Tor vulnerability, new ransomware attacks and other cybersecurity developments

We round up the week’s most important cybersecurity news.

\n\n\n

Clop operators publish a new batch of stolen data, despite arrests reports

\n\n\n

Hackers using Clop ransomware have published data, reportedly obtained from breaches of two new victims.

\n\n

A week earlier, Ukrainian law enforcement reported the identification of group members and the disruption of the hackers’ infrastructure.

\n\n

ForkLog said that searches were conducted at OTC traders through which the operators’ bitcoins passed, but they themselves are not hackers.

\n\n

Binance confirmed its involvement in the Ukrainian law enforcement operation to identify people linked to the Clop operators. According to the exchange, the group engaged in laundering funds obtained from darknet operations and in carrying out Clop and Petya ransomware attacks.

\n\n

The Tor Project fixed a vulnerability that allowed tracking users

\n\n\n

The Tor Project updated the Tor Browser. According to TechRadar, the new version fixes several vulnerabilities, including a bug that allowed sites to track users via installed applications.

\n\n\n

The vulnerability was discovered in May by FingerprintJS researchers. Besides Tor it affected Chrome, Firefox, Safari and several other browsers.

\n\n

The European Commission proposed creating a unit to fight cybercrime

\n\n\n

EU Vice-President Margaritis Schinas said the idea is to create a single European agency to combat cybercrime amid rising hacker activity worldwide.

\n\n

The EU continues to be a pioneer in cybersecurity. It is a question of national security, not part of the tech silo.

We need to maintain ambition in our critical infrastructure legislation proposals and proceed with the creation of the Joint Cyber Unit we are launching today. pic.twitter.com/IhoEtTmuv0

— Margaritis Schinas (@MargSchinas) June 23, 2021

\n\n\n

The new unit should start operating by June next year, Reuters reports. Schinas said that today it is no longer possible to separate “online and offline threats.”

\n\n

Ragnar Locker operators publish 700 GB of stolen data

\n\n\n

The Ragnar Locker ransomware operators published more than 700 GB of archived data stolen from Taiwanese company ADATA, according to Bleeping Computer.

\n\n\n

The attackers posted the data on the MEGA file-sharing service, warning that download links would not stay active for long. After a while, MEGA blocked access to the published files.

\n\n\n

As previously reported, the U.S.-based company CWT paid the Ragnar Locker operators 414 BTC.

\n\n

Ukraine-based FIN7 member sentenced to seven years in prison

\n\n\n

Ukrainian citizen Andrey Kolpakov was sentenced in the United States to seven years in prison and to pay $2.5 million in restitution, the U.S. Department of Justice said.

\n\n

According to law enforcement, Kolpakov was one of FIN7’s members. The group attacked hundreds of companies, breached thousands of computer systems and stole millions of credit and debit card numbers, which were then used or sold for profit.

\n\n

According to court documents, U.S. victims alone incurred substantial costs, some estimates exceeding $1 billion.

\n\n

Group-IB reports rise in attacks on critical infrastructure

\n\n\n

Group-IB specialists told ForkLog that the number of attacks on critical infrastructure worldwide has risen twelvefold. In the first half of 2021, Russia recorded almost three times as many attacks as in all of 2019.

\n\n\n

The main motivation for cybercriminals remains financial, the company says. A large share of their activity is ransomware.

\n\n\n

Also on ForkLog:

\n\n\n

• The Brave browser launched a beta version of a private search engine.
• Around 100 BTC were stolen from the Blender Wallet.
• A DeFi project on Binance Smart Chain lost $500 000 due to an attack.
• Dmitry Peskov said that Russia should develop its own cybersecurity standards.
• The DirtyMoe botnet potentially infected tens of thousands of computers in Russia with hidden miners.
• The Crackonosh operator earned almost $2 million in Monero from GTA and The Sims players.

\n\n

What to read this weekend?

\n\n\n

We explain in an exclusive ForkLog how personal data leaks into the dark net and who buys it.

\n\n\n

Follow ForkLog’s Bitcoin news on our Telegram — crypto news, prices and analysis.