Security News

A Ukrainian national who has been wanted by the U.S for over a decade has been arrested by Swiss authorities for his role in a notorious cybercriminal ring that stole millions of dollars from victims' bank accounts using malware called Zeus. According to court documents released by the U.S. Depart of Justice in 2014, Penchukov and eight other members of the cybercriminal group infected "Thousands of business computers" with Zeus, which is capable of stealing passwords, account numbers, and other information relevant to log into online banking accounts.

The FBI warns that tech support scammers are now impersonating financial institutions' refund payment portals to harvest victims' sensitive information and add legitimacy. "Within the body of the email, the scammers will indicate the specific service to be renewed with a price commonly in the range of $300 to $500 USD, provoking a sense of urgency in the victims to contact them and provide information for a refund," the FBI said.

While the FBI alert doesn't name said hacktivists in its latest cyber squad notification [PDF] for private industry, the Feds may be talking about Killnet, a "Relatively unsophisticated" gang whose "Nuisance-level DDoS attacks" don't live up to its rhetoric, according to security researchers. These attacks are generally opportunistic in nature and, with DDoS mitigation steps, have minimal operational impact on victims; however, hacktivists will often publicize and exaggerate the severity of the attacks on social media.

The Federal Bureau of Investigation said on Friday that distributed denial-of-service attacks coordinated by hacktivist groups have a minor impact on the services they target. "Coinciding with the Russian invasion of Ukraine, the FBI is aware of Pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success," the agency said.

In what can only be described as inevitable, the FBI is warning those eligible for student loan debt relief to keep an eye out for scammers trying to take advantage of President's Biden program. The White House announced limited student loan debt forgiveness in August, with qualifying individuals and joint filers each able to get up to $10,000 of student loan debt forgiven, or double that amount if the person was awarded Pell grants for low-income students.

The FBI has released a warning that scammers may be targeting individuals seeking to enroll in the Federal Student Aid program to steal their personal information, payment details, and money. Federal Student Aid is a debt relief program announced in August 2022 that opened for applications yesterday.

The Federal Bureau of Investigation warned today of foreign influence operations that might spread disinformation to affect the results of this year's midterm elections. The federal law enforcement agency warned that foreign actors are actively spreading election infrastructure disinformation to manipulate public opinion, discredit the electoral process, sow discord, and encourage a lack of trust in democratic processes and institutions.

The FBI and the US government's Cybersecurity and Infrastructure Security Agency claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity, or manipulate votes at scale. The agencies also took the time to explain how US election systems are secured using "a variety of technological, physical, and procedural controls to mitigate the likelihood of malicious cyber activity" that could affect "Election infrastructure systems or data that would alter votes or otherwise disrupt or prevent voting."

The FBI and Cybersecurity and Infrastructure Security Agency claim any foreign interference in the 2022 US midterm elections is unlikely to disrupt or prevent voting, compromise ballot integrity or manipulate votes at scale. Despite popular narratives in some political circles that the 2020 election was insecure and fraudulent, there hasn't been any evidence to suggest that, the FBI and CISA said in the PSA. The agencies also took the time to explain how US election systems are secured using "a variety of technological, physical, and procedural controls to mitigate the likelihood of malicious cyber activity" that could affect "Election infrastructure systems or data that would alter votes or otherwise disrupt or prevent voting."

The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency in a public service announcement says that cyber activity attempting to compromise election infrastructure is unlikely to cause a massive disruption or prevent voting. "As of the date of this report, the FBI and CISA have no reporting to suggest cyber activity has ever prevented a registered voter from casting a ballot, compromised the integrity of any ballots cast, or affected the accuracy of voter registration information," PSA from the FBI and CISA. "Any attempts tracked by FBI and CISA have remained localized and were blocked or successfully mitigated with minimal or no disruption to election processes," the two agencies says in the report.