Security News

The MoleRats advanced persistent threat has developed two new backdoors, both of which allow the attackers to execute arbitrary code and exfiltrate sensitive data, researchers said. The DropBook backdoor uses fake Facebook accounts or Simplenote for C2, and both SharpStage and DropBook abuse a Dropbox client to exfiltrate stolen data and for storing their espionage tools, according to the analysis, issued Wednesday.

Two new backdoors have been attributed to the Molerats advanced persistent threat group, which is believed to be associated with the Palestinian terrorist organization Hamas. In early 2020, security researchers at Cybereason's Nocturnus group published information on two new malware families used by the APT, namely Spark and Pierogi.

Researchers have discovered a previously undocumented backdoor and document stealer, which they have linked to the Russian-speaking Turla advanced persistent threat espionage group. Researchers said that the Crutch toolset has been designed to exfiltrate sensitive documents and other files to Dropbox accounts, which Turla operators control.

Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of a European Union country. Turla's Crutch malware was designed to help harvest and exfiltrate sensitive documents and various other files of interest to Dropbox accounts controlled by the Russian hacking group.

With Western Digital SMR HDDs serving as the storage foundation for its custom-built, multi-exabyte storage platforms, Dropbox continues its strategic path, taking advantage of the highest storage densities with the lowest TCO without sacrificing data durability and availability for its 600 million+ online customers. "We've been working with Western Digital for many years, and throughout several phases of our storage platform development," said Andrew Fong, vice president of engineering, Dropbox.

Hackers sent Joe Biden's presidential campaign staffers malicious emails that impersonated anti-virus software company McAfee, and used a mix of legitimate services to avoid detection. The unsuccessful advanced persistent threat group attacks on Biden's campaign were first uncovered in June, along with cyberattacks targeting Donald Trump's campaign.

A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and now-defunct social-networking firm Formspring, and stole data on over 200 million users.

A Russian scumbag found guilty of hacking into LinkedIn, Dropbox, and Formspring - and stealing data on over 200 million users - has been sent down for more than seven years. Yevgeniy Nikulin was sentenced to 88 months in an American prison by a federal court in San Francisco this week though the judge in this case, William Alsup, was surprisingly kind about the 32-year-old Russian.

A Russian national was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. The man, Yevgeniy Aleksandrovich Nikulin, who will turn 33 next month, was charged in 2016 for using stolen employee credentials to access without authorization the systems of LinkedIn, Dropbox and Formspring.

The Russian hacker accused of raiding LinkedIn, Dropbox and Formspring, and obtaining data on 213 million user accounts, has been found guilty. The jury reckoned Nikulin probably swiped the LinkedIn account details, all 117 million of them, for commercial gain, though they didn't think greed played a role in his theft of 28 million account records from Formspring and 68 million from Dropbox.