19.08.2022

The 19th of August, Cyber News

Ukraine

TheSSUStoppedtheActivitiesofHackerswhoTerrorizedUkrainewithMassMessagesaboutMining

 The Security Service of Ukraine exposed two regional leaders of the group of anonymous miners “FR Destructor”, which during the last two years made numerous false reports about mining in different regions of Ukraine.

Criminals became particularly active on the eve of the russian federation’s large-scale invasion of Ukraine and resumed their destructive activities in recent months.

The law enforcement officers found them at their place of residence after another anonymous report about the demining of infrastructure facilities in western Ukraine.

In particular, they:

▪️ sent anonymous e-mails using special computer programs to hide their location

▪️ searched for users in social networks who were involved in spreading false anonymous messages about landmines

▪️ organized encrypted chats in which monetary rewards were offered for sending anonymous messages. 1

 

The Need for and Cost of Cybersecurity Professionals Will Only Increase

“We are working on the country’s cyber resilience not only here and now, but also looking to the future. We understand very well that cyber threats will intensify, and the country must be ready for further struggle,” said the head of the State Service of Special Communication Yuriy Shchygol.

“Effective cyber defense is not only advanced technology and software. These are, first of all, people with certain knowledge and skills who are able to react as quickly as possible and make difficult decisions.

And we need a lot of such people. Therefore, with the support of the State Service of Special Communications, Cyberport.institute was created on the basis of the State Biotechnical University – a unique educational institution that will train specialists in cyber security, computer engineering, IT finance, the cryptocurrency market – and many others.

We signed a memorandum to formalize our cooperation with “CYBERPORT Institute”.2

 

russia

TherussiansMistakenlyChipped in Together foraDronefortheArmedForces: HackersWrappedThemAroundTheirFinger

Military equipment for the Armed Forces of Ukraine is now collected not only by Ukrainians and citizens of Western countries, but also by russians themselves. However, they do it unconsciously.

Hackers “helped” the russians to chip in together for the Armed Forces of Ukraine. So now the citizens of the aggressor state will have at least one good deed on their conscience, apart from the demands to “exterminate all Ukrainians”. IT specialists hacked russian telegram channels about the occupied Kherson region. There they posted an announcement about collecting aid for a detachment of the russian military.

As a bait, the details indicated the account of a fictitious russian bank and links to electronic wallets. russians and residents of the Kherson region, who support the enemy, threw money at them. The collected amount once again proved that almost no one believes in the occupiers. After all, they collected about 30 thousand hryvnias.

This money was barely enough to buy a minidrone. Now it is already in the hands of one of the units of the Armed Forces of Ukraine in the Kherson direction and helps to see the positions of the russian invaders from the air. 3

 

World

Specialists from Microsoft Accidentally Revealed the Company’s Internal Logins

A cybersecurity firm discovered that Microsoft employees were uploading sensitive login credentials to the company’s own systems on GitHub.

On August 16, it became known that several specialists, who appear to be Microsoft employees, disclosed confidential credentials for logging into the company’s infrastructure on GitHub. Thus, they potentially opened a gateway to Microsoft’s internal systems for attackers.

All disclosed accounts are associated with Azure servers and an official Microsoft customer ID.

The corporation confirmed the disclosure, but declined to specify which systems protected the credentials. 4

 

After the Dismantling of the Soviet Monument, Estonia Suffered a Powerful Cyber Attack

After the dismantling of the tank-monument in Narva and other Soviet monuments, Estonia suffered the largest russian cyber attacks since 2007.

During the day, the Incident Investigation Department of the Estonian State Information System Department (RIA) discovered 24 websites and servers infected with malware, through which attempts were made to attack and infect the devices of Estonian Internet users. During the monitoring, 137 devices infected with malicious programs were detected, Internet providers reported.

“Last night, 12 DDoS attacks were carried out against various government institutions or their websites. There were also four DDoS attacks aimed at private sector organizations, but behind them there is also a desire to attack one or another public service,” RIA reported.

The CERT-EE team was also alerted to eight phishing pages that attempted to obtain information about citizens’ e-mails and bank accounts.

The Digigeenius portal wrote on Wednesday that a pro-kremlin cyber group targeted almost all state institutions in Estonia this morning.

However, in general, cyber attacks by pro-kremlin hackers after the removal of the Narva tank were not successful, because Estonia was ready for them. Experts say the attacker is a group called Killnet, which this spring targeted NATO’s cyber center and the massive Locked Shields cyber exercise. 5

 

Microsoft Office In Great Britain, Hackers Send Infected Flash Drives in the Packaging of the Microsoft Office Installation Kit by Mail

Under no circumstances should you use unverified external data drives. Especially if the flash drives arrive in the mail in convincing Microsoft Office packaging (which you did not buy). Hackers used the trick to trick gullible people in the UK into thinking they had been mistakenly sent expensive software.

The storage device, of course, does not contain Microsoft Office. Victims who connect the drive to their computers receive a warning that the system is infected with a virus. The only way to remove it is to call the toll-free number provided.

After the call, the person on the other end of the line explains that you need to install a program to get rid of the virus. It is a remote administration program that gives the crook full control over the PC. It then directs the victim to the Microsoft 365 support team to “complete the installation.”

Microsoft has confirmed that it is aware of the fraud and is doing its best to remove any suspected unlicensed or counterfeit products from the market.

A decoy attack is a rare and complex, but effective form of phishing. Most often, messages about gifts in the form of copies of paid programs or other benefits are sent to e-mail and direct the addressee to links to malicious software. 6

У Великобританії хакери розсилають поштою заражені флешки в пакуванні інсталяційного комплекту Microsoft Office
У Великобританії хакери розсилають поштою заражені флешки в пакуванні інсталяційного комплекту Microsoft Office