemand | Ransomware in the Cloud: Challenges and Security Best Practices

In the first 10 month of this year, Ukraine’s national computer emergency response team, CERT-UA, logged 2,054 cyber incidents, compared to 2,194 for the entirety of 2022, said Viktor Zhora, deputy chairman of Ukraine’s State Service of Special Communications and Information Protection. Three-quarters of the incidents involved civilian infrastructure, Zhora told a cybersecurity conference in Dublin on Thursday.


Hackers’ top goals are to steal information on the disposition of forces, infiltrate organizations that provide critical infrastructure services and steal people’s personal information from organizations across a number of sectors, including insurance and healthcare, said Zhora, who addressed the IRISSCON conference, held by IRISSCERT – short for the Irish Reporting and Information Security Service – via video link.


Since Russia launched an all-out invasion on Feb. 24, 2022, the most dangerous hacking incidents have typically traced to Russia’s GRU military intelligence group, he said. The greatest number of attacks this year appear to have been launched by the Federal Security…

Source…