Tag Archive for: involved

Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme

/in


Feb 27, 2023Ravie Lakshmanan

Data Theft and Extortion Scheme

The Dutch police announced the arrest of three individuals in connection with a “large-scale” criminal operation involving data theft, extortion, and money laundering.

The suspects include two 21-year-old men from Zandvoort and Rotterdam and an 18-year-old man without a permanent residence. The arrests were made on January 23, 2023.

It’s estimated that the hackers stole personal data belonging to tens of millions of individuals. This comprised names, addresses, telephone numbers, dates of birth, bank account numbers, credit cards, passwords, license plates, social security numbers, and passport details.

The Politie said its cybercrime team started the investigation nearly two years ago, in March 2021, after a large Dutch company suffered a security breach.

The name of the company was not disclosed but some of the firms that were hit by a cyber attack around that time included RDC, Shell, and Ticketcounter, the last of which was also a victim of an extortion attempt.

“During the course of the investigation, it has become clear that thousands of small and large companies and institutions, both national and international, have fallen victim to computer intrusion (hacking) in recent years, followed by theft and handling of data,” the agency said.

The attack spree targeted a wide range of industry verticals spanning catering, training institutes, e-commerce, software, social media, and critical infrastructure.

Describing it as a “sophisticated” operation, the Politie said the threat actors demanded a Bitcoin payment from the affected companies and threatened to publish the stolen information online or destroy the digital infrastructure, racking up millions in damages.

The ransom demanded per company is said to have ranged anywhere between €100,000 and €700,000. To make matters worse, the suspects ended up selling the data despite the companies paying up.

The sensitive nature of the plundered information means that it could be used to carry out social engineering attacks and various kinds of fraudulent activities.

“Data theft and data trading is a huge revenue model for criminals,” the Politie warned. “Not just by extorting companies. The…

Source…

He created a ‘RentaHitman’ website for class project as a joke. But then police got involved after the site got a slew of inquiries from people wanting to actually pay for a hitman

/in


Hands type on laptop

A stock image shows hands typing on a laptop.Getty Images

  • A California man, Bob Innes, said he accidentally created a hitman-for-hire website, per People Magazine.

  • Innes and his friends made the site to start a computer security business in 2005.

  • He later learned that people were reaching out inquiring about making a hit.

A California man said that at least 30 people have been arrested after inquiring about hiring a hitman on his parody website, according to PEOPLE. 

Bob Innes, along with his friends, created the website while participating in an IT program at a California business school in 2005, the outlet reported. They made the site with the intention of starting a computer security company — and chose the quippy domain “RentAHitman.com.”

“Rent as in hire us,” Innes told PEOPLE. “Hit as in network traffic, and men, because there were four of us. We thought it was funny.”

Although the website was live, the group did not officially start the company, according to the report. Three years later, Innes decided to log back in and discovered a slew of inquiries.

According to the report, some people were asking for the price, while others were seeking employment.

“There was even a female out of the UK who wanted to learn the business so that she could be a hitwoman,” the 54-year-old told the publication.

That’s when Innes realized that he had unintentionally set up a website for those seeking to hire a hitman, PEOPLE reported. Innes told the magazine that he decided up the humor by adding phony testimonials and awards.

When a potential customer reaches out for their “services,” he waits a day to reach back out to them. After they show interest in hiring a hitman, he connects them with an “operative,” which happens to be one of the thousands of police departments across the country, per the report.

The website has resulted in more than two dozen arrests and a number of convictions, including a woman who reached out in 2010 about murdering her family members, according to the outlet.

Read the original article on Insider

Source…

Alarming Western Digital My Book Live Hack Reportedly Involved Two Dueling Security Exploits

/in


hackers may be battling over western digital my book live devices
Last week, hundreds if not thousands of My Book Live customers awoke to their devices being wiped and, in some cases, unrecoverable. At that time, it was simply thought that Western Digital had not patched a critical vulnerability from 2018 that allowed attackers to do this, but it seems there is more to the story than initially thought.

On June 23rd, WD Community Forum user sunspeak created a forum post that would ultimately spearhead the community outcry over the wiping of My Book Live devices. There have now been over 46,000 views and 763 replies on that post at the time of writing, some of which have devolved into fighting whether a company can just “end-of-life” (EOL) a product and not support it when there are glaring security issues. In any case, it seems the unpatched 2018 vulnerability was not the only thing at play here.

cve hackers may be battling over western digital my book live devices

We now know that the attackers were using the 2018 vulnerability to download a malicious payload, run it, and join the WD My Book Live devices to a botnet, as researchers at Censys explain. Then, the attacker password-protected their way in so, in theory, no one else could come in and take their work to build the botnet. However, this does not explain why some users found that their devices were being factory reset.

auth code hackers may be battling over western digital my book live devices
Commented Out Code That Disables Authentication For Factory Restore

As it turns out, the mass device wipes are part of a separate unauthenticated 0-day vulnerability in an endpoint named system_factory_restore, which does what the name implies. When the Censys team unpacked the firmware Western Digital shipped and looked at this endpoint, they surprisingly found the “authentication code commented out (disabled) at the top.” In short, this means a simple request to this endpoint would trigger the factory restore process without any authentication.

It is speculated that the mass-device wiping that occurred “could be an attempt at a rival botnet operator to take over these devices or render them useless, or someone who wanted to otherwise disrupt the botnet which has likely been around for some time, since these issues have existed since 2015.” Whatever the case is, there are still 55,348 WD My Book Live devices across the…

Source…

Five Eyes cyber-security agencies will be involved in fight against NZX cyberattackers – Stuff.co.nz

/in

Five Eyes cyber-security agencies will be involved in fight against NZX cyberattackers  Stuff.co.nz
“computer security news” – read more