We have collected the most important news from the world of cybersecurity for the week.
- Bitdefender experts have discovered a new malware targeting cryptocurrency users.
- Hackers compromised the data of 515,000 people in an attack on the Red Cross.
- According to media reports, among the possible members of REvil detained by the FSB was a hacker who attacked the Colonial Pipeline.
Experts have discovered malware aimed at users of crypto wallets
Bitdefender experts discovered a new BHUNT malware aimed at stealing cryptocurrency wallet funds, passwords and seed phrases.
The malware can also steal cookies and other sensitive information stored in the cache of Chrome and Firefox browsers.
Bitdefender urged never to download software from untrusted sources and install updates in a timely manner.
Data of half a million people affected in attack on Red Cross
The personal data of 515,000 people were compromised as a result of an attack on the servers of the International Committee of the Red Cross.
Most of the data belongs to people in a “highly vulnerable situation” – those separated from their families due to military conflicts, migration and natural disasters, missing persons and their families, as well as persons in custody.
Who is behind the attack is unknown. The Red Cross urged hackers to “do the right thing” by not selling or distributing the information.
The media reported on the plans of the UK government to turn the public against end-to-end encryption through advertising
The UK government will launch an “advertising attack” on end-to-end encryption, reports Rolling stone. The main goal is to turn the public against Meta’s (former Facebook) decision to implement encryption in Messenger.
The UK Home Office has hired advertising agency M&C Saatchi to carry out this initiative.
The main argument of law enforcement officers against end-to-end encryption is a potential threat to the safety of children and the complication of identifying intruders. Due to such concerns, Meta has been forced to delay its default rollout on its Messenger and Instagram until 2023.
ProtonMail strengthened tracking protection
The ProtonMail team has introduced advanced tracking protection. The mail service will block pixel trackers in emails and hide IP addresses.
Thanks to trackers embedded in emails, third parties can access the recipient’s data, including their location, ProtonMail said.
Media: among the detained members of REvil was a hacker who attacked the Colonial Pipeline
During the detention of those suspected of participating in the REvil hacker group, Russian law enforcement officers arrested one of the people responsible for hacking the Colonial Pipeline company. This is reported The Washington Post with reference to sources.
Recall that last year Colonial Pipeline was attacked by a ransomware virus that stole about 100 GB of data and blocked computer systems. The DarkSide group was blamed for the attack, and the hackers were linked to Russia.
For the restoration of work and the return of data, Colonial Pipeline paid the attackers 75 BTC.
The FBI later returned 63.7 BTC from the ransom paid by the company. How the agency gained access to the bitcoin wallet is not known.
In January 2021, the FSB announced the detention of 14 members of the REvil group after a US appeal.
Brazilian authorities did not rule out the blocking of Telegram
Brazil allows blocking of the Telegram messenger due to fears of the spread of fake news during the elections in October 2022, the publication reports. Valor Economico.
The head of the Supreme Electoral Court, Roberto Barroso, tried to contact the founder of the service, Pavel Durov, to discuss cooperation in the fight against fake news spread through the messenger, but received no answer.
Brazil has already signed similar agreements with Twitter, Facebook and WhatsApp.
Also on Cryplogger:
What to read on the weekend?
REvil is considered one of the largest groups behind the spread of ransomware viruses, and therefore the detention of its alleged members caused a great outcry. In the past year, everyone has been talking about ransomware, from cybersecurity experts and the media to government authorities.
We tell you what the threat from ransomware is connected with and what consequences it will have for the cryptocurrency industry.
