Security News

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin, a software package used to administer what's being called "One of the world's largest phishing services." The operation was carried out in coordination with the FBI and authorities in Australia, which was particularly hard hit by phishing scams perpetrated by U-Admin customers. The Ukrainian attorney general's office said it worked with the nation's police force to identify a 39-year-old man from the Ternopil region who developed a phishing package and special administrative panel for the product.

Law enforcement officials in Ukraine, in coordination with authorities from the U.S. and Australia, last week shut down one of the world's largest phishing services that were used to attack financial institutions in 11 countries, causing tens of millions of dollars in losses. The Ukrainian attorney general's office said it worked with the National Police and its Main Investigation Department to identify a 39-year-old man from the Ternopil region who developed a phishing package and a special administrative panel for the service, which were then aimed at several banks located in Australia, Spain, the U.S., Italy, Chile, the Netherlands, Mexico, France, Switzerland, Germany, and the U.K. Computer equipment, mobile phones, and hard drives were seized as part of five authorized searches conducted during the course of the operation.

The proprietors of the phishing service were variously known on cybercrime forums under handles such as SMSBandits, "Gmuni," "Bamit9," and "Uncle Munis." SMS Bandits offered an SMS phishing service for the mass sending of text messages designed to phish account credentials for different popular websites and steal personal and financial data for resale. Sasha Angus is a partner at Scylla Intel, a cyber intelligence startup that did a great deal of research into the SMS Bandits leading up to the arrest.

U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. NetWalker is a ransomware-as-a-service crimeware product in which affiliates rent access to the continuously updated malware code in exchange for a percentage of any funds extorted from victims.

Black man sues police, saying he was falsely ID'd by facial recognition, joining other Black Americans falling victim to the technology's racial bias. Racial bias against non-white skin in facial recognition landed Nijeer Parks ten days in jail in 2019 after the technology falsely identified him as a shoplifting suspect, a new lawsuit says.

21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[. A now-defunct online service that had been previously selling access to data hacked from other websites.

Italian police have arrested two people allegedly for using malware to steal 10 GB of confidental data and military secrets from defense company Leonardo S.p. A. Leonardo is one of the world's largest defense contractors, with 30% of the company owned by the Italian Ministry of Economy and Finance.

Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise scams have been arrested in the city of Lagos, Interpol reported yesterday. "The suspects are alleged to have developed phishing links, domains, and mass mailing campaigns in which they impersonated representatives of organizations," Interpol said.

A joint INTERPOL, Group-IB and Nigeria Police Force cybercrime investigation resulted in the arrest of the Nigerian nationals, believed to be responsible for distributing malware, carrying out phishing campaigns and extensive scams worldwide. In a BEC attack, a scammer impersonates a company executive or other trusted party, and tries to trick an employee responsible for payments or other financial transactions into wiring money to a bogus account.

The pair were performing a routine penetration test at the Dallas County courthouse at night when they tripped an alarm, were collared by deputies, and, ultimately, charged with felony trespassing - a crime that can lead to up to seven years behind bars. Part of the problem, the two professional attackers told the Black Hat online conference today, was the imprecise terms of the penetration tests Coalfire was hired to perform at the request of the US state of Iowa.