ICE HSI investigation results in prison sentence and restitution for international hacking group members who stole millions in cryptocurrency
DETROIT – A sixth member of an international hacking group known to its members as “The Community” was sentenced yesterday in connection with a multi-million-dollar SIM Hijacking conspiracy.
This case was investigated by U.S. Immigration and Custom Enforcement’s (ICE) Homeland Security Investigations (HSI) special agents with the assistance of Irish law enforcement authorities.
After previously pleading guilty, Garrett Endicott, 22, of Warrensburg Missouri, was sentenced to serve 10 months in prison and pay restitution in the amount of $121,549.37. He was the final defendant to be sentenced in this case, which was indicted in 2019.
Individuals who previously pleaded guilty and were sentenced in the eastern district of Michigan include:
Ricky Handschumacher, 28, of Pasco Country, Florida, sentenced to 48 months in prison and ordered to pay restitution in the amount of $7,681,570.03.
Colton Jurisic, 22, of Dubuque, Iowa, sentenced to 42 months in prison and ordered to pay restitution in the amount of $9,517,129.29.
Reyad Gafar Abbas, 22, of Charleston, South Carolina, sentenced to 24 months in prison and ordered to pay restitution in the amount of $310,791.90
Two defendants charged in the indictment were previously sentenced in other courts. Conor Freeman, 22, of Dublin, Ireland, pleaded guilty to parallel charges in Ireland and was sentenced to three years in prison by an Irish court. Ryan Stevenson, 29, of West Haven, Connecticut, pleaded guilty and was sentenced to probation in the district of Connecticut. Both were also ordered to pay restitution.
continue reading: https://www.ice.gov/news/releases/ice-hsi-investigation-results-prison-sentence-and-restitution-international-hacking
Suspected Iranian hacker looks to steal Gmail, Instagram credentials
An Iranian threat actor discovered earlier this year is responsible for attacks against U.S. targets designed to hoover up Gmail and Instagram credentials, according to research released Wednesday by security firm SafeBreach.
While the actor was originally exposed in September, further analysis by the company found phishing attacks that stretched back to July. Almost half of the phishing campaign’s victims are located in the United States.
continue reading: https://therecord.media/suspected-iranian-hacker-looks-to-steal-gmail-instagram-credentials/?web_view=true
DNA testing firm discloses data breach affecting 2.1 million people
DNA Diagnostics Center (DDC), an Ohio-based DNA testing company, has disclosed a hacking incident that affects 2,102,436 persons.
The incident resulted in a confirmed data breach that occurred between May 24, 2021, and July 28, 2021, and the firm concluded its internal investigation on October 29, 2021.
The information that the hackers accessed includes the following:
- Full names
- Credit card number + CVV
- Debit card number + CVV
- Financial account number
- Platform account password
The compromised database contained older backups dating between 2004 and 2012, and it’s not linked to the active systems and databases used by DDC today.
continue reading: https://www.bleepingcomputer.com/news/security/dna-testing-firm-discloses-data-breach-affecting-21-million-people/
Warning: China planning to swipe a bunch of data soon, so quantum computers can decrypt it later
Tech consultancy Booz Allen Hamilton has warned that China will soon plan the theft of high value data, so it can decrypt it once quantum computers break classical encryption.
The firm offers that scenario in a recent report, Chinese Threats In The Quantum Era, that asserts the emerging superpower aspires to surpass US-derived quantum computing tech in the mid-2020s – but probably won’t get there. However, it “could plausibly lead in developing and deploying early quantum-computing use cases” by that timeframe.
continue reading: https://www.theregister.com/2021/11/29/china_quantum_ai_offensive/
Kentucky Energy and Environment Cabinet announces data security breach
The Kentucky Energy and Environment Cabinet (EEC) announced they discovered a data security breach on September 8, 2021. According to EEC, unredacted mining permit applications containing some mine owners’ and controllers’ personal information was available for public inspection at Department of Natural Resources’ field offices and on an EEC hosted website.
