Researchers from Kaspersky discovered the Dtrack spy tool when they were analyzing the ATMDtrack malware that was targeting Indian banks. The initially discovered Dtrack samples were observed to be dropped ones, because the real payloads were encrypted with various droppers. On decrypting the final payload, several similarities with the DarkSeoul campaign emerged. This led to the campaign being associated with the Lazarus group.
Researchers from Tenable noted that these scammers are targeting Cash App users on Twitter, Instagram, and YouTube with fake ‘free money’ giveaway campaign by tricking the users into sending small amounts in return for a big amount, sometimes even ten times higher.
talian global banking and financial services company UniCredit S.p.A. yesterday disclosed a data breach incident involving a file containing roughly 3 million records. The file was generated in 2015, which suggests that customers who created accounts in 2016 and beyond are likely safe. Affected information consisted of customers’ names, cities, telephone numbers and emails.
Facing possible exclusion from the 2020 Summer Olympics in Tokyo and other major athletic events, Russia once again has been attempting to hack anti-doping agencies and sports organizations. In attacks that started on Sept. 16, the reputed Russian APT Fancy Bear targeted at least 16 national and international sports organizations across three continents, wrote Tom Burt, corporate vice president, customer security and trust at Microsoft, in a company blog post.
A group of extortionists claiming to be the Russian APT group Fancy Bear launched a ransom denial of service (RDoS) campaign against numerous industry sectors earlier this month, demanding a payment of 2 Bitcoin to stop bombarding victims with amplified traffic. In all likelihood, the attackers are not truly members of a Russian intelligence agency’s elite hacking unit, but rather are using the Fancy Bear moniker to instill fear. Still, they do have genuine DDoS capabilities, according to a pair of reports on the campaign, from Radware and Link11.
One Magecart group decided that helping cancer victims is not enough of a reason to deter them from hitting the American Cancer Society’s online store with skimming malware. Sanguine Security found the malware on www.shop.cancer.org/ hiding behind the GoogleTagManager code. The store sells t-shirts emblazoned with the organization’s logo.