You may be familiar with a few cyberattack strategies that the adversaries usually employ; however, if you haven’t been following current trends, you would be surprised by how innovative threat actors have become and the sophisticated methodologies they use to rob you of your credentials. Targeted phishing attacks and customized attack schemes make it difficult to stay safe on the web without using robust cybersecurity tools. Here are this week’s latest security updates which help you learn more.
Beware Of Personalized Cyberattack Schemes
Email security services go a long way in keeping malicious actors at bay, but what happens when attackers send you personalized texts related to some parcel delivery or suspicious credit card activity? Over 20 cases get reported every day against these fraudulent messages from DHL. These messages address victims by their name and aim to extort payments of up to €5,000 (about $5,900).
First identified in April 2021, these fake DHL delivery messages are circulating alongside similarly concocted personal messages from MaltaPost. In a typical text, the adversaries use an unknown number, address the victim by their name, notify of package delivery, and seek payment confirmation by clicking on an attached link.
In another scam, the adversaries are impersonating the police and calling up victims with fake emergencies like suspicious activity in their e-ID account or an arrest warrant against their name. Over 200 such scams have been reported, with around €100,000 lost to these malicious calls and texts.
Such scam texts and calls are not new, but this personalization to increase credibility is something people were unfamiliar with and hence this initial chaos. In scenarios like these, basic cyber awareness practices such as verifying the caller’s number, looking for relevance, being cautious of errors and omissions and refraining from clicking on embedded links can help you avoid becoming a victim.
SafeDollar Prices Come Down To Zero After Second Cyberattack In Two Weeks
An exploit caused SafeDollar – the algorithmic stablecoin on Polygon to crash down to $0 after the adversaries launched an attack on 28th June 2021. Consequently, 202,230 USD Coin and 46,000 USD Tether were lost, affecting SafeDollar’s aim of being a less volatile and stable cryptocurrency.
A week ago, SafeDollar was the victim of another cyberattack which caused a loss of 9,959 SDS, and now its price has come down to zero. As it continues investigating the breach and adopting cybersecurity measures, SafeDollar has notified that the move forward and compensation plans will be disclosed shortly.
Accenture Reveals New Details About The Hades Ransomware Gang
Accenture Security research recently revealed some interesting details about the ransomware gang Hades discovered in December last year. With over seven billion-dollar companies as victims since its discovery, the Hades ransomware gang has successfully concealed the identity of its operators so far.
While some researchers link Hades to a Russian hacker group, others doubt its Chinese ties. Accenture couldn’t pin down its origin, but here are the three things about Hades that Accenture is sure about:
- The new targets of Hades include consumer goods and services, manufacturing, insurance and distribution industry sectors.
- Hades’s operators have probably added the Phoenix Cryptolocker to avoid campaign links and attribution claims.
- Hades attacks are known for their consistent tactics and procedures, and the latest addition to their malicious actions are the destruction of cloud backups and targeted enumeration of cloud environments.
- Unlike other ransomware gangs, Hades’s operators do not provide ransomware as a service (RaaS) or an affiliate model for extra income.
The cybersecurity team at Accenture hints at several other possibilities, including the re-branding of ransomware gangs like Avaddon, DarkSide and WastedLocker, which have all been non-functional for some time now.
India To Strengthen Its Cyber Defence Strategies
The rift between India and China and the latter’s use of new-age weapons has made the Indian Department of Military Affairs (DMA) decide on sending around 100 military personnel to the US for training in ransomware protection and AI for warfare.
Under the Defence Cooperation Agreement and the 2016 Cyber Framework, the US has agreed to train a hundred military personnel from India in the latest artificial intelligence (AI) technologies for future warfare and cybersecurity technology. Apart from the tri-service defence cyber agency, the Indian military plans to set up a full-fledged cyber command in Madhya Pradesh to prepare the Indian military to battle possible cyber adversaries.
UK Police Warns Citizens Of Whatsapp Account Takeover Attacks
After similar reports being filed by WhatsApp users in India, users in the UK are now getting requests for verification codes from strangers (adversaries). The Southwark Police in South London has warned users of WhatsApp account thefts where the adversaries approach the victims and ask them to share the six-digit verification code they have received or will receive via SMS.
When we register a new account on WhatsApp, the application usually sends us a verification code on our phone number to verify if we are the owner of that number. The hackers are targeting this verification system and creating WhatsApp accounts using the numbers of their victims. When the code is sent to the victim, these malicious actors impersonate WhatsApp customer support and ask them to share the verification code. Once a victim complies with these requests, all their contact numbers and future chats become accessible to the adversaries. These hackers can then impersonate you, trick people on your list to make payments, conduct identity theft and a host of other crimes.
That is why it is paramount to use cybersecurity tools and enable two-factor authentication (2FA) for WhatsApp.
CISA Launches New Self-Assessment Tool For Organizations
Ransomware attacks are so rampant that merely investing in a ransomware protection tool isn’t enough. To this end, the US Cybersecurity and Infrastructure Security Agency (CISA) has launched the Ransomware Readiness Assessment (RRA) as part of its Cyber Security Evaluation Tool (CSET).
RRA shall help organizations self assess the efficacy of their cyber defence measures and recovery strategies. The RRA gauges different levels of ransomware threat readiness to check. It allows organizations to recover the operational technology (OT), industrial control system (ICS), and information technology (IT) assets in case of any ransomware attack. To use the RRA, users must first install CSET and start the application. They can then start a new assessment and refer to the tutorial for further guidance.