Euro Police Bust a Cyber Crime Gang Behind Multimillion-Euro Phishing Scams
Read also: Japanese auto hose maker Nichirin suffers a ransomware attack, Russia steps up cyber-espionage, and more.
9 arrested in the Netherlands over suspected involvement in lucrative phishing scams
An organized crime group involved in phishing, fraud, scams, and money laundering activities has been dismantled as a result of a cross-border operation conducted by the Belgian Police (Police Fédérale/Federale Politie) and the Dutch Police (Politie) and supported by Europol.
According to Europol, the group typically approached victims through email, text message and mobile messaging apps with messages containing a link to what appeared to be a legitimate banking website. In reality, link led to a phishing site intended to trick victims into entering their banking credentials. This allowed the group to hijack the victims’ accounts and transfer money to other accounts. This scheme enabled the group to steal several million euros from their victims.
The police operation saw the arrests of nine suspected members of the group in the Netherlands. During 24 house searches the police seized firearms, ammunition, jewelry, electronic devices, cash and cryptocurrency.
In related news, law enforcement authorities shut down the RSOCKS botnet run by Russian cyber criminals, which hacked millions of devices worldwide, including Internet of Things (IoT) devices, Android phones, and computers, to use as a proxy service.
The cost for access to a pool of RSOCKS proxies ranged from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.
Cyber-attack on the UK-based delivery firm Yodel causes service disruption
The UK delivery and logistics company Yodel has suffered a cyber-attack that has impacted its package tracking services causing delays in parcel distribution and tracking orders online.
Yodel has confirmed the cyber incident on its website, but has not disclosed when it occurred, and how long it will take the company to restore the services. While the company has yet to reveal the nature of the attack, rumors suggest that it involved ransomware.
The delivery firm has launched an investigation into the matter and contacted the relevant authorities.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Japanese auto hose maker Nichirin hit by a ransomware attack
Nichirin-Flex, the US subsidiary of Japanese automotive hose maker Nichirin fell victim to a ransomware attack that forced it to shut down its computerized production controls.
The company said in a media release that the attack took place on June 14, 2022, and affected NFL’s server, which was infected with ransomware. After discovering the intrusion the company immediately shut down the network, and switched to manual production and shipping.
The company has not provided any details about the incident, but said it is investigating the impact of the attack on its customers.
Microsoft: Russian cyber spies increased attacks against the US and Ukraine allies
State-backed Russian hackers have increased efforts to hack into networks of organizations in the United States and other countries that allied with Ukraine after Russia’s invasion.
In a new report Microsoft said it detected cyber-attacks against 128 organizations in 42 countries outside Ukraine. While the US has been a primary focus of Russia’ cyber-espionage activity, Russian hackers also targeted Poland - the main conduit for military and humanitarian aid provided to Ukraine. The past two months also saw an increase in attacks against Baltic countries, Denmark, Norway, Finland, Sweden, and Turkey, as well as the foreign ministries of other NATO countries.
Besides governments, the list of targets has also included think tanks, humanitarian organizations, IT companies, and energy and other critical infrastructure suppliers.
Since the start of the invasion, Russian state-backed hackers have succeeded in 29% of their attacks, with a quarter of the intrusions resulting in the exfiltration of a victim organization’s data.
OT:Icefall vulnerabilities expose OT equipment to cyber-attacks
Security researchers have warned of a set of fifty-six security vulnerabilities in operational technology products used in various critical infrastructure environments that open the door to cyber intrusions.
Collectively dubbed as “OT:Icefall,” the vulnerabilities affect industrial devices manufactured by Honeywell, Motorola, Omron, Siemens, Emerson, JTEKT, Bently Nevada, Phoenix Contract, ProConOS, and Yokogawa. The issues, said to be caused by insecure-by-design practices in OT, were divided into four main categories: insecure engineering protocols; weak cryptography or broken authentication schemes; insecure firmware updates; remote code execution via native functionality.
Of the discovered flaws, 38% allow for compromise of credentials, 21% involve firmware manipulation, and 14% can lead to remote code execution.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter