The 31st of August, Cyber News

Ukraine

 Representatives of the State Service of Special Communications took part in the NATO International Cyber Security Summer School (#ICSSS).

The Code Defenders teams from the Institute of Special Communications and Information Protection and tOPSECret of the State Cyber ​​Defense Center, which belong to the sphere of administration of the State Service of Special Communications Administration, became the winners of the first National hackathon on cyber defense, which was held according to NATO standards. The participants also offered the best solutions to the tasks developed by judges from NATO. It was these achievements that made it possible to receive an invitation to the summer school.

ICSSS is an annual event held since 2015 by the Security Delta (HSD) security cluster, Europol, Leiden University and the NATO Communications and Information Agency.

This year, 63 representatives from 18 countries took part in the event. During the week, from August 21 to 26, the participants attended lectures and seminars of leading experts in the field of cyber security. And also had the opportunity to visit the offices of ICSSS organizers and well-known international companies specializing in information technologies and cyber security. ¹

Online Fraud Using the Theme of «Cash Payments»

The government team for responding to computer emergency events of Ukraine CERT-UA revealed an increase in the number of fraudulent pages in the Facebook social network. The content of announcements on such pages usually refers to the topic of monetary compensation, the eHelp platform, financial assistance from various organizations and partners (UN, EU, Red Cross Societies and others).

In the ads, it is suggested to go to the link leading to the phishing page of the so-called «Unified Compensation Center for the Return of Unpaid Funds». On the mentioned resource, it is offered to receive a payment, for which it is necessary to provide personal information and make an additional payment. As a result, payment card data will be compromised. The mentioned fraudulent activity is systematic in nature and is tracked by the identifier UAC-0100. ²

russia

Hackers Turned on the National Anthem of Ukraine on the air of the russian radio crimea

Ukrainian hackers hacked the website of Radio Crimea, a radio station in the occupied Crimea, and played the national anthem of Ukraine on air. This was reported by the spokesman of Odesa OVA Serhiy Bratchuk and Radio Crimea. «Our hackers» listened to «the Crimea» radio station a little and reminded Crimeans and «other russians» that it’s time to remember the words of our National Anthem!” Bratchuk wrote.

The fact of the hack was confirmed by the radio station itself: «The Internet broadcasting of Radio Crimea was attacked and will be restored in the near future. The radio station’s transmission was disrupted on Tuesday during one of its daytime segments. It happened at the technological site outside the radio station».

The russian-controlled «deputy head of Crimea» Oleg Kryuchkov reported that attacks on the Internet sites of Crimean TV channels and radio stations have been going on for the second week. He noted that the problem affected only the Internet segment and the transmitters that received the signal from the satellite. According to him, broadcasting will be restored in the near future. ^3.

russian Streaming Giant Suffers a Massive Sata Leak Affecting 44m Users

russia’s major streaming platform START suffered a major data leak, impacting its 44 million users. A Telegram channel known as Information Leaks first disclosed the breach, saying that a 72 GB database containing information on 43,937,127 users worldwide can now be found in open access. The streaming company said on Telegram that the leaked information in the database is not completely up to date, with the data in it dating back to 2021. Although START claimed that “the database is not of great interest to attackers,” it includes emails and phone numbers used for logging in.

«There are no open passwords, browsing history, and most importantly, there are no bank card data and other financial information in the database», START said. It also notified users that there is no need to change passwords on this occasion. However, Information Leaks said that stolen data is much more varied in nature and includes first/last name, email address, hashed password, IP address, country, start/end date of subscription, or last login. ⁴

Anonymous Continues the Initiative Against russian oligarchs

In early August, Anonymous launched a new initiative aimed at attacking russian oligarchs who do business outside their homeland. The well-known hacking collective, which is behind, for example, the creation of the «1920.in» tool, which allows people to communicate with random russians, has begun tagging the companies of russian oligarchs in EU countries. The goal of this campaign is to get people to stop buying goods and services from russian companies that indirectly support the war in Ukraine, and at the same time to get the oligarchs to pressure the kremlin to end the war due to the loss of income.

Great Britain became the first country where russian companies were published. One of the most prominent companies that has attracted attention is the TUI Group travel agency, which is largely owned by Oleksiy Mordashov, who is on the EU and US sanctions list. In total, hackers published «primarily» more than 14,000 russian companies. Now it is the turn of russian companies operating in Poland. Hackers operating under the banner of squad303 have provided selected newsrooms with an extended list of russian oligarchs’ companies.

The list of companies includes several large corporations. These are, for example, Global Fuel Energy Company, Residents Design, Neros, Tora Group, S&P Partners, Crowdsystems Poland, Etalon Estate Business, K2 Development, Amber Services and others. In total, the list contains 2182 entries. In addition to the list of companies, the available list also contains other data, such as information about shareholders and owners. In one of the posts at the request of the Czech Fonetech server, the hackers reported that russian companies operating in the Czech Republic would be next. We don’t know exactly when this will happen, but we can expect it to be a matter of days, weeks at the most. ⁵

World

Hacktivists Turn belarusian President’s Passport into NFT

belarusian hacktivist group Cyber Partisans claim to have stolen the passport details of every citizen of belarus. Hackers turned the ID of the country’s president aleksandr lukashenko into an NFT.

The hacker group Belarusian Cyber Partisans said they’re turning the details of the country’s president’s ID into a non-fungible token (NFT). The group announced their intentions via their Twitter and Telegram accounts. The announcement came on the birthday of lukashenko.

«The dictator has a birthday today – help us ruin it for him! Get our work of art today. A special offer – a New Belarus passport for lukashenko where he’s behind the bars», hacktivists said. The hacktivists shared details of other belarusian government figures such as Lidia Yermoshina, former head of the country’s Central Election Commission, Natalia Eismant, a press secretary for the president, and Ivan Tertel, the deputy head of the belarusian KGB. Hacktivists uploaded the passport collection on OpeanSea, an NFT marketplace. However, the upload was terminated less than 24 hours after Cyber Partisans uploaded it to the platform. Hacktivists said they’re looking for alternative outlets. ⁶