Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label cyberattack information. Show all posts

German Police Bust Massive Cybercrime Hub 'Crimemarket' with 180,000 Users

 

The Düsseldorf Police in Germany have made a significant stride in the ongoing battle against cybercrime by dismantling Crimemarket, the largest cybercrime market in the country, with over 180,000 users. This illicit trading platform served as a hub for trading illegal drugs, narcotics, and cybercrime services, hosting tutorials and guides for various criminal activities. 

In a well-coordinated effort, law enforcement executed 102 search warrants across the country, resulting in the arrest of six individuals, including one of the operators. Crimemarket's extensive user base and its role as a breeding ground for illegal activities made it a prime target for authorities. The police operation carried out on the evening of February 29th, 2024, focused on North Rhine-Westphalia, where the main suspect, a 23-year-old man, was apprehended. Simultaneous operations in other federal states led to the arrest of three more individuals. 

During the searches, law enforcement seized a substantial amount of evidence, including cell phones, IT devices, and data carriers. In North Rhine-Westphalia alone, officers confiscated narcotics, including 1 kilogram of marijuana and various ecstasy tablets. The German police emphasized that the operation targets not only the operators of Crimemarket but also its users. 

The investigation is ongoing, indicating a commitment to identifying and prosecuting all individuals associated with the cybercrime market. Earlier reports of accessibility issues on Crimemarket raised suspicions, with users speculating on technical glitches or potential law enforcement intervention. 

The police announcement now confirms that the intermittent outages were indeed a result of the coordinated law enforcement action and not due to technical issues. While the site's homepage remains accessible at the time of writing, attempts to navigate to other pages on the domain display a seizure notice. 

The notice explains that the police monitored the platform over an extended period as part of a Europe-wide coordinated operation, leading to the confiscation of data. Surprisingly, the forum space where sellers connect with buyers was active until recently, indicating that law enforcement may have opted to allow cyber criminals to continue using the platform post-confiscation. This strategic move could be aimed at gathering additional evidence, including identifying data, login credentials, and other incriminating information from users. 

The takedown of Crimemarket is a significant victory in the ongoing fight against cybercrime, showcasing the effectiveness of international collaboration and meticulous investigative efforts. As the investigation unfolds, it is expected to shed light on the intricate workings of such illicit platforms and contribute to strategies aimed at preventing their resurgence.

Samsung Announces Second Customer Data Breach

The industry leader in technology, electronics, and smartphone producer, Samsung reported a data breach in its system. Earlier, the company was hit by a cyberattack in late July 2022. In August, the company discovered that a group of threat actors accessed its systems and breached customer personal data. 

The hackers had access to Samsung customers’ personal details including contacts, product registration data, dates of birth, and demographic information. However, the company said that the Social Security or credit card numbers were safe from the security breach. 

“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that the personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement...” 

“…We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information,” reads a notice published by the company. 

The company further added that the information exposed for each relevant customer may vary, however, the company has started notifying impacted customers, and also advised them to remain cautious of any unrecognized and illegal communications that ask for their personal credentials or refer them to a web page asking for personal information. Customers must also review their accounts for suspicious and unsolicited activity. Besides, they should avoid clicking on links or downloading attachments from unrecognized and suspicious emails

The company has become one of the most recognizable names in technology and produces industry electronics, including appliances, digital media devices, memory chips, semiconductors, and integrated systems. The company produces a fifth of South Korea's total exports. 

Furthermore, Samsung claims to have detected the vulnerability in the system caused by the attack and to have taken measures to secure the impacted systems. Also, the company hired a leading cybersecurity firm to investigate the matter and report it to law enforcement.

No Backup: Why the Government in Brazil is at High Risk of Cyberattacks

 

According to a new report by the Brazilian Federal Audit Court (TCU), several federal government agencies in Brazil are at a high risk of cyberattacks. Federal government agencies need to reassess their approach to handling cybersecurity threats, the report reads. 

Report points out the number of areas at high risk but one of the biggest problems in the cybercrime section that the report has uncovered is the lack of backups while dealing with cyberattacks. 

A group of 29 areas that represent a high risk in terms of vulnerability, mismanagement, abuse of power, or need for drastic changes was discovered. 

Backups are very important and help against various forms of attack, as well as mistakes and mishaps. The most obvious one of those would be ransomware attacks. 
When systems are hacked and are locked up, a data backup could be the respite you’re looking for to restore the data stored on your devices. 

Additionally, the report cited the data

 • 74.6% of organizations (306 out of 410) do not have a formally approved backup policy—a basic document, negotiated between the business areas (“owners” of the data/systems) and the organization’s IT, with a view to disciplining issues and procedures related to the execution of backups. 

• 71.2% of organizations that host their systems on their own servers/machines (265 out of 372) do not have a specific backup plan for their main system. 

• 60.2% of organizations (247 out of 410) do not keep their copies in at least one non-remotely accessible destination, which carries a risk that, in a cyberattack, the backup files themselves end up being corrupted, deleted, and/or encrypted by the attacker or malware, rendering the organization’s backup/restore process equally ineffective. 

 • 66.6% of organizations that claim to perform backups (254 out of 385), despite implementing physical access control mechanisms to the storage location of these files, do not store them encrypted, which carries a risk of data leakage from the organization, which can cause enormous losses, especially if it involves sensitive and/or confidential information. 

Further, the researchers said that the federal government cannot respond to and treat cybersecurity attacks adequately. Also, there are several vulnerabilities in both information security and cybersecurity across most central bodies.