Security News

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first set of activities is what the company described as "Persistent and well-resourced" and undertaken by a hacking group tracked under the moniker Bitter APT targeting individuals in New Zealand, India, Pakistan and the U.K. "Bitter used various malicious tactics to target people online with social engineering and infect their devices with malware," Meta said in its Quarterly Adversarial Threat Report.

A new version of the Amadey Bot malware is distributed through the SmokeLoader malware, using software cracks and keygen sites as lures. Amadey Bot is a malware strain discovered four years ago, capable of performing system reconnaissance, stealing information, and loading additional payloads.

The U.S. Federal Trade Commission warned this week that it will crack down on tech companies' illegal use and sharing of highly sensitive data and false claims about data anonymization. "While many consumers may happily offer their location data in exchange for real-time crowd-sourced advice on the fastest route home, they likely think differently about having their thinly-disguised online identity associated with the frequency of their visits to a therapist or cancer doctor," FTC's Kristin Cohen said.

Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files. Yanluowang, named after a Chinese deity and underworld judge, is a type of ransomware that has been used against financial institutions and other firms in America, Brazil, and Turkey as well as a smaller number of organizations in Sweden and China, Kaspersky said yesterday.

Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, as well as offering free stolen data to its members. While stolen data marketplaces are not new, instead of extorting companies and scaring them with GDPR fines, Industrial Spy promotes itself as a marketplace where businesses can purchase their competitors' data to gain access to trade secrets, manufacturing diagrams, accounting reports, and client databases.

Taiwan's Parliament, the Executive Yuan, yesterday revealed draft amendments to national security laws aimed at deterring and punishing Chinese economic espionage efforts directed at stealing tech industry secrets. Premier Su Tseng-chang said Taiwanese authorities have observed Chinese interests infiltrating local operations and "Utilizing various methods to lure high-tech talent from Taiwan and steal Taiwanese core technologies."

A special law enforcement operation undertaken by Russia has led to the seizure and shutdown of four online bazaars that specialized in the theft and sales of stolen credit cards, as the government continues to take active measures against harboring cybercriminals on its territory. Ferum Shop, active since October 2013, made as much as $256 million in Bitcoin from stolen card sales, accounting for nearly 17% of the stolen credit card market.

Senior officials from more than 30 countries said that their governments would take action to disrupt the illicit cryptocurrency payment channels used by ransomware gangs to finance their operations.The Counter-Ransomware Initiative hopes to drain their funding and take down their operations by disrupting the ransomware groups' funding channels.

BT is looking to cash in on ever-growing global concerns over digital crime, and has confirmed making a multi million pound investment in US-based cyber risk management firm Safe Security. As part of the deal, BT plans to combine Safe Security's "SAFE platform" with its own managed security services to provide added protection for its customers in the UK against cyber threats.

Microsoft on Monday announced that it secured a court order to take down numerous malicious homoglyph domains that a criminal group registered to impersonate legitimate sites of various businesses, predominantly located in North America. Leveraging similarities between alpha-numeric characters, cybercriminals register homoglyph domains that closely resemble those of legitimate businesses, but are instead under the control of the unauthorized parties.