VPN blocks in Russia, German authorities press Telegram for user data, and other cybersecurity developments

We gathered the week\’s most important cybersecurity news.

Roskomnadzor blocks Opera VPN and VyprVPN

From June 17, Roskomnadzor restricted the use of VyprVPN and Opera VPN due to the \”threat of bypassing access restrictions\” to illegal content.

Following the announcement, Opera suspended VPN support in its browsers in Russia, said Yulia Sindzelortz, the company\’s senior public relations manager.

\”Opera already protects users\’ privacy by offering anti-tracking, DNS over HTTPS and malware blocking. Opera is ready for an open dialogue about online security,\”

As a reminder, in 2019 Roskomnadzor demanded that owners of ten large VPN services, including VyprVPN, connect to the state system and restrict access to sites banned in Russia.

The majority of services refused and chose to relocate their servers outside Russia.

Roskomnadzor head Andrey Lipov warned about possible restrictions on VPN services that do not bring their activities into line with Russian law.

The State Duma passed the \”landing\” law for foreign IT companies

The State Duma deputies passed in the third reading a law obliging IT companies with a daily audience in Russia of more than 500 000 people to open representation in the country. The authors describe it as the \”landing\” law.

The law imposes measures against companies that refuse to comply with mandatory registration.

Irish police may gain power to demand passwords from devices during searches

In Ireland a bill was published outlining expanded police powers during searches. Among other things, the police would be given the right to demand passwords from suspects\’ devices.

Rights activists fear this would give law enforcement access to \”the entire digital life of anyone\” even for minor offences, The Irish Times reports.

According to a Digital Rights Ireland representative, unlocking a device would allow access to e-mails, bank accounts and user accounts, as well as privacy-focused messengers such as Signal.

Media: German authorities want Telegram to hand over user data to law enforcement

A Der Spiegel investigation into Pavel Durov claims he built a \”dark empire,\” while Telegram calls it \”perhaps one of the most dangerous messengers in the world.\”

Der Spiegel notes that the service\’s declared stance of non-submission to authorities and regulators attracts many \”extremists, drug dealers and scammers\”:

\”The app has become the equivalent of the dark net in your pocket.\”

The publication writes that authorities are powerless because Durov refuses them access to user data. But this could change soon.

Der Spiegel learned that Germany\’s Ministry of Justice has demanded Telegram comply with local law. The service is to hand over user data to law enforcement and remove prohibited content.

The Federal Office of Justice in Germany has opened a case against Telegram for failing to provide a contact person for communication with authorities and for not offering a complaint procedure for criminal offences, according to the outlet.

Telegram faces a fine of €55 million. An official in the Ministry of Justice also said that if the company refuses to cooperate, the messenger could be blocked in Germany.

As a reminder, in April 2018, Telegram was formally blocked in Russia for refusing to hand over encryption keys. However, it was not possible to completely block access to the messenger. In 2020 Roskomnadzor unblocked Telegram.

Study: 80% of ransomware victims who paid ransom faced repeat attacks

Cybereason conducted a survey of 1,263 cybersecurity professionals working in the US, the UK, Spain, Germany, France, the UAE and Singapore. It found that 80% of organisations that were victims of ransomware and paid the ransom faced repeat attacks.

81% of cybersecurity professionals are highly or very concerned about ransomware attacks. Download our free eBook for more stats and insight to understand and prevent modern ransomware attacks. #ransomware #research #infosec #security https://t.co/RRNFYyCNVH pic.twitter.com/ry2aXhlApZ

— Cybereason (@cybereason) June 16, 2021

Among those who paid, 46% of hackers returned the stolen data, albeit partially damaged.

25% of respondents said their organisations had to temporarily halt operations due to the attacks.

Kaspersky Lab reports wave of malicious Telegram spam

Kaspersky Lab specialists described a Telegram-based spam campaign targeting Russian users with malicious files. The files are written in Chinese; an approximate translation reads \”Get a payment order.\” When opened in the desktop version of the messenger, the malware attacks Windows OS.

The malware can capture keystrokes and steal passwords from apps, remotely connect to the desktop and includes modules for webcam access, the specialists said.

\”Trojans of this type are among the most dangerous because they give attackers broad capabilities to remotely control a compromised system,\”

Volkswagen and Audi customer data put up for sale

On one of the hacker forums appeared a listing offering Volkswagen and Audi customer data. The seller claims the database contains 5 million records.

Earlier, Volkswagen warned of a leak caused by a third-party company it worked with. Among the stolen data were names, email addresses and phone numbers.

Also on ForkLog:

• In Ukraine, operators of the Clop ransomware were identified. Sources claim that this is not hackers.
• Fraudsters sent compromised Ledger devices for stealing cryptocurrency.
• Putin called it a farce of Russia\’s cyberattack claims against the USA.
• The media learned that Russian authorities want to create a unified surveillance system.

What to read this weekend?

Authorities around the world have long sought ways to counter messaging apps that secure user privacy with end-to-end encryption. Is banning it even possible? ForkLog investigates.

Read ForkLog\’s bitcoin news in our Telegram — cryptocurrency news, prices and analytics.