Security News

In a joint operation, European and British law enforcement agencies recently arrested hundreds of alleged drug dealers and other criminals after infiltrating into a global network of an encrypted chatting app that was used to plot drug deals, money laundering, extortions, and even murders. Dubbed EncroChat, the top-secret encrypted communication app comes pre-installed on a customized Android-based handset with GPS, camera, and microphone functionality removed for anonymity and security.

In May, police in France, assisted by the Netherlands' cops, infiltrated EncroChat's core network - and in mid-June the operator pulled the plug, having realised the game was up. The takedown of the network has been a poorly disguised secret, with Northern Irish suspects reportedly being arrested last week after data from EncroChat's servers was shared around European police forces.

Police said Thursday they had shut down an encrypted phone network used as a key tool by organised crime groups across Europe to plot assassination attempts and major drug deals. French and Dutch police said they hacked the EncroChat network so they could read millions of messages "Over the shoulders" of criminal suspects as they communicated, leading to more than 100 arrests.

Paul Bischoff, consumer privacy expert with Comparitech, found that Amazon's face recognition platform incorrectly misidentified more than 100 photos of US and UK lawmakers as criminals. Rekognition, Amazon's cloud-based facial recognition platform that was first launched in 2016, has been sold and used by a number of United States government agencies, including ICE and Orlando, Florida police, as well as private entities.

New Zealand police revealed Monday they had frozen NZ$140 million in assets linked to a Russian man accused of laundering money for organised crime using cyber currency. Police said they acted after discovering funds belonging to Alexander Vinnik, who is in custody in France facing fraud charges, were being held in a New Zealand company.

Sadly unlawful cryptomining is still a thing, and SophosLabs has just published a report that follows the evolution and operation of the cybercrime gang behind a botnet known as Kingminer. Servers have two desirable properties for cryptomining abuse, namely that they're always on, so any unauthorised mining runs 24/7, and they're usually much more powerful than the average laptop, so the crooks can dial in decent earnings without taking over the server so completely that they get noticed.

Masks that have made criminals stand apart long before bandanna-wearing robbers knocked over stagecoaches in the Old West and ski-masked bandits held up banks now allow them to blend in like concerned accountants, nurses and store clerks trying to avoid a deadly virus. He said he knows of seven recent armed robberies in the region where every suspect wore a mask.

Phishers are incessantly pumping out COVID-19 themed phishing campaigns and refining the malicious pages the targets are directed to. "Credential phishing attackers often tailor their email lures with themes they believe will be the most effective and use general websites for actual credential harvesting. The recent move to create custom COVID-19 payment phishing templates indicates that buyers view them as effective enough to warrant custom tactics to harvest credentials," Proofpoint researchers have noted.

According to the security company that verified its authenticity, Cyble, this is data that a specialised group of internet users will find far more interesting - a database of criminal account holders of the now defunct WeLeakData.com breach data trading forum. Such sites have sprung up in the wake of a tidal wave of public data breaches, giving criminals a one-stop shop for accessing the stuff without having to do unnecessary legwork.

In a report Thursday looking at how the pandemic will shape organized crime in the EU, Europol said much of the criminality related to the deadly virus reflects the flexibility of criminal organizations, a trend that was already witnessed during previous financial crises. The impact became evident much more quickly, with a sharp increase in cybercrime in the first weeks of the virus's spread. "New and adapted attacks appeared almost immediately from the onset of the crisis and have been among the most visible types of criminality," Europol said.