Authorities tackle VPNs, Microsoft, and Russian hackers, and other cybersecurity developments

We have gathered the week’s most important cybersecurity news.

Putin signs the ‘landing’ law for social networks, but says authorities have no intention of blocking them

President Vladimir Putin signed a law obliging foreign IT companies with a daily Russia-based audience of 500,000 or more to open representative offices in the country.

In a televised Q&A Putin said that authorities do not intend to block foreign social networks. He noted, however, that with such companies there are problems, namely that they push back when they do not comply with our requirements and Russian laws.

«We have no plans to shut anyone down; there are various technical means, for example throttling», — he said.

Earlier, Roskomnadzor began throttling Twitter’s service in Russia due to the platform’s refusal to delete content the agency deemed illegal.

Recently, the Safe Internet League asked Roskomnadzor to check TikTok over material on suicides, drugs and insulting believers and to take measures up to throttling the service’s traffic.

Russian courts also fined various social networks millions of rubles for failing to remove prohibited information. This week a Moscow court received ten new offence reports against Twitter, Telegram, Google and Facebook.

Law enforcement seized servers and client data from DoubleVPN

In an international operation, law enforcement seized servers, data and logs of the DoubleVPN service. According to Europol, it was often used by criminals.

The golden age of criminal VPNs is over 👋

Law enforcement has taken control of the #DoubleVPN encryption service in an operation coordinated by #Europol & @Eurojust

Servers were seized across the world, and web domains replaced with a splash page. https://t.co/BHqkxpxNAX pic.twitter.com/7iRU1mJlCB

— Europol (@Europol) June 30, 2021

As reported by Bleeping Computer, DoubleVPN is a Russian VPN service that offers double, triple and even quadruple encryption of data.

Microsoft reports new attacks by Russian hackers

Microsoft said of new attacks by the Russian hacker group Nobelium. They tried to breach IT companies, government and non-government organisations, think tanks, and firms in the financial services sector; most of the attacks were unsuccessful.

Earlier, Microsoft said that Nobelium was behind the SolarWinds breach.

This week the NSA, the FBI, the US Cybersecurity and Infrastructure Security Agency and the UK’s National Cyber Security Centre released a report, which accused the GRU, the 85th Main Centre for Special Operations of the General Staff, and Military Unit 26165 of organizing numerous cyberattacks.

REvil attacked the Spanish telecom giant

Hacker group REvil (Sodinokibi) attacked the major Spanish telecom company MasMovil.

As evidence, the attackers published screenshots with data allegedly stolen from the company.

MasMovil confirmed the attack but said no ransom demands had yet been received.

Hackers breached LimeVPN and stole data from over 69,000 users

VPN service LimeVPN was breached. The attackers posted on a hacker forum advertising the sale of a database of 69,400 users. The seller asks for $400 in Bitcoin for the entire database.

The database contains usernames, email addresses, passwords and payment details.

Subsequently, the attackers took down LimeVPN’s website.

Study: more than half of Russians found their personal data in the open

59% of Russians have found their personal data online at least once. This according to a study by ESET.

Phone numbers and email addresses are the most common in such databases, with home addresses, passwords and photos less common.

Bi.zone said that leaked data include login names and passwords for more than 1.2 million Russians.

Roskomnadzor filed a protocol against Google. The company failed to confirm localization of user data

Roskomnadzor filed an administrative protocol against Google. The company leadership could not confirm localization of Russian user databases on Russian territory, they said.

Later, Roskomnadzor announced the summons of representatives of Facebook, WhatsApp and Twitter to prepare administrative protocols for the same reason.

In April, the agency demanded a response from Google, Twitter, Facebook and WhatsApp to a previously sent request about localization of user data from Russia.

Also on ForkLog:

• In Uzbekistan, restrictions were placed on the operation of several social networks.
• The template to create the Babuk Locker ransomware .
• Experts analysed the Blender Wallet breach.
• Roskomnadzor warned about the blocking of six VPN services.
• The DeFi-token of Safe Dollar devalued after a hacker attack.
• Illinois Representative Bill Foster stated that ransomware threats endanger the legitimacy of Bitcoin.

What to read this weekend?

In February, amendments to Russian law regulating the spread of information on social networks came into force. Lawyers explained to ForkLog what the amendments aim at and what they imply.

Read ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, prices and analytics.