Apple’s Enhanced VPN, Electronic Arts Breach and Other Cybersecurity News

We round up the week’s most important cybersecurity headlines.

Apple unveils several privacy- and security-focused updates

At the WWDC-2021 Apple introduced a suite of updates, including iCloud Private Relay. The media dubbed it an Apple VPN, and Private Relay is meant to surpass similar services, reports Fast Company.

Craig Federighi, Apple’s Senior Vice President of Software Development, in an interview with the publication noted that most Internet users cannot assess the reliability of any given VPN service.

The key problem with many (especially free) VPN services is that while they do not allow the provider to see a user’s online activity, and sites do not know the user’s IP address, the operators of the services themselves hold this information.

Private Relay uses two intermediary servers. The first is owned by Apple and anonymises the IP address, the second is a partner company that connects the user to the site. The name of the latter was not disclosed.

«Because of this architecture neither Apple nor the relay know who you are and which sites you visit. Apple knows who you are, but not which pages you view. The partner knows what you view, but not who you are»,

The option is available with an iCloud+ paid subscription, but for now it only works with the Safari browser on Mac, iPhone and iPad.

Private Relay will not be available to residents of China, Belarus, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda and the Philippines due to local authorities’ restrictions, Reuters reported.

In addition to Private Relay, Apple also added a feature for creating disposable email addresses that can be linked to the main account.

Data gathered by malware from over 3 million computers found online

NordLocker researchers uncovered a 1.2 TB cache of data stolen by malware.

Hackers are not after governments. They’re after everyone.

Here’s how one piece of malware infected 3 million computers and stole their files, passwords, and cookies.

Check it out: https://t.co/4geKHDN1vI pic.twitter.com/AZ05c3ctDO

— NordLocker (@NordLocker) June 9, 2021

According to NordLocker, from 2018 to 2020 the malware infected more than 3 million Windows computers. The malware stole around 26 million credentials, including 1.1 million unique email addresses, passwords and cookie files.

The malware also took screenshots on infected devices and snapshots from the webcam if it had access.

Chrome fixes 14 vulnerabilities, Windows products fix 50

Google updated the Chrome browser for Windows, Mac and Linux to patch a number of bugs. One of the vulnerabilities had already been exploited by attackers.

Windows also fixed bugs. Forty-five of them were classified as important, five as critical.

Russian court fines Telegram and Facebook for failing to remove banned content

The Tagansky Court of Moscow considered several protocols against Telegram and Facebook and found the companies guilty of violating the order to restrict access to prohibited information, reports RBC.

Telegram was fined 10 million rubles, Facebook 17 million rubles. Both companies had previously admitted fault in the same offences. Telegram was fined by 5 million rubles, and Facebook — by 26 million.

Hackers stole more than 750 GB of data from Electronic Arts

Unknown hackers breached Electronic Arts and stole more than 750 GB of data, including game source code, according to Bleeping Computer.

The attackers claimed full access to all Electronic Arts services, offering it and the stolen data for $28 million.

The Global Scam Industry: Group-IB analyzes online fraud schemes

Fraud accounts for 73% of all cybercrime online, according to Group-IB.

As ForkLog told in a press release, of this category 56% is a scam involving voluntary payment and disclosure of one’s data (which appears in the company’s report as a “scam”) and 17% is phishing.

In 2020, the growth in Russia of scam- and phishing-related violations reported by Group-IB rose 35% compared with the year before last.

Experts describe a Chinese-hacker attack on Russian government agencies

Sentinel Labs published a report on a series of last year’s attacks on Russian government resources.

🔥 New SentinelLabs discovery providing attribution for an attack against the FSB! In May, the Russian government reported that foreign #hackers had breached and stolen information from Russian federal executive bodies. By @juanandres_gs. https://t.co/9ROx86a8GX#cybersecurity

— SentinelOne (@SentinelOne) June 8, 2021

Experts said the attacks were carried out by the Chinese hacking group ThunderCats.

In May, Russian experts released their own report on the incident. It described the hackers as “cyber mercenaries pursuing foreign-state interests.”

According to the study, their objective was “the complete compromise of IT infrastructure and theft of confidential information, including documentation from closed segments and email correspondence of key government officials.”

Also on ForkLog:

• JBS paid US$11 million in Bitcoin to operators of ransomware.
• The operator of the TrickBot botnet turned out to be a 55-year-old woman from Rostov-on-Don.
• Law enforcement arrested 800 people using an encrypted FBI app.
• Global websites experienced outages.
• FBI recovered 63.7 BTC from the Colonial Pipeline ransom, gaining access to the Bitcoin wallet.
• Weibo blocked accounts of crypto bloggers.
• Experts spoke of an increase in DDoS attacks on crypto services.
• NortonLifeLock announced a service for mining Ethereum.
• 235 hospitals in the U.S. became victims of Ryuk ransomware.

What to read this weekend?

We revisit details of the SolarWinds attack, described as one of the most sweeping breaches of U.S. government systems in years.

Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.