This week’s cybersecurity bulletin covers a lot of interesting updates from around the world. Let us see what the threat actors have been up to recently and the latest developments in the cyber world.
The Medusa Ransomware has targeted the Open University of Cyprus
The Open University of Cyprus (OUC) fell victim to a significant cyberattack when the Medusa Ransomware gang targeted the institution and its systems.
The university is renowned for providing online services, offers nearly 30 high education programs, and has over 4200 students conducting scientific research. The university fell victim to ransomware on 27 March 2023, with the cyberattack causing severe disruptions in its central services and critical systems.
When the organization found out about the attack, it took down access to its eLearning platform, employment portal, and portal of applications of prospective students as a precautionary measure.
Medusa ransomware has listed the OUC on its data leak portal and is threatening to publish the sensitive university data until their ransom demand of $100,000 is met within two weeks.
Google Will Require Android App Developers to Enable Account Deletion
Google unveiled a new data deletion policy for applications on its Google Play Store, taking a step toward user data safety.
Google released this new policy to give its users more control, who will be able to access a web-based option, provided by application developers where they can delete their accounts or in-app data.
The policy will be implemented with the beginning of 2024 and every application will feature a “Data Deletion” option. Developers that wish to offer an in-app account deletion experience must also provide the web-based option, using which Android users will be able to delete their data without having to reinstall the application.
The applications that do not include this option for the safety and privacy of the users will be removed from the Google Play Store from 31 May 2024 onwards.
Spain’s Most Notorious Hacker Is Now in Police Custody
José Luis Huertas (a cybercriminal better known as “Alcaseca,” “Mango,” and “Chimichurri”) was arrested in Spain.
Considered one of the most dangerous hackers in the country and a man behind multiple high-profile cyberattacks, José Huertas is also behind the search engine Udyat (The Eye of Horus) – the search engine dedicated to auctions of stolen personal information.
The hackers were accused of breaching the computer systems of the CGPJ (Spain’s National Council of Judiciary), making away with the data of 575,000 taxpayers, and creating a sensitive database with the collected information to sell the stolen data. The threat actor was also accused of impersonating Gestevisión Telecinco/Mediaset España’s CEO, Paolo Vasile, and stealing € 300,000 ($3,27,639) from the CEO.
The threat actor was brought in on these charges, including attacks on high-state institutions, multiple cyberattacks, money laundering, and more.
The Rorschach Ransomware Is the Fastest Encryptor That Has Been Observed to Date
Researchers shared reports of a new ransomware, Rorschach, one of the world’s fastest encryptors.
Checkpoint’s researchers noticed the ransomware following one of its attacks on a US organization where the ransomware was deployed using DLL (Dynamic Link Library) side-loading techniques using a signed component Cortex XDR, which is a detection and response product of Palo Alto networks.
The malware has many unique features, self-propagating capabilities, and an encryption scheme combining curve25519 and eSTREAM cipher hc-128 algorithms.
Checkpoint highlighted that the ransomware “raises the bar for ransom attacks” and employs the best features of the leading ransomware strains online. The ransomware operators are still unknown, but it is a significant new threat.
Cryptocurrency Investment Scammers Have Had $112 Million Seized by the US Government
The US DOJ (United States Department of Justice) seized six crypto accounts with over $112 million in stolen funds.
The funds were stolen via crypto investment schemes such as “pig butchering” or “cryptocurrency confidence scams,” where the threat actors approached individuals on social media, gained their confidence via social engineering tactics, and introduced them to these schemes.
Image sourced from statista.com
The FBI (Federal Bureau of Investigation) revealed that Americans lost nearly $3 billion to investment frauds in 2021, and there was a spike in pig butchering crypto investment scams in the country.
These scams have become a significant threat to individuals, with scammers targeting individuals via such schemes and fake rewards.
Ukrainian Cyber Police has busted a Fraud Gang That Stole $4.3 Million
Ukrainian cyberpolice arrested members of a fraudulent threat actor group with nearly $3.4 million in stolen funds from over 1000 victims in the European Union.
The cybercriminal group created 100 phishing websites targeting French, Spanish, Polish, and Czech users with products listed below market prices. The products were circulated through resellers and money mules, and two fake call centers were set up in Vinnytsia and Lviv to communicate with the customers and place orders.
The police conducted nearly 30 searches seizing computers, mobile phones, and SIM cards, and arrested individuals of the gang. The police are also on the lookout for ten more gang members.