Hackers Disrupt Port Operations in Europe
Weekly round-up of the most noteworthy cyber security headlines.
Thursday, February 10, 2022
Hackers target critical infrastructure entities in Europe
At least two oil transport and storage companies across Europe have suffered cyberattacks on their IT systems that collectively led to the disruption of port operations throughout Europe and Africa.
The affected companies include Oiltanking in Germany, SEA-Invest in Belgium and Evos in the Netherlands. SEA-Invest reported that the cyberattack on its oil terminals affected every port it runs in Europe and Africa, while Evos said that impact of the incident was limited to IT services at terminals in Terneuzen, Ghent and Malta. Both companies reported having difficulties loading\unloading barges due to the IT services disruption.
At present, not much is known about the nature of the cyberattacks, or who may have been behind them. It should be noted, however, that there is no evidence that the multiple incidents are the result of a coordinated hacking campaign.
In a separate incident, airport services giant Swissport was hit with a ransomware attack targeting its IT systems. Swissport had taken the impacted infrastructure offline and was able to contain the spread of the ransomware. It is not clear how many company’s customers were affected, but German media reported that the incident caused temporary delays at Zurich airport.
US seizes $3.6B in Bitcoin stolen in 2016 Bitfinex hack
The US Department of Justice announced its largest-ever financial seizure - more than $3.6 billion in Bitcoin linked to the 2016 hack of Hong Kong-based cryptocurrency exchange Bitfinex. Federal law enforcement also arrested a New York pair accused of laundering stolen funds.
According to prosecutors, the accused, Ilya Lichtenstein and his wife Heather Morgan, obtained cryptocurrency after a hacker breached Bitfinex’s systems and initiated more than 2,000 illegal transactions. The stolen bitcoins were deposited into a digital wallet controlled by Lichtenstein. The duo allegedly used complicated money laundering techniques that eventually saw some of the money transferred into their own financial accounts.
Following a court order, federal agents searched through the pair’s online accounts and found private keys to the digital wallet containing the funds stolen from Bitfinex. Lichtenstein and Morgan are charged with conspiracy to commit money laundering. If found guilty, they could face up to 25 years in prison.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Services of Vodafone Portugal disrupted due to a cyberattack
Vodafone Portugal revealed it was hit by a cyberattack this week that caused network disruptions across Portugal. The attack affected company’s 4G/5G network, fixed voice, television, SMS and voice/digital answering services.
In a statement regarding the incident Vodafone said it has no evidence that customers’ data was accessed/compromised and gave no indication as to who the culprits behind the attack might be.
Over 500 online shops running outdated Magento software hit in a MageCart attack
More than 500 e-commerce stores running the Magento 1 software (no longer supported) were found to be infected with a credit card skimmer in what appears to be a large-scale MageCart campaign. The breach was discovered by Sansec researchers when their crawler detected 374 infections in one day.
Threat actors took advantage of a known flaw in the Quickview plugin to run code directly on the server. To achieve this, they added a validation rule to the customer_eav_attribute table tricking the host application into crafting a malicious object, and then created a file called api_1.php with a simple backdoor. In one case, attackers left as many as 19 backdoors on the system.
Russia takes action against 4 major carding sites - Ferum Shop, Sky-Fraud, Trump's Dumps, and UAS
Domains of four major carding websites, Ferum Shop, Sky-Fraud, Trump's Dumps, and UAS, popular sellers of stolen credit cards and credentials, were seized as a result of a special operation conducted by the Department “K,” a division of Russia’s Ministry of Internal Affairs.
According to blockchain analytics firm Elliptic, said platforms collectively made more than $263 million in cryptocurrency proceeds from the sale of stolen credit cards. The largest of the seized sites, Ferum Shop (active since October 2013), is said to have made an estimated $256 million in Bitcoin from stolen card sales, accounting for almost 17% in the stolen credit card market. Trump’s Dumps and the UAS Store, both established in 2017, made around $4.1 million and $3 million respectively during their lifetimes.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Subscribe to newsletter to get the next post automatically
- Explore 18 use cases how ImmuniWeb can help
- See the benefits of our partner program
- Request a demo, quote or special price
Application Security Weekly is a weekly review of the most important news and events in cybersecurity, privacy and compliance. We cover innovative cyber defense technologies, new hacking techniques, data breaches and evolving cyber law. 
