Security News

The U.S. Attorney's Office for the Southern District of New York has charged a man for illegally streaming MLB, NBA, NFL, and NHL games via the web and hacking into sports leagues' customer accounts. The charged individual is Joshua Streit, 30, of Minnesota, who allegedly streamed illegal re-broadcasts of major American sports leagues, including the Major League Baseball, National Basketball Association, National Football League, and the National Hockey League.

The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service during the SolarWinds global hacking spree. Even though other districts were also affected by the attacks to a lesser degree, the Russian SVR state hackers managed to breach the O365 email accounts of at least 80 percent of employees from US Attorneys' offices located in the Eastern, Northern, Southern, and Western Districts of New York.

The Department of Justice has seized 63.7 bitcoins currently valued at approximately $2.3 million. "Ransom payments are the fuel that propels the digital extortion engine, and today's announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks."

The Department of Justice has charged a woman in Rhode Island in a phishing campaign against candidates for political office and related associates that impersonated various individuals-including campaign workers and the Microsoft security team-in an attempt to trick victims into providing account credentials. The U.S. Attorney's Office for the District of Massachusetts has charged Diana Lebeau, 21, of Cranston, R.I., with "Attempted unauthorized access to a protected computer," according to a press release from the DoJ. The charge relates to a phishing campaign Lebeau allegedly mounted beginning in January 2020 against about 22 campaign staffers for an unnamed candidate for political office, as well as another political candidate-also not identified-and related associates, according to the DoJ. Assistant U.S. Attorney Seth Kosto is prosecuting the case.

A former track-and-field coach who worked at several universities has been arrested and is facing up to five years in prison for attempting to solicit nude photos of his athletes through sham social-media accounts and cyberstalking. The Department of Justice alleged that Steve Waithe, while coaching at Northeastern University, would often ask his athletes to give him their phones during competition and practices, ostensibly, so he could film their form, the U.S. Attorney for the District of Massachusetts said.

The US Department of Justice warns of phishing attacks using fake post-vaccine surveys to steal money from people or tricking them into handing over their personal information. "Consumers receive the surveys via email and text message and are told that, as a gift for filling out the survey, they can choose from various free prizes, such as an iPad Pro," the DOJ said.

The US Department of Justice said that the attackers behind the SolarWinds supply chain attack have gained access to roughly 3% of the department's Office 365 email inboxes. The Justice Department currently employs over 115,000 people [1, 2] which translates to around 3450 potentially breached mailboxes.

Taiwanese chip-maker United Microelectronics Corporation will plead guilty to theft of trade secrets from Micron Technologies and pay a $60m fine to the USA. The case was brought in 2018 when the US Department of Justice alleged that UMC and Chinese outfit Fujian Jinhua Integrated Circuit conspired to steal Micron's DRAM technology, including details of manufacturing processes, in order to start their own DRAM business. The DoJ acted against UMC under its "Initiative to Combat Chinese Economic Espionage", a Trump administration programme that aims to protect American intellectual property and lets the US government enforce forfeitures and fines.

The Department of Justice on Monday announced charges against six Russian nationals who are allegedly tied to the Sandworm APT. The threat group is believed to have launched several high-profile cyberattacks over the past few years - including the destructive NotPetya cyberattack that targeted hundreds of firms and hospitals worldwide in 2017. According to the DOJ complaint, the six Russian nationals are tied to a division of the Russian military intelligence service and also affiliated with the APT Sandworm, also known as TeleBots.

US prosecutors claim six people bribed corrupt Amazon insiders to rig the the web giant's Marketplace in their favor and leak terabytes of data including some search algorithms. In an indictment [PDF] filed late last week, the Dept of Justice asserted that the six defendants paid over US$100,000 to "Complicit Amazon employees and contractors." The DoJ claims at least ten Amazonians took the crooked coin and "Baselessly and fraudulently conferred tens of millions of dollars of competitive benefits on hundreds of 3P seller accounts that the defendants purported to represent".