The 28th of March, Cyber Digest


Cybercriminals use the funds for the support of Ukraine in Darknet

Check Point Research (CPRs) researchers who often scan Darknet, have noticed several advertisements and sites that are aimed at collecting money for Ukrainians, mainly based on crypto currency. The CPR investigation shows that although some of these sites are part of the official Ukrainian government fund raising campaign, others seem doubtful and cause anxiety that there are cybercriminals again that use the current crisis for fraudulent activities. The CPR calls for potential donors that seek to help Ukrainians, and in general, anyone who makes donations for any business to be vigilant and necessarily check the pre-order websites for which they send money. See the source

Hackers are predominantly attacking the state institutions, communication operators, local authorities, logistics companies and media resources of Ukraine

In the period from March 15 to March 22, hackers were attacking predominantly the state institutions, communication operators, local authorities, logistics companies and media resources of Ukraine. Such data of a government response team to computer emergency events Cert-UA have been unveiled by the State Special Communications Service and Information Protection in a Telegram, reports Ukrinform. “Especially unpleasant are the attacks on logistics. Supply of food, fuel, humanitarian assistance to the occupied bridge, which are under permanent fires and bombing, are decisive for the prevention of a humanitarian catastrophe, ” – said Viktor Zura, Deputy Head of the State Special Communication Service. See the source

Vinnitsa Cyberpolice exposed the man in the breakdown of social networks for the organization of fake collection of money

The attacker decided to “earn” in the war and decided to breake the accounts of citizens. The person has gathered donations from friends of users and thus assigned about 60 000 Hryvnia. The 25-year-old man from Vinnytsa was breaking accounts of users of social networks and later on behalf of the owner of the page was placing a publication about the collection of money. The attacker announced that he was going to the front and urgently needs financial assistance to buy amunitions. Currently, cyberpolice establishes, in which ways he was receiving access to user accounts. According to preliminary data, the attacker was using phishing links. See the source


IT Army of Ukraine has sent to the out the Courier Service “CDEK”

IT Army of Ukraine: “Thanks to our coordinated actions the Courier Service” CDEK was successfully sent to the out “, which is quite popular in the russian market. Today we propose to test a system of protection of the company “Courier Service Express”. See the source

Ukrainian hackers have broken personal data of citizens of Buryatia

This has been done in order to get the access to the bank accounts. All received funds will be aimed at helping to Ukrainian refugees. In mid-March, the representatives of the “closed group of Ukrainian cyber platform” said that they have broken one of the state systems of Buryatia and received access to a universal medical personal office created in spring of 2020 to accounting for patients with COVID-19, contact persons, those who have passed testing and visitors from other regions that had to remain self-isolation. The received data “is used for attacks on the financial sector”, and the the money are sent for food and clothing for Ukrainian refugees. See the source

Russian propaganda is spreading fakes about US and NATO cyber-landing in Ukraine

Russia’s cyber forces are faced with powerful professional security systems and are unable to achieve their goals, as the ground forces are unable too. To explain its own failures, russian propaganda has initiated narratives about “US and NATO specialists supporting the war in cyberspace.” In fact, security systems are strong thanks to the professionalism of Ukrainian IT communities and government professionals. “Our cooperation with international partners is a two-way street. We provide the international cyber community with the latest data and information on russian operations, and we are truly at the forefront of protecting Europe and NATO from russian hackers, as the Armed Forces of Ukraine do on the ground,” – said Viktor Zhora, Deputy Head of the State Special Communication Service. See the source


Hackers Anonymous have published 28 GB of information after the hacking of the Central Bank of russia

Almost 30 GB of information have been published by hackers on the Mega NZ file exchange. The documents are placed in two folders: part A; part B. “We sent these documents to various points on the Internet. If the documents are censored, we will share them at other links. ” The documents contain contracts, correspondence, money transfers, economic reports, agreements with other countries. Among other things, there are audit reports and data on bank owners. Hackers claim to have gained access to “secret agreements” of the Central Bank. Anonymous also recorded a video address in which Putin was called “a liar, a dictator, a war criminal and a murderer of children.” See the source

Starlink is constantly under attack by hackers

Elon Musk reports that the global satellite system Starlink is constantly under hacker attacks, which are successfully repulsed. The hacker attacks are linked to Elon Musk’s direct support for Ukraine through his public position and the providing with a huge amount of Starlink for our defense. See the source

Isolation of aggressors in the international space continues

russian and belarusian computer emergency response teams have become exiles in the relevant international community. The Forum on Information Security Response Teams (FIRST), an international organization that brings together computer emergency response teams (CERTs) from around the world, has suspended the membership of russian and belarusian teams in FIRST. So now russians and belarusians will not receive up-to-date information from the international FIRST community on various cyber incidents and indicators of compromising. This will significantly reduce the effectiveness of protecting aggressor countries from cyber threats. See the source

The United States has recognized Kaspersky Lab and two Chinese companies as a threat to national security

The US Federal Communications Commission has added russian Kaspersky Lab and China’s Telecom Corp. and China Mobile International USA to the list of companies that pose a threat to national security, according to the website of the commission. Kaspersky Lab became the first company in the field of cybersecurity to appear in the list. The head of the Federal Communications Commission, Brendan Carr, said the decision would help to protect the internal networks of the company from the threats of russian and Chinese governments which are seeking to engage in espionage and otherwise harm to the American interests. See the source

The 28th of March, Cyber Digest