Security News

Law enforcement authorities with the Interpol have apprehended a threat actor responsible for targeting thousands of unwitting victims over several years and staging malware attacks on telecom companies, major banks, and multinational corporations in France as part of a global phishing and credit card fraud scheme. The cyber attacks involved deploying a phishing kit consisting of web pages that spoofed banking entities in the country, followed by sending mass emails mimicking the targeted companies, prompting email recipients to enter login information on the rogue website.

The troika was wanted for allegedly operating a bank-raiding crimeware "Service" known as Gozi, based on zombie malware that used a technique known as HTML injection to trick victims into revealing personal information relating to their on-line banking. But if you can plant malware on the victim's PC, you can use what's known as an MiTB attack, or "Manipulator in the browser".

The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again. While the Clop operation laid low for about a week, the ransomware gang has sprung back into action yesterday after releasing the data for two new victims on their ransomware data leak site.

Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. The ransomware attacks amount to $500 million in monetary damages, the National Police said, noting that "Law enforcement has managed to shut down the infrastructure from which the virus spreads and block channels for legalizing criminally acquired cryptocurrencies."

Ukrainian law enforcement arrested cybercriminals associated with the Clop ransomware gang and shut down infrastructure used in attacks targeting victims worldwide since at least 2019. Cybersecurity company Intel 471 told BleepingComputer that the Ukrainian authorities arrested only individuals involved in laundering money for the Clop gang since its core members are likely out of harm's way in Russia.

China's crackdown on cryptocurrencies has reached a new crescendo, with the nation's Ministry of Public Security on Wednesday proclaiming it has arrested over 1000 people and shut down 170 gangs that provided crypto-linked money-laundering services. Others are what China calls "Two cards" scammers, who funnel their ill-gotten gains to acquire phone cards that are shipped outside China, then use call credit stored in the cards to make scam calls back into the Middle Kingdom.

As FBI Special Agent Nicholas I. Cheviron wrote in the affidavit in support of a search warrant, while the FBI might have dented the supply of encrypted messaging devices, the demand didn't go away. "The continued for these encrypted device platforms by criminals is significant," he wrote.

The FBI arrested a Texas man on Thursday for allegedly planning to "Kill of about 70% of the internet" in a bomb attack targeting an Amazon Web Services data center on Smith Switch Road in Ashburn, Virginia. Seth Aaron Pendley, 28, was charged via criminal complaint on Friday morning for attempting to destroy a building using C-4 plastic explosives he tried to buy from an undercover FBI employee.

Europol launched "Major interventions" against organized crime on March 9, which it said were made possible by monitoring the encrypted messages of around 70,000 users of the Sky ECC service since mid-February. Europol said Sky ECC has about 170,000 users who send around 3 million messages every day, adding that 20 percent of those users are in Belgium and the Netherlands.

Image: Sky ECC. European law enforcement authorities have made a large number of arrests after a joint operation involving the monitoring of organized crime communication channels after "Unlocking" Sky ECC chat's encryption. The investigation started after Belgium police seized mobile phones from criminals who used Sky ECC. After "Unlocking" the chat platform's encryption, investigators have been able to monitor communications between roughly 70,000 Sky ECC users.