Security News

In one four-month period some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs - all related to COVID-19 - were detected by one of INTERPOL's private sector partners. "Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19," said Jürgen Stock, INTERPOL Secretary General.

Cybercriminals could be stealing data from payment cards with EMV chips and using it to create magnetic stripe cards which they can use for card-present transactions, cybersecurity firm Gemini Advisory reported on Thursday. This enables cybercriminals who can steal EMV card data to encode that data on a magnetic stripe, inserting the iCVV instead of the CVV that is expected to be on the magnetic stripe.

Trend Micro unveiled new insights analyzing the market for underground hosting services and detailing how and where cybercriminals rent the infrastructure that hosts their business. There are varied types of underground hosting and associated services used by cybercriminals to operate their businesses, including bulletproof hosting, VPNs, anonymizers, and DDoS protection.

As most people have been busy grappling with the impact of the coronavirus pandemic so too have cybercriminals been busy, but for more nefarious reasons. The spread of COVID-19 has provided fertile ground for criminals to launch different types of attacks that have exploited not just the virus but also the resulting lockdown and stay-at-home situation.

Kaspersky's latest research identifies the top streaming services cybercriminals most use to disguise malicious files and lure vulnerable users. The year 2019 was host to what the report refers to as "Streaming Wars," or the moment when major network providers realized streaming services were the preferred method of consuming content.

Late last week, the University of California San Francisco revealed that it paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack earlier this month. "While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible," UCSF says.

A Russian computer hacker who facilitated $20 million in credit card fraud and ran a sophisticated clearinghouse for international cybercriminals was sentenced Friday to nine years in prison. Prosecutors say Aleksei Burkov of St. Petersburg, Russia, filled a unique niche in the world of cybercrime, describing his Direct Connection website as "The most exclusive criminal forum on the web." Would-be participants had to put up a $5,000 bond and have three existing members vouch for them.

Cybercriminals are increasingly using IM platforms like Telegram, Discord, Jabber, WhatsApp, IRC and others to advertise and sell their goods and services, IntSight researchers have found. IntSights CSO Etay Maor says that the migration to these platforms is at least partially the result of law enforcement operations that targeted the AlphaBay and Hansa markets several years ago, as well as the ongoing law enforcement takedowns of major marketplaces and cybercrime forums.

As multiple companies inch closer to a potentially life-saving vaccine for the coronavirus, cybercriminals with varying motives have increased attacks. During a webinar with CISO MAG earlier this month, Bryan Ware, assistant director for the US Cybersecurity and Infrastructure Security Agency said the attacks being led by the Chinese government were "Hindering vaccine development in the US," and the government body released its own memo to vaccine researchers urging them to beef up defenses.

No financial firm is ever safe, especially as cybercriminals become more determined and sophisticated in their attack methods. Cybercriminals often work to exploit fear and uncertainty during major world events by launching cyber attacks, and the pandemic is no exception.