More alleged cybercrimes caught in Ukraine, a warning to law and accounting firms, and another phone scam.
Welcome to Cyber Security today. It’s Friday January 14th. I’m Howard Solomon, Contributing Writer on Cyber Security for ITWorldCanada.com.
Police in Ukraine Continue to crack down on online scammers. With the help of law enforcement agencies in the United States and Britain, a group believed to be linked to the ransomware gang was arrested this week. Police allege that this group was responsible for attacks on more than 50 companies in Europe and the United States that raised more than $1 million. In addition to hacking, the group allegedly changed the IP addresses of the victims so that other threat actors could hack the systems. The group also stole bank card numbers from victims to buy and resell products. Ukrainian authorities also arrested two suspects in a ransom gang last October.
Law and accounting firms They are warned that a hacker group is targeting them. The warning comes from researchers at eSentire, who said the GootLoader gang has been caught trying to get into three law firms and one accounting firm. The GootLoader malware spreads by setting up content pages on legitimate WordPress sites that they have hacked. The content includes references to things business people might look for on the web, such as free legal and financial contract templates. Using search engine optimization tricks, the gang makes sure that the results of searches for these agreements appear on top of Google searches. Anyone who downloads the promised file has their computer compromised with malware. Organizations should educate their employees about the dangers of downloading Microsoft Word text files and Excel spreadsheets from unapproved websites.
two dark sites Which sells stolen credit and debit cards are closed. The operators of UniCC, believed to be the largest combing site on the dark web, and its partner LuxSocks have decided they have had enough, according to the Bleeping Computer news service. A post on the UniCC website says that the operators are not young and their health does not allow them to work hard anymore. A security firm estimates that Operation UniCC has attracted more than $385 million in crypto payments for stolen card numbers.
There is no shortage of new phone scams. A friend of mine, a woman, received one this week. At the other end of the line was a woman crying. She said, “Mom, I’m at the police station. I had a glass of wine for lunch and then I had a car accident. They want to charge me. I want you to send bail. They’ll call you back. They need a credit card number.” My girlfriend couldn’t tell by the sobbing, but she sounded like her daughter. Fortunately, my girlfriend was able to make sure her daughter was home and realized this was a hoax. Lesson one: Like all scams, this one tries to pressure victims to act quickly. Watch for it in phone calls. Here’s one more thing: my old friend. Was it targeted? maybe. Otherwise, how did the crooks know that she had a daughter? Or is it just a coincidence?
Remember later today that the My Week in Review podcast is coming out. This week’s guest is Jim Love, Head of IT at IT World Canada. We will discuss the controversy in the open source software community.
Links to details about podcast stories are in the transcript at ITWorldCanada.com.
Follow Cyber Security Today on Apple Podcasts or Google Podcasts, or add us to a Flash feed on your smart speaker.