Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label crime through technology. Show all posts

Hackers Trick Victims into Downloading BitRAT Malware

 

A brand new malware campaign has been discovered which is using important data stolen from a Colombian bank as a lure in phishing emails to drop a remote access trojan called BitRAT. 

As of now, it is being reported that the unknown figure has hijacked the IT infrastructure of a Colombian cooperative bank, using the information to craft convincing decoy messages to lure customers into opening file attachments. 

A recent attack was discovered by cybersecurity firm Qualys, which found evidence of a database dump comprising 418,777 records that have been obtained by exploiting SQL injection faults. 

The information that has been leaked includes Cédula numbers (a national identity document issued to Colombian citizens), phone numbers, customer names, email addresses, payment records, addresses, and salary details. 

The Excel file, which contains the exfiltrated bank information, also embeds within it a macro that's used to download a second-stage DLL payload, which is configured to retrieve and install BitRAT in the system of the victim. 

"It uses the WinHTTP library to download BitRAT embedded payloads from GitHub to the %temp% directory," Qualys researcher Akshat Pradhan reported. 

Furthermore, he added that "Commercial off-the-shelf RATs have been evolving their methodology to spread and infect their victims. They have also increased the usage of legitimate infrastructures to host their payloads and defenders need to account for it." 

BitRAT is a malicious program, which is known as a Remote Access Trojan (RAT). Hackers and a group of hackers use this Malware to get remote access and control over an infected system and network. 

Furthermore, studies found that RATs have advanced technologically driven functionality. However, BitRAT is not considered the most sophisticated malware if we compare it to other malware software that are present today, nevertheless, it is highly dangerous. Therefore, BitRAT infections must be curved immediately after its detection in the system.

It is a matter of concern since worldwide financial institutions are being targeted every day. Recently, the Dutch mobile security company identified a network of phishing websites targeting Italian online-banking users to get hold of their contact details. 

57% of All Digital Crimes in 2021 Were Scams Says Group IB

 

Group-IB, headquartered in Dubai, U.A.E.,  a prominent name in the world of cybersecurity –has recently shared its analysis of the most widespread cyber threat in the world 'scams'.

As per the analysis, 57% of all cyber scams are financially motivated cybercrime. Phishing attacks accounted for 18% of cybercrimes, while malware infections and reputational attacks were 25%. As the scam industry is becoming more advanced, it now involves more and more parties divided into hierarchical groups. 

“A strong trend that we observed in 2021 was no-frills scammers merging into groups controlled by highly technically skilled villains,” says Antony Dolgalev, Deputy Head of Digital Risk Protection at Group-IB. 

At present, such groups have increased by 390, which is 3.5 times more than the last year, when the record of active groups was close to 110. Alongside, the brand-impersonating scam has also jumped high. 

The Group-IB analysts reported an increase of 150% in the Middle East and African region. This number is marginally high in comparison with the APAC region where such crimes are reported at 83% and in Europe, it is 89%. 

Due to SaaS (Scam-as-a-Service), in 2021 the number of cybercriminals in one scam gang increased 10 times compared to 2020, now climbing upto 100. 

“Group-IB’s AI-based platform identified somewhere between 75 and 110 scam groups last year, and the average number of cybercriminals per group was 10 members. The average number of scam links per group reached 100. SaaS helped grow not only fraudsters’ appetites but also the industry itself. In 2021 our DRP system tracked 350 groups, reaching up to 390 scam groups at the peak time. The number of cybercriminals in fraudulent groups has increased dramatically, averaging between 100 and 1,000 per group. In turn, their infrastructure has grown proportionally: the average number of scam links per group was between 2,000 and 3,000”, said Antony Dolgalev, Deputy Head of Digital Risk Protection at Group-IB. 

