Security News

The Spanish police have announced the arrest of two hackers believed to be responsible for cyberattacks on the country's radioactivity alert network, which took place between March and June 2021. "A year of investigations and an exhaustive technical police analysis of all the communications of the sabotaged sensors, as well as the data related to the intrusion in the computer system whose origin could be located in the public use network of a well-known establishment of hospitality in the center of Madrid, allowed to identify the authors of the cyberattack." - Policia National.

A previously undocumented remote access trojan written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, 2022. "The newly identified Nerbian RAT leverages multiple anti-analysis components spread across several stages, including multiple open-source libraries," Proofpoint researchers said in a report shared with The Hacker News.

Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. The first case of fraud attributed to this particular SIM swapping gang is from March 2021, when the police received two complaints about fraudulent transfers not performed by the account holders.

In contrast, the Twitter hack we're referring to ultimately led to the takeover of just 45 accounts. The suspects were alleged to have previous form in hacking and trading in so-called OG accounts, where OG is short for original gangster.

A British man has been charged in the United States in connection with a Twitter hack last summer that compromised the accounts of prominent politicians, celebrities and technology moguls, the Justice Department said Wednesday. Joseph O'Connor, 22, was arrested in the coastal resort town of Estepona, Spain, on an arrest warrant accusing him of involvement in a July 2020 hack of more than 130 accounts, and of hacks that prosecutors said took over TikTok and Snapchat accounts, including "One of the most viewed and followed" TikTok stars.

Spanish law enforcement agencies on Wednesday arrested 16 individuals belonging to a criminal network in connection with operating two banking trojans as part of a social engineering campaign targeting financial institutions in Europe. As part of an effort to lend credibility to their phishing attacks, the operators worked by sending emails under the guise of legitimate package delivery services and government entities such as the Treasury, urging the recipients to click on a link that stealthily downloaded malicious software onto the systems.

The Spanish Ministry of Labor and Social Economy is working on restoring services after being hit by a cyberattack on Wednesday. "The Ministry of Labor and Social Economy has been affected by a computer attack," MITES' media office said earlier today.

The Spanish State Employment Service in Spain has been hit by a cyberattack, suspending its communications systems across hundreds of offices and delaying thousands of appointments. SEPE is an "Autonomous body" in Spain that manages and controls unemployment benefits.

Spain's highways agency is using bulk mobile phone data for monitoring speeding hotspots, according to local reports. Equipped with data on customers handed over by local mobile phone operators, Spain's Directorate-General for Traffic may be gathering data on "Which roads and at what specific kilometer points the speed limits are usually exceeded," according to Granadan newspaper Ideal.

Researchers are warning of a remote overlay malware attack that leverages a fake Chrome browser plugin to target the accounts of banking customers in Spain. Grandoreiro is a type of remote overlay banking trojan, designed to help attackers overtake devices and display a full-screen overlay image when victim accesses their online banking account.