The 27th of May, Cyber News


State Service of Special Communication

Today, almost half a thousand of employees of the State Service of Special Communication take part in the country’s cyber defense. Moreover, tens of thousands of specialists from other cybersecurity subjects of Ukraine, volunteers, and representatives of the international community make every effort every day to defeat the enemy on the cyber front. During the three months of the war, 620 cyberattacks were detected, and more than 300 institutions received help from cyber specialists [1].

Statistics New Tool of the IT Army of Ukraine

The IT army has launched a new tool — a bot to automate cyber attacks against russia. They noted that not all hacktivists can run DDoS at the same time, so efficiency is declining.

«Now everyone can provide their cloud resources to the bot, which will launch a central attack from all the received servers at the same time. It has been refined and it is possible to transfer servers with a non-standard ssh port,» —  the IT army said [2].


Liberator Statistics for the First Three Months of Cyber Warfare

Hundreds of services were affected and dozens were destroyed by thousands of cyber warriors using the Liberator DDoS attack tool. Geographical coverage may not be entirely correct, as it is necessary to use a VPN, so statistics, unfortunately, do not include it. However, it is well known that Liberator is supported not only by Ukrainians, but also by hacktivists from all over the world [3].

The 27th of May, Cyber News

Ukrainian Hackers Have Blocked Access of russians to Money by Attacking russian Banks

The IT Army of Ukraine with the support of international volunteers has disrupted the websites of russian banks. In recent days, customers of several russian banks have faced problems, including Interprogressbank, rosbank, Ural Bank for Reconstruction and Development (UBRD), Moskommertsbank, russian National Commercial Bank, Chelyabinskinvest, and Ural Bank. Users of the social network VK in the comments complain about non-working sites or problems with mobile applications, due to which they can not use the services and conduct transactions online. Support services promise to promptly rectify the situation, but, according to the Russians themselves, in the case of UBRiR technically the work took more than four days. On May 26, the IT Army of Ukraine stressed that DDoS attacks on russian banks, stock exchanges and microfinance organizations continue. In addition, hackers were urged to attack the servers of ruStore — a russian mobile app store, which was launched the day before to replace Google Play [4], [5].


Hackers Stole the Personal Data of Hundreds of General Motors Customers

General Motors’ servers were hacked, revealing confidential information to customers. Among the data stolen from the criminals — names, home addresses, phone numbers of car owners, as well as data on the mileage of their cars and route history, said Gizmodo, noting that in California alone the number of affected customers exceeded 500. Interestingly, the theft of data did not happen in one day — the attackers broke into accounts from 11 to 29 April, according to General Motors, whose team is investigating the incident. The criminals used the method of automatic insertion of credentials that can be bought in the dark network. The target of the hackers were bonus points of GM customers. All of them were withdrawn from the relevant accounts and exchanged for gift cards, which can be used to pay for services and goods. Later, the bonuses were returned to customers’ accounts, the concern assures. However, with personal information, things are not so simple. Hackers have a fairly long list of data — names, surnames, addresses (home and e-mail), phone numbers, reserved seats, avatars and even photos, as well as the history of the car. GM is trying to reassure customers that the «drain» does not include dates of birth, insurance numbers or bank card and driver’s license details — such information is not stored in the account [6].

russian Hackers Have Hacked and Made Public Correspondence between Boris Johnson and his Colleagues

Politicians urged to treat published information with caution. russian hackers have created a site that published emails from British politicians who supported Brexit, Reuters reports, citing Google’s cybersecurity expert and former head of British intelligence. The site was registered three days after the russian Foreign Ministry banned the Prime Minister of the United Kingdom Boris Johnson from entering russia on April 16. And the URL of the resource contained the words «vile straw head» — a hint at Johnson’s hair. The site published personal correspondence between former Foreign Intelligence Chief Richard Dirlav, as well as well-known supporters of Britain’s exit from the European Union and ideological supporters of Johnson Gisele Stewart, Robert Tombs and others. Dirlav and Tombs have already confirmed that they have fallen victim to hackers and blamed the russian government. Politicians called for caution with the published information, given the context of current relations with russia. The published allegations raise a number of allegations, including a conspiracy to oust former British Prime Minister Theresa May and replace her with Boris Johnson, who took a more uncompromising stance on Britain’s exit from the EU. Thomas Reed, a security expert at Hopkins University, said the hacking was similar to previous leaks involving russian hackers. «In a way, it looks very familiar,» he said, alluding to a stalemate in the US Democratic Party’s correspondence and publicity, which affected voter sentiment and ultimately led to Donald Trump’s 2016 election victory and Hillary Clinton’s loss  [7].