The 5th of May, Cyber News

UKRAINE

russian occupiers are threatening Kharkiv media and attacking websites

A number of Kharkiv journalists receive personal threats from the russian occupiers, and DDoS attacks are being carried out on the sites where they work. This was reported by IMI representatives in Kharkiv region to the editors of KHARKIV Today, Slobidsky Krai, Nakipilo, InsiderNews, 057.ua. «We have constant DDoS attacks on the site. Once a letter came from some fraudsters, there, it seems, threatened to collapse the site and demanded $ 5,000. Roskomnadzor wrote, demanded to remove the publication and threatened to block the site in russia, although they have already blocked us still, it seems, from 2018,» a journalist told KHARKIV Today. The letter about the opening of a criminal case and threats of interrogation and imprisonment was received by the reaction of the Kharkiv City Website 057.ua. In addition, journalists receive calls from russian numbers threatening personal violence.

Published videos and photos of russia’s crimes in Ukraine have led to threats against three members of the Nakipilo media group, as well as a DDoS attack on the site. We will continue to bring down your sites if you do not stop the pipeline of fakes about russia. « Slobidsky Krai and InsiderNews also suffered attacks on the sites. «We were not told, there was an attempt to hack the site admin in late February – early March. And then just roskomnadzor blocked the site in russia,» – commented the editor-in-chief of InsiderNews. All editions have taken additional digital security measures and continue to fight in the information field [1].

Access to private phones and computers of Ukrainian citizens is one of the vectors of attacks by russian hackers

russian hackers are constantly trying to obtain information about personal data of ordinary citizens, access to their accounts and more. This was announced during a briefing on May 4 by the head of the State Service of Special Communication Yuri Shchigol. «The ultimate goal of russian hackers is access to state registers and the country’s entire information infrastructure. In particular, they are trying to achieve it through private applications and regular users,»  — said Yuri Shchigol. He advises Ukrainians to carefully follow the rules of cyber hygiene, use strong passwords and authentication tools [2].

russia

Successes of IT ARMY of Ukraine

IT ARMY of Ukraine reported that russian media were already writing about its successes in breaking into the USAIS system. They suggest that protracted problems with USAIS will force the suspension of capacity, which in turn will reduce revenues to the aggressor’s budget: Leonid Khazanov, an industrial expert and candidate of economic sciences, told Kommersant-Volga that if producers could not use the system for several days, it could affect the supply of alcohol across the country. «For some time, the plants can work in the warehouse, but if USAIS will be» hanging «for a long time, they may have to stop capacity to prevent overstocking of finished products,»  — said the expert. Alcohol producers in some regions are among the largest taxpayers [3], [4].

New «leakage» from Anonymous

Anonymous posted 31,990 e-mails (20.4 GB of data) from Capital LLC, a specialized accounting firm cooperating with Mikhail Gutseriev’s SAFMAR Group and its assets, including PJSC russNeft [5].

Hackers put up for sale data from more than 30 million customers of Hemotest

The data of 31 million customers of the large russian network of medical laboratories «Hemotest» was put up for sale in the darknet. The company then promised to strengthen technical security measures. According to the Data Leakage & Breach Intelligence Service (DLBI), the data is sold by two users. In the first database, according to the seller, more than 31 million lines containing personal data: name and surname, date of birth, physical and e-mail address, telephone, series and passport number. The source contains data on customers from different regions of russia, including Moscow and the Moscow region. Another archive is also on sale at the forum. It contains a list of orders (ie a list of tests performed) «Hemotest». The user offers to sell the vulnerability in the network of laboratories to anyone. According to the seller, the order archive contains more than 554 million lines with personal data of customers. The laboratory will conduct an official investigation into the leak of customer data, said the head of information security of the company Ivan Osipov [6], [7], [8].