We’ve collected the most important news from the world of cybersecurity this week.
- The Federation Council of the Russian Federation proposed to “slow down” YouTube.
- Babuk ransomware stops working.
- The Institute for Security and Technology has proposed to fight ransomware by tightening cryptocurrency regulation.
Hackers hacked password manager Passwordstate
Click Studios, the developer of the password manager Passwordstate, reported a hack of the service.
The hackers distributed malware dubbed Moserware to Passwordstate customers through a compromised update. The incident took place between April 20 and 22.
As a result, attackers gained access to various information, including username, domain, information about running processes, and more.
They also started sending phishing emails to Passwordstate clients on behalf of Click Studios. In this regard, the company asked not to publish letters from Click Studios on social networks:
“Attackers are actively monitoring social networks in search of information about the hacking. It is important that customers do not post information that could be used by hackers. This happened with the distribution of phishing emails that copy the content of Click Studios emails. “
Apple releases privacy-focused iOS update
Apple released iOS 14.5 , which sparked a lot of controversy with Facebook.
Facebook opposed this. Read more about the essence of the dispute in the Hodlmonks exclusive:
The Federation Council of the Russian Federation proposed to “slow down” YouTube
The head of the Federation Council commission on information policy and interaction with the media, Alexei Pushkov, proposed to temporarily slow down YouTube traffic for the May holidays. The reason is the failure to remove prohibited content and censorship of the Russian media.
“YouTube is following Twitter’s vicious path,” he said.
Recall that in March, Roskomnadzor began to slow down the speed of Twitter on the territory of the Russian Federation due to the refusal of the social network to remove content that the department considered illega
Later, a Russian court fined the social network almost 9 million rubles for “violating the procedure for restricting access to information, access to which is subject to restriction in accordance with the legislation of the Russian Federation”. Roskomnadzor reminded Twitter this week to remove the banned information by May 15.
“World’s most dangerous” botnet Emotet self-destructed on infected devices
This week, the Emotet botnet self-destructed on all infected devices. As part of an international operation, law enforcement officers liquidated Emotet back in January. As the experts noted, the code introduced by the specialists should actually reboot the botnet and the operators will have to “start everything from scratch.”https://forklog.com/pravoohraniteli-likvidirovali-samyj-opasnyj-v-mire-botnet-emotet/embed/#?secret=76ziZMIEKa
The delay in liquidation is due to the need to collect evidence.
In addition to devices, Emotet also hacked users’ mailboxes. In this regard, the FBI and Dutch law enforcement officers shared with the leak aggregator Have I Been Pwned more than 4.3 million email addresses hacked by Emotet.
Just blogged: Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU https://t.co/ZdUSUI9PYK– Troy Hunt (@troyhunt)
DigitalOcean Leaks User Billing Information
Cloud infrastructure provider DigitalOcean reported a leak of customer payment data, TechCrunch writes .
Hackers gained access to data for the period from April 9 to 22, 2021 through a vulnerability, which, it is alleged, the developers have already fixed.
According to representatives of DigitalOcean, the leak affected only 1% of customer billing accounts.
Babuk ransomware stops working
Operators of Babuk ransomware announced the end of their activities, writes BleepingComputer . They are not going to return funds to victims or publish encryption keys.
In addition, the hackers said they would “do something like Open Source RaaS, where anyone can create their own product based on ours.”
US hospitals shut down equipment for cancer patients due to cyberattack
A Swedish supplier of equipment used in oncology and radiology has reported an attack on cloud-based software.
Because of the hackers, several American medical institutions were forced to temporarily shut down equipment for radiation therapy for cancer patients.
Institute for Security and Technology has developed recommendations to combat ransomware
The Institute for Security and Technology (IST) has released a guide to counter ransomware attacks.
Ransomware is a devastating cybercrime. The #RansomwareTaskForce report recommends a framework of 48 actions that together provide a comprehensive strategy to combat the ransomware epidemic. Learn more about this groundbreaking work. https://t.co/StfNTNrHJx– Institute for Security and Technology (@IST_org)
The authors of the report proposed a “sustained, aggressive, government-controlled, intelligence-led anti-ransomware campaign coordinated by the White House.”
In this regard, they also insist on stricter regulation of cryptocurrencies, as they “allow you to commit crimes using ransomware.”
The Russian Federation said that they can track “absolutely all” US cyberattacks
The special representative of the President of the Russian Federation for international cooperation in the field of information security Andrei Krutskikh said that the implementation of “invisible” cyberattacks by the United States against the Russian Federation is technologically impossible.
“The technological capabilities of Russia make it possible to see absolutely everything. It would be naive to assume that a great nuclear power suddenly will not see something. It’s funny, ”said Krutskikh.
We will remind, the American media wrote that the authorities are planning to conduct a series of cyberattacks on Russian systems in response to last year’s hacking of many government departments in the United States, in which hackers from the Russian Federation are suspected.
Also on ForkLog:
- The hackers threatened to expose informants to the US Metropolitan Police.
- The FSB explained the attack on SolarWinds as a leak on the darknet.
- Microsoft and Intel have improved the search for hidden miners .
- The Uranium Finance project lost $ 50 million in Ethereum due to a vulnerability.
- Hotbit exchange announced a possible leak of user data .
What to read on the weekend?
We tell about the attack on the software provider SolarWinds, which marked the beginning of direct accusations of Russia in cyberattacks and US threats to respond to them.