Internal EEC policy requires redaction of certain personal information including Social Security numbers before permit information is made publicly available. According to officials, some unredacted permit materials were available since sometime in 2015 at public reading rooms located at DNR field offices, and since January 16, 2021 on a public internet database maintained by EEC.
continue reading: https://www.databreaches.net/kentucky-energy-and-environment-cabinet-announces-data-security-breach/
Ransomware attack shuts down Lewis & Clark Community College
Lewis and Clark Community College in Godfrey closed all their campuses this week and cancelled all extra-curricular activities, including sports. The move was made after the director of information technology noticed suspicious activity last Tuesday and shut down the school’s computer network on Wednesday.
According to college president, Ken Trzaska, hackers got into the network but never gained control.
“Ultimately the best thing to do was to shut down, allow us the opportunity and the experts the opportunity to get a really clear sense, okay, what’s happening here,” he said.
continue reading: https://www.kmov.com/news/ransomware-attack-shuts-down-lewis-clark-community-college/article_322258be-516e-11ec-ba26-df0bdc26f6fb.html
It’s the Phishiest Time of the Year Again
As Black Friday comes and goes, and Thanksgiving is right around the corner, even the grinchiest among us can’t ignore that holiday vibe. Christmas songs are playing as we do our grocery shopping, families are planning long-awaited get-togethers, and your employees are (hopefully) whistling while they work!
Unfortunately, alongside all the cheer and goodwill, it’s a well-known fact that this is the most dangerous time of the year when it comes to cybercrime. In fact, phishing attempts have been shown to rise as much as 400% between ‘business as usual’ October, and the start of the holiday season in November.
continue reading: https://securityboulevard.com/2021/11/its-the-phishiest-time-of-the-year-again-the-facts-about-phishing-scams-and-the-holiday-season-2/
More than 1,000 Individuals Arrested in Global Cybercrime-Fighting Operation
All over in the 20 countries have arrested more than 1,000 individuals for various cyber-enabled financial crime by Law enforcement officials including investment fraud, business email compromise (BEC) attacks, money laundering, and illegal online gambling.
HAECHI-II is the second operation in a three-year effort to take down operators of certain types of financially motivated cybercrime, such as romance scams and illegal online gambling. Nations participating in the initiative include China, Japan, Korea, India, Spain, Thailand, Indonesia, Ireland, and Philippines.
continue reading: https://medium.com/@Cyb3rsecurity/more-than-1-000-individuals-arrested-in-global-cybercrime-fighting-operation-354403f686f8
Cybercriminals: Frenemies China, Russia, North Korea
The age-old adage that “Criminals crime” is proving true when it comes to the transnational cybercriminals at play. The cybercriminals associated with the forum RAMP (Russian) have reached out to China’s cybercriminals in a somewhat ham-fisted manner to invite their participation in both the forum and their collaboration in criminal activity.
According to Flashpoint Intelligence, who first noticed this outreach in late October 2021, the admins behind RAMP (version three; versions one and two were rendered inoperable after sustained DDoS attacks) have updated their supported languages to now include Mandarin Chinese. Previously, the forum supported only the Russian and English languages—the latter being tolerated, the former preferred. Furthermore, according to Vlad Cuiujuclu, team lead, global intelligence at Flashpoint, Russian forums generally eschewed engagement with parties who weren’t conducting their business in Russian. Cuiujuclu noted that this stance appears to have softened with RAMP’s overtures to entice Chinese participation.
continue reading: https://securityboulevard.com/2021/11/cybercriminals-frenemies-china-russia-north-korea/
Vestas confirms cyber security incident was ransomware attack
Danish manufacturer Vestas is still investigating the cyber security attack that hit its IT systems on 19 November, but wind turbine and supply chain operations have been unaffected, the company said earlier today.
Investigations revealed the company had been hit with a ransomware attack, which impacted its internal systems and resulted in data being compromised.
continue reading: https://www.windpowermonthly.com/article/1734445/vestas-confirms-cyber-security-incident-ransomware-attack
Read more Cyber Security News at https://que.com/tag/cybersecurity/