Week In Review 25/01-29/01

The Week In Review 25/01 – 29/01

This week saw some large wins for law enforcement in the constant battle against cyber criminals. Emotet, dubbed the worlds most prolific and dangerous malware botnet, was taken offline as the result of a two-year-long global law enforcement operation. The FBI, Europol, and the UK’s NCA, were amongst the group of law enforcement agencies that coordinated the operation culminating in the control of the infrastructure that managed Emotet. Providing a backdoor into Windows through sophisticated phishing emails, Emotet is used by its operators through “leasing” out infected machines, to other cyber criminals to conduct additional attacks such as Remote Access Tools and Ransomware. One such Ransomware operation, also disrupted by law enforcement this week, is NetWalker. Starting in August 2019, the Netwalker operation has netted its affiliates tens of millions of dollars, through paid ransoms of high-value targets and cyber criminals buying unpaid ransomed files on the Netwalker Dark Net website, which has since been seized by the FBI. Although this does not stop Netwalker activity, US and Bulgarian law enforcement involved in the operation say it is a significant step towards doing so.

It is common knowledge that cyber crime activities greatly increased throughout 2020, attributed to the disruption caused by the COVID 19 pandemic. In newly released reports, it is shown that data leaks and breaches almost doubled in 2020 as consumer concerns over privacy were also increasing. Imperva, a security vendor, detected roughly 880,000 instances of leaks and breaches at the beginning of the year which rose to 1.7m by December 2020. This has partly been attributed to how businesses prioritise internally, with speed often coming before security, and the “focus on business continuity in 2020 leaving significant gaps in process and protection of data”, according to Chris Waynforth, AVP Northern Europe, Imperva. This is a message reinforced by Microsoft’s CEO saying that cyber security is “in a crisis” right now. A statement that comes after Microsoft revealed that their security offerings had made them $10bn in the last 12 months. 

Messaging apps recently featured in the review due to a range of vulnerabilities that left them open to exploitation, including remote microphone access and multimedia leaks. The limelight falls again on WhatsApp this week after two researchers discovered that a new malware spreading through WhatsApp group messages auto replying in chats providing a malicious link to a fake Huwaei app download. When downloaded, the app requests permissions from the user allowing criminals to steal credentials, bombard the user with ads and generally spy on whatever the victim is doing.

Assess your organisation’s susceptibility to Phishing attacks with Dionach’s Social Engineering engagement. 

Read about all of this and more below:

Targeted phishing attacks target high-ranking company executives
(thehackernews.com)

North Korea hacks infosec researchers and infects their systems with backdoors
(theregister.com)

Data privacy leaks and breaches soared 93% in 2020
(infosecurity-magazine.com)

Emotet, worlds most dangerous and prolific malware botnet is taken offline
(zdnet.com)

New Android malware spreads through WhatsApp
(hackread.com)

US charges NetWalker ransomware affiliate and seizes ransomware payments
(bleepingcomputer.com)

Microsoft CEO says there is a “big crisis in cyber security right now”
(yahoo.com)

Find out how we can help with your cyber challenge

Please enter your contact details using the form below for a free, no obligation, quote and we will get back to you as soon as possible. Alternatively, you can email us directly at [email protected]

Related Projects

AdobeStock_476014459

Dionach Partnership with the UK Space Agency Enhances Cyber Security of Space SMEs

Cyber security consultancy Dionach have signed a contract extension with the UK Space Agency to accelerate cyber security within UK Space companies. Dionach, a leading cybersecurity consultancy, has signed a contract extension with the UK space agency to help SMEs within the Space Sector improve their cyber security practices and achieve Cyber Essentials Plus certification. […]
AdobeStock_186430869

Dionach Achieves JOSCAR Registration

A Milestone in Aerospace, Defence, and Security Compliance We are thrilled to announce that Dionach is now a registered supplier on the defence portal JOSCAR, managed by Hellios. This significant achievement underscores our commitment to excellence and compliance in the aerospace, defence, and security sectors. Being JOSCAR registered not only reflects our dedication to maintaining […]
Contact Us

Contact Us Reach out to one of our cyber experts and we will arrange a call