We’ve gathered the week’s most important cybersecurity news.
- Attackers distributed malware masquerading as a privacy-focused Brave browser.
- Hackers published scans of documents belonging to residents of Georgia and Kazakhstan. They claim to have stolen 4 TB of copies of documents of citizens of different countries, including Russia and Ukraine, from Oriflame’s server.
- VPN services warned of price increases throughout 2021.
Hackers distributed data-stealing malware masquerading as the Brave browser
Attackers distributed data-stealing malware, masquerading as a privacy-focused Brave browser.
According to Ars Technica, the fraudulent site was “nearly an exact copy” of the original, but when attempting to download the browser, users installed malware as well.
To attract traffic to the fake site, attackers bought advertising on Google.
VPN prices are set to rise in 2021
In 2021, prices for VPN services are expected to rise, according to market participants cited by Kommersant.
The price increase is attributed to higher demand — users transmit larger volumes of data, which raises bills from hosting providers, noted by Red Shield VPN. The cost of equipment and encryption chips has also increased.
Another reason could be Roskomnadzor’s actions, as a substantial share of VPN users are in Russia.
Earlier in July, the agency threatened to block six such services for their use in circumventing restrictions on information.
Ransomware attack hit the Italian vaccination registration portal
Hackers attacked the Lazio region’s COVID-19 vaccination registration system. As reported by the media, the police described the incident as “the most serious cyberattack the country’s health service has ever seen.”
The system was infected with ransomware. According to BleepingComputer, the attack may have been orchestrated by the RansomEXX or LockBit 2.0 groups.
Hackers stole 13 million files containing personal data from Oriflame’s server
More than 800,000 files with scans of Georgian and Kazakh citizens’ documents were made public, writes the Telegram channel “Information Leaks.”
According to the hackers, they obtained data from Oriflame’s server. They claim that they have access to more than 13 million files totaling 4 TB containing copies of documents of citizens from various countries, including Russia, Ukraine, the United Kingdom, China, Spain and others. They further promised to release more than 800,000 scans of documents belonging to Russian citizens.
Eset: in Russia, scammers stealing money through SIM-card duplicates are on the rise
A new form of SIM-card fraud that allows access to a phone number and immediate transfers from banking apps is gaining traction in Russia, according to ESET researchers, as reported by TASS.
Attackers find potential victims through social networks, determine their phone numbers and create duplicate SIM cards. They then contact the bank to recover the password for the banking app, pass authentication by the number, and transfer funds to another account.
“From the banks’ point of view — this isn’t even fraud. Because two-factor authentication on SIM cards serves as proof of identity. If money was transferred using your SIM card, that means you did it,” the experts said.
U.S. DOJ: during the SolarWinds attack hackers breached the emails of U.S. prosecutors
Hackers who carried out the SolarWinds cyberattack gained access to Microsoft email accounts of one or more employees across various Justice Department offices, the U.S. Justice Department said.
Allegedly, the attackers had access to them from May 7 to December 27, 2020.
“The compromised data included all sent, received and stored emails and attachments,” the DOJ said.
Zoom to pay $85 million over privacy issues
Zoom Video Communications agreed to pay $85 million and strengthen security measures as part of a settlement over user privacy violations.
It is alleged that Zoom shared users’ personal data with Facebook, Google and LinkedIn. Hackers could also have interfered with video conferences.
The proposed settlement must be approved by a U.S. court.
Also on ForkLog:
- Clients of the hacked exchange bithub received 2.1 million rubles.
- State-affiliated Chinese hackers attacked Russian companies for the first time.
- Hodl Hodl began liquidating some contracts due to potential security issues.
- According to media reports, a new Russia-based hacking group has published in the dark web data for 1 million credit cards.
- The Bitcoin SV network has undergone a 51% attack.
What to read this weekend?
We revisit the details of the SolarWinds attack, which affected numerous U.S. agencies and companies around the world.
Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analytics.