An organized crime group involved in phishing, fraud, scams, and money laundering activities has been dismantled as a result of a cross-border operation conducted by the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie) and supported by Europol.

According to Europol, the group typically approached victims through email, text message and mobile messaging apps with messages containing a link to what appeared to be a legitimate banking website. In reality, link led to a phishing site intended to trick victims into entering their banking credentials. This allowed the group to hijack the victims’ accounts and transfer money to other accounts. This scheme enabled the group to steal several million euros from their victims.

The police operation saw the arrests of nine suspected members of the group in the Netherlands. During 24 house searches the police seized firearms, ammunition, jewelry, electronic devices, cash and cryptocurrency.

In related news, law enforcement authorities shut down the RSOCKS botnet run by Russian cyber criminals, which hacked millions of devices worldwide, including Internet of Things (IoT) devices, Android phones, and computers, to use as a proxy service.

The cost for access to a pool of RSOCKS proxies ranged from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.

Cyber-attack on the UK-based delivery firm Yodel causes service disruption

The UK delivery and logistics company Yodel has suffered a cyber-attack that has impacted its package tracking services causing delays in parcel distribution and tracking orders online.

Yodel has confirmed the cyber incident on its website, but has not disclosed when it occurred, and how long it will take the company to restore the services. While the company has yet to reveal the nature of the attack, rumors suggest that it involved ransomware.

The delivery firm has launched an investigation into the matter and contacted the relevant authorities.

Japanese auto hose maker Nichirin hit by a ransomware attack

Nichirin-Flex, the US subsidiary of Japanese automotive hose maker Nichirin fell victim to a ransomware attack that forced it to shut down its computerized production controls.

The company said in a media release that the attack took place on June 14, 2022, and affected NFL’s server, which was infected with ransomware. After discovering the intrusion the company immediately shut down the network, and switched to manual production and shipping.

The company has not provided any details about the incident, but said it is investigating the impact of the attack on its customers.

Microsoft: Russian cyber spies increased attacks against the US and Ukraine allies

State-backed Russian hackers have increased efforts to hack into networks of organizations in the United States and other countries that allied with Ukraine after Russia’s invasion.

In a new report Microsoft said it detected cyber-attacks against 128 organizations in 42 countries outside Ukraine. While the US has been a primary focus of Russia’ cyber-espionage activity, Russian hackers also targeted Poland - the main conduit for military and humanitarian aid provided to Ukraine. The past two months also saw an increase in attacks against Baltic countries, Denmark, Norway, Finland, Sweden, and Turkey, as well as the foreign ministries of other NATO countries.

Besides governments, the list of targets has also included think tanks, humanitarian organizations, IT companies, and energy and other critical infrastructure suppliers.

Since the start of the invasion, Russian state-backed hackers have succeeded in 29% of their attacks, with a quarter of the intrusions resulting in the exfiltration of a victim organization’s data.

OT:Icefall vulnerabilities expose OT equipment to cyber-attacks

Security researchers have warned of a set of fifty-six security vulnerabilities in operational technology products used in various critical infrastructure environments that open the door to cyber intrusions.

Collectively dubbed as “OT:Icefall,” the vulnerabilities affect industrial devices manufactured by Honeywell, Motorola, Omron, Siemens, Emerson, JTEKT, Bently Nevada, Phoenix Contract, ProConOS, and Yokogawa. The issues, said to be caused by insecure-by-design practices in OT, were divided into four main categories: insecure engineering protocols; weak cryptography or broken authentication schemes; insecure firmware updates; remote code execution via native functionality.

Of the discovered flaws, 38% allow for compromise of credentials, 21% involve firmware manipulation, and 14% can lead to remote code execution.

What’s next:

Follow ImmuniWeb on Twitter and LinkedIn
Explore 20 use cases how ImmuniWeb can help
Browse open positions to join our great Team
See the benefits of our partner program
Request a demo, quote or special price
Subscribe to our newsletter

Application Security Weekly

Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law.

Recent Blog Posts:

Massive Interpol Crackdown Nabs 2,000 Alleged Scammers, Intercepts $50M

Law Enforcement Authorities Take Down Massive Identity Theft Marketplace

Police Disrupts FluBot, One of the Fastest-Spreading Mobile Spyware To Date