Following the research, analysts reported that traffic has become the circulatory system of scams. The number of websites that uses illegal traffic to lure victims into fraudulent schemes has increased by 1.5 times. With the advancement of technology, cyber gangs have also raised the sophistication level of scam techniques. One such technique, 'scam attack automation' is becoming more and more popular amongst fraudsters. Through this scheme hackers attract specific groups of victims to increase conversion rates, social media is the fastest doorway to establish contact between scammers and their potential victims.

Consumers Loosing Trust In Financial and E-commerce Industries

 

Callsign, a digital identity pioneer, revealed that the rise of scams is harming organizations’ reputations across the world. UK-based company Callsign has illustrated in its report that the rising scam crimes are threatening organizations’ image around the world. The global study of consumers has disclosed that merely receiving a scam message claiming to be from an official brand is enough for 49.8% of customers to lose confidence in the organization regardless of any real association with the message. 

Founded in 2012, Callsign is considered a digital identity giant that offers identity authorization and authentication, fraud protection, it also provides products and services to banks and other public and private sector organizations. Those organizations that mostly have been targeted by cyber fraudsters are the financial services and e-commerce industry. Consumers from various organizations have reportedly said that for all scam messages that they receive, around 59% claim to be from their bank, or a retailer (36%). 

Globally, by and large, individuals who receive fraud messages via various mediums of communication receive 1133 messages a year, of which 24% claim that they receive more fraud messages than friends and family. Around 41% admit that they don’t report files against fraud messages because mostly consumers underestimate the level of crime. 

Following the report, Stuart Dobbie, SVP, Innovation, Callsign said, “Fraud hides in volume and the rapid migration of the global population online in the last 18 months has led to the industrialization of scams. The consequence is fraudsters are using the same channels we’re using to authenticate genuine consumers, and this is harming organizations’ reputations with the decrease of trust in their brands, Organizations need to re-evaluate the communications channels they use to interact with customers to better establish trust. With fraudsters monopolizing open channels such as SMS and email, these channels cannot be relied upon to also authenticate identity…” 

“…Our research shows that over a third (38%) of consumers think identity is the problem and that people should prove who they are when signing up to use a platform to stop scammers. These consumer concerns emphasize organizations must wake up to the importance of digital identification.”

Man Sentenced To 12 Years For Attempting To Purchase Chemical Weapon On The Dark Web

 

A 46-year-old Missouri man has been sentenced to 12 years without parole in US federal prison today for trying to obtain a chemical weapon via an illicit Dark Website with Bitcoin currency; the weapon has the capacity to kill hundreds of people. 

According to the court, the man named Jason Siesser had admitted his cybercrime and accepted that he attempted to purchase a chemical weapon two times between 14 June and August 4, 2018. Additionally, the court document has also mentioned that he had provided the order shipping address in the name of a juvenile, whose name, address he used illegally to acquire this highly toxic weapon including five batches of cadmium arsenide, hydrochloric acid, and other chemical compounds. 

As per the information that the court has provided, three batches of this chemical concoction would be enough to kill more than 300 people at once. On August 4, 2020, Siesser has been to prison for attempting to obtain a chemical weapon. 

Jason had ordered chemical weapons on two different occasions, at first, he ordered two 10 milliliter units of chemical on 4th July of 2018 with the use of cryptocurrencies. When the seller did not ship the order, he contacted him continuously. Then it was on 9th July of 2018, when he contacted the seller and asked him to ship the order as early as possible because he planned to use it immediately after receiving it. 

Jason ordered his second chemical on 5th august of 2018 and again he made the payment with help of Bitcoin, worth roughly $150. Notably, what he ordered, was a very toxic chemical. 

During the investigating officers' raid at Siesser's home, they had found nearly 10 grams of the toxic chemical including cadmium arsenide, which can be deadly if it ingested or inhaled; approximately 100 grams of cadmium metal and more than 500 mL of hydrochloric acid had been found. 

"Writings located within the home articulated Siesser’s heartache, anger and resentment over a breakup, and a desire for the person who caused the heartache to die," said the Department of Justice.