The Week In Review 25/01 – 29/01
This week saw some large wins for law enforcement in the constant battle against cyber criminals. Emotet, dubbed the worlds most prolific and dangerous malware botnet, was taken offline as the result of a two-year-long global law enforcement operation. The FBI, Europol, and the UK’s NCA, were amongst the group of law enforcement agencies that coordinated the operation culminating in the control of the infrastructure that managed Emotet. Providing a backdoor into Windows through sophisticated phishing emails, Emotet is used by its operators through “leasing” out infected machines, to other cyber criminals to conduct additional attacks such as Remote Access Tools and Ransomware. One such Ransomware operation, also disrupted by law enforcement this week, is NetWalker. Starting in August 2019, the Netwalker operation has netted its affiliates tens of millions of dollars, through paid ransoms of high-value targets and cyber criminals buying unpaid ransomed files on the Netwalker Dark Net website, which has since been seized by the FBI. Although this does not stop Netwalker activity, US and Bulgarian law enforcement involved in the operation say it is a significant step towards doing so.
It is common knowledge that cyber crime activities greatly increased throughout 2020, attributed to the disruption caused by the COVID 19 pandemic. In newly released reports, it is shown that data leaks and breaches almost doubled in 2020 as consumer concerns over privacy were also increasing. Imperva, a security vendor, detected roughly 880,000 instances of leaks and breaches at the beginning of the year which rose to 1.7m by December 2020. This has partly been attributed to how businesses prioritise internally, with speed often coming before security, and the “focus on business continuity in 2020 leaving significant gaps in process and protection of data”, according to Chris Waynforth, AVP Northern Europe, Imperva. This is a message reinforced by Microsoft’s CEO saying that cyber security is “in a crisis” right now. A statement that comes after Microsoft revealed that their security offerings had made them $10bn in the last 12 months.
Messaging apps recently featured in the review due to a range of vulnerabilities that left them open to exploitation, including remote microphone access and multimedia leaks. The limelight falls again on WhatsApp this week after two researchers discovered that a new malware spreading through WhatsApp group messages auto replying in chats providing a malicious link to a fake Huwaei app download. When downloaded, the app requests permissions from the user allowing criminals to steal credentials, bombard the user with ads and generally spy on whatever the victim is doing.
Assess your organisation’s susceptibility to Phishing attacks with Dionach’s Social Engineering engagement.
Read about all of this and more below:
Targeted phishing attacks target high-ranking company executives
(thehackernews.com)
North Korea hacks infosec researchers and infects their systems with backdoors
(theregister.com)
Data privacy leaks and breaches soared 93% in 2020
(infosecurity-magazine.com)
Emotet, worlds most dangerous and prolific malware botnet is taken offline
(zdnet.com)
New Android malware spreads through WhatsApp
(hackread.com)
US charges NetWalker ransomware affiliate and seizes ransomware payments
(bleepingcomputer.com)
Microsoft CEO says there is a “big crisis in cyber security right now”
(yahoo.com)