The DarkMarket criminal website shut, hacker gets 12 years in prison, digital currency thefts and more.
Welcome to Cyber Security Today. It’s Wednesday January 13th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
If you’re tired of hearing about COVID and impeachment, here’s some good news: DarkMarket, believed to be the largest criminal website for buying and selling illegal goods, has been shut by the combined efforts of police and intelligence agencies in seven countries. The Europol police co-operative said this week that the site had more than 500,000 users buying and selling goods like malware, drugs, counterfeit money, stolen credit card information through 2,400 sellers. It’s estimated that $170 million worth of digital currency went through the marketplace. German police arrested an Australian citizen believed to be the operator of the site. More than 20 servers in Moldova and Ukraine used by the site have been shut. The stored data is being used by investigators to go after moderators, sellers and buyers. Police and intelligence agencies in the U.S., the United Kingdom, Austria, Denmark, Moldova and Ukraine were also involved in the investigation.
Meanwhile last week a U.S. court sentenced a Russian man to 12 years in prison for his part in a massive computer hacking campaign targeting American banks, brokerage firms and other companies, Andrei Tyurin had pleaded guilty to charges in 2019. He was accused of being the hacker in the gang. His hack of one bank captured personal information on over 80 million customers. Prosecutors said the gang pulled in hundreds of millions of dollars. Tyurin’s share was over $19 million, which he has to forfeit. The scams included trying to inflate the price of certain stocks. Tyurin was extradited from the country of Georgia in 2018.
I’ve reported before that crooks are looking to steal and hold for ransom or sale data from medical research companies on COVID-19 vaccines. Well, the European Medicines Agency now says data stolen from it last September has been leaked. The agency evaluates medicines used in the European Union. Pfizer and BioNTech have said the data related to their vaccine.
Software companies use a hidden piece of code called a digital certificate to verify the authenticity of logins, payment transactions or security patches. Certificates are valuable to security, which is why criminals try hard to get hold of them. One of the latest companies to fall victim is an email management service called Mimecast. This week it said a sophisticated attacker got hold of one of its digital certificates, and used it to access about 10 Microsoft Office365 accounts of customers. Administrators whose firms use Mimecast should to delete their connection with Office365 and use a new certificate Mimecast has created. The most recent digital certificate abuse that’s been publicly reported was the infection of SolarWinds’ Orion security updates. That was used to get into a number of government and corporate IT networks. It’s vital software or website developers in your organization keep tight control over digital certificates.
Japan-based video game maker Capcom now says that personal information on about 390,000 users and business partners may have been compromised in a ransomware attack last November. That’s an increase of 40,000 from an earlier estimate. It is certain that data on just over 16,400 was stolen. According to the Bleeping Computer news site, the ransomware gang said it stole 1 terabyte of information from the company before scrambling data. It demanded $11 million in bitcoin to provide a decryptor.
Buying digital currency like bitcoin, ether and monero is popular in some circles. The problem is safely storing it. Digital money isn’t like the cash you put in an insured bank. The exchange or digital wallet you put digital currency in better have strong protection, and you’d better have a strong password with multifactor authentication. I tell you this because a security company called Atlas VPN has looked at news reports and calculated that last year hackers stole nearly $3.7 billion worth of digital coin. Almost all of it came from poorly protected digital wallets. Many people buy and sell digital coin through their smartphones, so make sure you protect it not only through hard to guess passwords for the phone and the wallet app, but also with a PIN number on your cellphone account. That way no one can go to the cellphone company and change your account without knowing the PIN number.
Finally, here are some of the latest security patches released: Adobe has issued fixes for Photoshop, Bridge, Illustrator, Animate, Campaign Classic, InCopy and Captivate. SAP has issued fixes for Business Warehouse, NetWeaver Application Server for Java, Commerce Cloud, Business Objects and other SAP products. IBM published security bulletins dealing with its IBM Cloud Private event management, Spectrum Discover, Event Streams, Blockchain and Aspera products. Schneider Electric issued security notifications for its EcoStruxure and Pro-face Blue products. Siemens issued security advisories for its Scalance switch family.
And just a reminder that yesterday Microsoft issued a bunch of fixes for Windows, Office and Microsoft Defender.
That’s it for today. Links to details about today’s stories can be found in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.