Security News

The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country through phishing emails. BleepingComputer's analysis shows that the executed Python script will check if the user is an admin of the device, and if so, make modifications to the system for persistence and then executes the 'LockBit Locker' ransomware to encrypt files.

If you say THE Twitter hack, everyone knows you mean the one that happened in July 2020, when a small group of cybercriminals ended up in control of a small number of Twitter accounts and used them to talk up a cryptocoin fraud. SIM swaps are where a criminal sweet-talks, bribes or coerces a mobile phone provider into issuing them with a "Replacment" SIM card for someone else's number, typically under the guise of wanting to buy a new phone or urgently needing to replace a lost SIM. The victim's SIM card goes dead, and the crook starts receiving their calls and text messages, notably including any two-factor authentication codes needed for secure logins or password resets.

The police in Spain have arrested José Luis Huertas, a 19-year-old regarded as the most dangerous hackers in the country. A police investigation started in November 2022 eventually lead to the identification and arrest of the young hacker, who has been described as "a serious threat to national security."

Spain's National Police and the U.S. Secret Service have dismantled a Madrid-based international cybercrime ring comprised of nine members who stole over €5,000,000 from individuals and North American companies. The cybercrime gang specializes in online scams, employing social engineering, phishing, and smishing to collect sensitive victim details and then use that information to commit financial fraud.

In painstaking work backed by computers, Pierrot found "Distinct families" of about 120 symbols used by Charles V. "Whole words are encrypted with a single symbol" and the emperor replaced vowels coming after consonants with marks, she said, an inspiration probably coming from Arabic. In another obstacle, he used meaningless symbols to mislead any adversary trying to decipher the message.

The notorious 'Grandoreiro' banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. It involves the deployment of a Grandoreiro malware variant featuring several new features to evade detection and anti-analysis, as well as a revamped C2 system.

The Spanish police have announced the arrest of two hackers believed to be responsible for cyberattacks on the country's radioactivity alert network, which took place between March and June 2021. "A year of investigations and an exhaustive technical police analysis of all the communications of the sabotaged sensors, as well as the data related to the intrusion in the computer system whose origin could be located in the public use network of a well-known establishment of hospitality in the center of Madrid, allowed to identify the authors of the cyberattack." - Policia National.

A previously undocumented remote access trojan written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, 2022. "The newly identified Nerbian RAT leverages multiple anti-analysis components spread across several stages, including multiple open-source libraries," Proofpoint researchers said in a report shared with The Hacker News.

Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. The first case of fraud attributed to this particular SIM swapping gang is from March 2021, when the police received two complaints about fraudulent transfers not performed by the account holders.

In contrast, the Twitter hack we're referring to ultimately led to the takeover of just 45 accounts. The suspects were alleged to have previous form in hacking and trading in so-called OG accounts, where OG is short for original gangster.