The 14th of June, Cyber News

Ukraine   

The Hackers Gave Kyivstar Two Weeks or They Should  Pay $ 250,000, or DDOS with a Capacity of 1.5TB per Second

According to Kyivstar President Oleksandr Komarov, the hacking group Fancy Lazarus, which specializes in digital blackmail and DDoS attacks, demanded $ 250,000 from Kyivstar in June 2021. In return, the hackers were not allowed to attack the company’s services. «They made a test attack that had little effect on our services. Then I received a letter with a proposal to pay $ 250,000 for leaving us alone,» Komarov said. The hackers gave the operator two weeks. During this time, the company, according to Komarov, has prepared. In particular, she appealed to the State Service of Special Communication and EU bodies. Since the beginning of the war, the company has been regularly attacked. According to Komarov, there are dozens of attacks every week. 70-80 attacks in the company are considered large-scale. For example, the May 9 attack lasted 29 hours [1].

russia  

Hackers Have Hacked the Internet Service of the russian VDTRK and Called for an End to the War

On the evening of June 12, unknown hackers hacked the Smotrim.ru Internet service, which is designed to watch TV channels of the All-russian State Television and Radio Company (VDTRK). For half an hour, a screensaver with the inscription “Putin kills Ukrainians! Stop the war! ” Television programs were not available at the time. Subsequently, the start page of the service stopped working completely. No comments were received from the owners of the service [2].

Hackers Have Hacked the Site of the «Supreme Court of the DNR»

The site posted a «hello» for judges who handed down the death sentence to foreigners who fought on the side of Ukraine. Thus, the image of the burning Moscow Kremlin and the flag of Ukraine with the inscription «Glory to Ukraine! Glory to the Heroes» appeared on the main page of the «court» website. It will be recalled that the so-called «DNR court» sentenced to execution British citizens Sean Pinner and Aiden Aslin, as well as Moroccan Saadun Brahim, who fought on the side of Ukraine and were captured by the occupiers. The UN Office of Human Rights has condemned the verdict, saying such trials against prisoners of war are war crimes [3].

World  

A Vulnerability Has Been Found in the PlayStation 5 Firmware that Could Allow Pirated Copies of Games to be Recorded on Blu-ray Discs

According to HakerOne, security researchers have found a vulnerability in the firmware of the PlayStation 5, which opened up great opportunities for gaming piracy. This vulnerability allowed hackers to bypass the security system and burn pirated copies of games to BlueRay discs. The exploit could work on both the PS4 drive and, theoretically, the PS3. The Sony team has already responded to the problem and shut down the exploit, and researchers have received a $ 20,000 reward for the Bug Bounty program [4].

The Massive Phishing Campaign of Facebook and Messenger Affected 8.5 Million Users

Researchers have discovered a large-scale phishing campaign that used Facebook and Messenger to lure millions of users to phishing pages to collect credentials and display ads. An attacker from stolen accounts sent additional phishing messages to the victim’s friends, earning significant advertising revenue. PIXM tracked down the cybercriminal by linking to a public traffic monitoring application (whos.amung.us) on one of the phishing sites. The threat used automated tools to send additional phishing links to the victim’s friends and compromised even more accounts. To circumvent the protection against phishing URLs, the messages used the approved URL generation services «litch.me», «known.co», «amaze.co» and «funnel-preview.com». The phishing pages were visited by 8.5 million users who entered their credentials. After entering the data, there were numerous redirects to advertising pages, survey forms, etc. From all redirects, the attacker received a referral revenue of several million dollars. The researchers found a common snippet of code from all landing pages. The code contained a link to a website owned by Colombian Rafael Dorado but closed under investigation [5].