VPN service data leak, social-media blocks in Uzbekistan, and other cybersecurity developments

We have gathered the week’s most important cybersecurity news.

Social networks blocked, then unblocked in Uzbekistan

On Wednesday, 3 November, the State Inspectorate for Informatization and Telecommunications Control (Uzkomnazorat) massively restricted the operation of social networks in the country, reported by local media.

Facebook, Telegram, YouTube, Instagram, Odnoklassniki and LinkedIn were among those blocked. The reason was the alleged violation of the rules for processing personal data of Uzbek residents. Under the law, social networks must store Uzbek citizens’ data on servers within the country.

However, the presidential administration quickly called the decision ill-conceived and promised to restore access to the social networks.

After this, the Uzkomnazorat head was fired, and followed by the minister for the development of information technologies and communications Shuxrat Sadikov.

Earlier this summer Uzkomnazorat had already restricted the operation of several social networks.

BlackMatter ransomware operators announce cessation of activity

The operators of BlackMatter ransomware said they were ceasing operations under government pressure.

Some cybersecurity researchers believe that BlackMatter is the renamed DarkSide hacking group. In May the latter announced it would halt operations due to pressure from the U.S. authorities.

Last week, DarkSide moved most of its bitcoins from wallets, and this week the U.S. State Department offered $10 million for information about group members.

Since the start of the year, social networks fined 187 million rubles by Roskomnadzor

Since the start of 2021, for not removing prohibited content in Russia, Russian courts fined social networks a total of 187 million rubles, Roskomnadzor said.

Facebook was fined 70 million rubles, Twitter 38.4 million rubles, Telegram 35 million rubles, Google 32.5 million rubles, TikTok 4.1 million rubles, Odnoklassniki 4 million rubles, VKontakte 3 million rubles.

From February 1, a law obliging social networks to identify and block illegal content came into force in Russia.

Data of more than 45 million VPN users put up for sale on the dark web

Data for 45.5 million users of FreeVPN and DashVPN were put up for sale on the dark web. According to the Telegram channel InfoLeaks, the information was left on an unprotected MongoDB database.

Experts warned of the issue as early as October, but ActMobile Networks, the owner of the services, did not respond promptly.

According to experts, the database contains more than 795,000 records related to Russia.

Experts discovered the ‘largest botnet’ in six years

Researchers at Netlab Qihoo 360 identified the ‘largest’ botnet Pink over the past six years. During periods of peak activity, it infected more than 1.6 million devices. 96% of them are located in China.

Researchers noted that Pink has been active since November 2019 and has been used to conduct at least 100 DDoS attacks.

Positive Technologies again hit by U.S. sanctions

The U.S. Department of Commerce’s Bureau of Industry and Security added four foreign companies to the Entity List as part of actions deemed contrary to U.S. national security or foreign policy interests.

Among them was the Russian cybersecurity company Positive Technologies. Earlier it was sanctioned by the Biden administration.

Besides Positive Technologies, the list included Computer Security Initiative Consultancy in Singapore, as well as NSO Group and Candiru from Israel.

Also on ForkLog:

• reported about a hack of the DeFi platform bZx. Losses were estimated at $55 million.
• The BTC-Alpha exchange was attacked by hackers.
• Users of MetaMask and Phantom lost $500,000 due to Google ads.
• Hackers stole assets worth $784,000 from a crypto company using SIM swapping.
• In the United Kingdom authorities forfeited over £490,000 in Bitcoin from the former Silk Road administrator.
• Experts identified on the dark web the sale of European-standard COVID certificates for cryptocurrency.
• Conti ransomware operators stole clients’ data, including Trump and Beckham.
• Participants in the AnubisDAO token sale lost almost $60 million.
• A Squid Game-inspired token fell from about $2,856 to near zero within minutes, but later rose again. Experts warn of possible rug pull, and Binance is investigating the project’s activity.

What to read this weekend?

ForkLog explains how the dark-web market for personal data works, and who buys this information and for what purpose.

Read ForkLog’s Bitcoin news on our Telegram channel — cryptocurrency news, prices and analysis.