We’ve gathered the week’s most important cybersecurity news.
- The FSB of Russia said it had eliminated the REvil hackers and their infrastructure. The arrest was carried out at the request of the United States.
- Ukrainian government websites were subjected to a cyberattack, described as the largest in the past four years.
- According to media reports, Kazakh authorities attempted to use DPI equipment to disconnect the Internet.
FSB says it has eliminated the hacking group REvil
The Russian FSB told of the arrest of 14 members of the hacking group REvil (also known as Sodinokibi). It was described as one of the world’s largest hacking groups.
Law enforcement said they had identified all members of the criminal network, and the group itself, as well as its infrastructure, has now been eliminated.
During searches, more than 426 million rubles were seized, including in cryptocurrency, as well as $600 000 and €500 000.
The arrest followed a request from U.S. authorities, the FSB said.
Media: Kazakh authorities attempted to use DPI equipment to disconnect the Internet
Since the beginning of January, amid protests in Kazakhstan, the Internet has regularly shut down. Access problems continued this week as well.
As Forbes reports, originally authorities attempted to block access to messaging apps and websites selectively using deep packet inspection (DPI) equipment. It is used in Russia as part of the so-called sovereign internet law.
However, using DPI for a full network block across the country was not successful.
«It didn’t work because in Kazakhstan DPI is applied not for sovereign internet filtering, but for analysis and prioritisation of traffic. For blockages, you need specialized software, sometimes specialized equipment, and training, which, of course, did not exist in Kazakhstan,» — заявил the technical director of Roskomsvoboda, Stanislav Shakirov.
As a result, authorities ordered operators to completely block the traffic channel, a source familiar with the situation told the media. According to another informant close to the company Kcell, the organisation of blocks is being handled by the Committee for National Security of Kazakhstan without operator involvement.
Hackers attacked Ukrainian government websites
In the night of January 14, hackers carried out a large-scale attack on the websites of Ukrainian ministries and agencies. About 70 pages were affected.
On the sites, attackers posted a message claiming that all residents’ data had been uploaded to a shared network, and that information on computers is destroyed and cannot be recovered.
In Cyber Police, they say there were no leaks of personal data during the attack. Law enforcement is investigating the incident and identifying those involved in the breach.
In the State Service for Special Communications and Information Protection of Ukraine, they stated that this attack was the largest in the last four years.
German authorities did not rule out blocking Telegram
German Interior Minister Nancy Faeser допустила blocking the Telegram messenger on the territory of the country, emphasising that this would be an extreme measure.
The reason is the service’s use by criminals to disseminate illegal content.
In France, Google and Meta were fined multimillion-euro over cookies
The French regulator fined Google a record €150 million for not giving users an easy way to refuse tracking via cookies. For the same reason, France fined Meta Platforms €60 million, according to Reuters.
Companies have three months to provide French users with easier tools to opt out of cookies. Otherwise they face an additional penalty of €100,000 per day of delay.
The largest dark web marketplace for selling stolen credit cards closes
UniCC, the largest dark web platform for selling stolen credit card data, announced its closure, according to Elliptic.
UniCC has operated since 2013. Over this period the marketplace operators received payments totaling $358 million in Bitcoin, Litecoin, Ethereum and Dash.
Also on ForkLog:
- Hackers withdrew nearly $8 million from the LCX exchange’s hot wallet .
- In Ukraine they discovered hackers distributing ransomware. The damage exceeded $1 million.
- Chainalysis experts calculated that in 2021 crypto scammers earned a record $14 billion. They also found that hackers from DPRK stole $400 million in cryptocurrencies last year.
- Avira added software for Ethereum mining.
- Hackers modified the dnSpy debugger to enable covert cryptocurrency mining.
- Group-IB identified 8,000 fraudulent domains aimed at cryptocurrency and stock investors.
- Attackers withdrew $18 million from the Lympo platform by Animoca Brands.
- Check Point Research analysts reported a 50% increase in 2021 in cyberattacks on corporate networks.
What to read this weekend?
Cyberattacks, QR-code proliferation amid the pandemic, and the end of the era of self-regulation of social networks — a recap of what happened to internet freedom and cybersecurity last year.
Read ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, prices and analytics.