Security News

34-year-old Russian Aleksandr Grichishkin, the founder of a bulletproof hosting service, was sentenced to 60 months in prison for allowing cybercrime gangs to use the platform in attacks targeting US financial institutions between 2008 to 2015. Grichishkin, who was also the organization's leader, provided multiple cybercrime operations with the infrastructure needed to distribute malware, host phishing kits, breach targets' networks, build botnets, and steal banking credentials.

Interpol has coordinated the arrest of 1,003 individuals linked to various cyber-crimes such as romance scams, investment frauds, online money laundering, and illegal online gambling. On the financial aspect of the operation, the authorities have also intercepted nearly $27,000,000 and froze 2,350 banking accounts linked to various online crimes.

Criminals have been quick to abuse the current circumstances to increase profits, spreading their tentacles to various areas and exposing vulnerabilities, connected to systems, hospitals or individuals. Europol's Executive Director Catherine De Bolle highlighted: "Worldwide operations, such as the successful takedown of EMOTET botnet, have demonstrated the effectiveness of international cooperation. Ransomware groups have attempted to disrupt critical infrastructures, such as service providers and government institutions, to increase their profits with no concern for the possible damages such interceptions may cause to public safety and security. To this, the collective response of our international law enforcement community is clear: the authorities and the private sector worldwide stand strong and ready to mitigate together any threat that blackmails the stability of our societies."

A colleague asked me recently if I thought the FBI had finally experienced enough of the cyberattacks plaguing the United States and would now more aggressively pursue the attackers. Combating cybercrime is exponentially more difficult than combating traditional criminal activities, as technologies and techniques make it very easy for cybercriminals to hide their true identities, locations, and allegiances.

The latest organized crime threat assessment from Europol issues a dire warning about the corrosive effect the rising influence of criminal syndicates is having on both the economy and society of the European Union. "The online environment and online trade provide criminals access to expertise and sophisticated tools enabling criminal activities," The Europol Threat Assessment said.

A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. Starting its roots as a banking trojan in 2016, TrickBot has evolved into a modular, multi-stage Windows-based crimeware solution capable of pilfering valuable personal and financial information, and even dropping ransomware and post-exploitation toolkits on compromised devices.

The European police force stated the ransomware activities targeted critical infrastructures and mostly large corporations. Europol, the European police agency, announced today the arrests of 12 people involved in ransomware activities across the world.

An analysis of 500 hacking incidents across a wide range of industries has revealed trends that characterize a maturity in the way hacking groups operate today. Researchers at Kaspersky have focused on the Russian cybercrime underground, which is currently one of the most prolific ecosystems, but many elements in their findings are common denominators for all hackers groups worldwide.

Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization charges for bulletproof hosting services used by multiple cybercrime operations to target US organizations. The bulletproof hosting service also helped cybercrime gangs register new infrastructure using stolen or false identities that allowed them to circumvent law enforcement efforts to block their attacks.

The development also speaks to the TrickBot gang's increasing sophistication and standing in the cybercrime underground, IBM researchers said: "This latest development demonstrates the strength of its connections within the cybercriminal ecosystem and its ability to leverage these relationships to expand the number of organizations infected with its malware." According to IBM, the TrickBot gang has now added powerful additional distribution tactics to its bag of tricks, thanks to the two new affiliates.