Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label cyberattack news. Show all posts
Hacking
Australia Cyber Attacks cyberattack news data stealing Hacking

University of Notre Dame Hit by Cyberattack— Hackers Say They Stole Everything

 



A cybercriminal group known as Fog Ransomware has claimed responsibility for a cyberattack on the University of Notre Dame in Perth, Australia. According to reports, the group has allegedly stolen 62.2GB of sensitive data, including student medical records, staff and student contact information, and confidential documents.  


Hackers Announce Data Theft on the Dark Web  

The university was first alerted to a cybersecurity breach in January 2025. Recently, technology news sources revealed that Fog Ransomware had posted details of the attack on its dark web leak site. The group claimed to have accessed and stolen a large amount of private and institutional information.  

As of now, the hackers have not made any ransom demands or issued a deadline for payment. Cybersecurity experts believe that this group has a history of targeting educational and recreational institutions worldwide.  


How the Attack Has Affected the University  

The cyberattack has disrupted essential university operations, making it difficult for students and staff to access key services. Some of the areas impacted include:  

1. Payroll and leave management – Employees have been unable to process payments and leave applications as usual. Temporary manual processes have been put in place.  

2. Student enrolments and timetables – Many students have struggled to access their class schedules and register for courses.  

3. Communication services – Internet and email systems have also been affected, causing delays in official university communication.  

University official Patrick Hampton, who is both the Deputy Head of Education and President of the National Tertiary Education Union WA Notre Dame branch, stated that the attack had disrupted critical functions necessary for the university’s daily operations. He also emphasized that staff and students need additional support to cope with these challenges.  


Uncertainty Over the Full Extent of the Data Breach  

At this stage, the university has not been able to confirm exactly what data has been stolen. A spokesperson explained that while primary systems handling student records, finance, and human resources appear secure, some separately stored data might have been compromised.  

To assess the situation, the university has engaged international cybersecurity experts and is working to determine the extent of the breach. Officials have assured that if any personal data is found to be affected, the university will notify those impacted as soon as possible.  


Response and Future Actions

The incident has been reported to the Australian Cyber Security Centre (ACSC), and the university is taking necessary precautions to strengthen its security measures. Despite the ongoing challenges, the university has confirmed that classes for the 2025 academic year will begin as scheduled.  

Meanwhile, the staff union is pushing for greater transparency from the university administration. They are demanding that university leadership keep staff and students fully informed about what data has been compromised and provide assurances about data protection measures moving forward.  

This attack is a reminder of the increasing cybersecurity threats faced by educational institutions. Universities hold vast amounts of sensitive student and staff data, making them prime targets for cybercriminals. 

Read more »
Social Media Scam
cyberattack news FireScam malware News Online Scam Social Media Scam

FireScam Malware Disguised as Telegram Premium Spreads via Phishing Sites

A new Android malware called FireScam is being distributed through phishing websites hosted on GitHub, masquerading as a premium version of the Telegram app. These fraudulent sites mimic RuStore, Russia’s official mobile app marketplace, tricking users into downloading the malware. This incident highlights how cybercriminals exploit trusted platforms to deploy sophisticated threats.

RuStore was launched in May 2022 by Russian tech company VK (VKontakte) with support from the Ministry of Digital Development as an alternative to Google Play and Apple’s App Store. It was designed to provide Russian users access to mobile applications despite Western sanctions. Cybercriminals have taken advantage of RuStore’s credibility by creating phishing pages that distribute malware under the guise of legitimate applications. According to security researchers at CYFIRMA, attackers have set up a GitHub-hosted phishing page impersonating RuStore, delivering an initial malware payload named GetAppsRu.apk.

Once installed, the dropper module requests multiple permissions, allowing it to identify installed applications, access device storage, and install additional software. It then downloads and installs the primary malware payload, disguised as Telegram Premium.apk. This second-stage malware requests extensive permissions, enabling it to monitor notifications, read clipboard data, access SMS and call information, and track user activity.

FireScam displays a fake Telegram login page via WebView to steal user credentials. The malware then communicates with Firebase Realtime Database, where stolen data is uploaded in real time. Each infected device is assigned a unique identifier, allowing attackers to track it. According to CYFIRMA, the stolen data is temporarily stored in Firebase before being filtered and transferred to another location. FireScam maintains a persistent WebSocket connection with a Firebase-based command-and-control (C2) endpoint, allowing attackers to execute real-time commands, download and install additional payloads, modify surveillance settings, and trigger immediate data uploads.

FireScam continuously tracks various device activities, including screen on/off events, active app usage, and user interactions lasting over 1,000 milliseconds. One of its most concerning features is its focus on e-commerce transactions. The malware attempts to intercept sensitive financial data by logging keystrokes, tracking clipboard content, and extracting auto-filled credentials from password managers.

While the identity of FireScam’s operators remains unknown, CYFIRMA researchers describe it as a sophisticated and multifaceted threat that employs advanced evasion techniques. To minimize the risk of infection, users should avoid downloading apps from unverified sources, be cautious when clicking on unfamiliar links, download applications only from official platforms like Google Play or verified stores, and regularly review and restrict app permissions to prevent unauthorized data access. The rise of malware like FireScam underscores the growing need for cybersecurity awareness. Staying vigilant and adopting secure online practices is essential to protecting personal and financial data from evolving cyber threats.

Read more »
Online attacks
cyberattack news malware Mobile Malware News Online attacks

FBI Warns Against Public USB Charging Stations Due to “Juice Jacking” Threat

The FBI has issued a cautionary alert for travelers, urging them to avoid using public USB charging stations found in airports, hotels, and other public spaces. A rising cyber threat, known as “juice jacking,” enables cybercriminals to steal sensitive data and install malware through these ports. While convenient for charging devices on the go, these stations are increasingly being exploited to compromise personal and financial security.

The Mechanics Behind Juice Jacking

Juice jacking takes advantage of a fundamental vulnerability in USB technology, which supports both power delivery and data transfer. When an unsuspecting user plugs their device into a compromised USB port, malware can be silently installed, or data can be extracted without their knowledge. The malicious software may remain dormant, activating later to steal passwords, lock files for ransom, or even mine cryptocurrency, which can drain the device’s battery and degrade its performance.

Adding to the complexity of this threat, even charging cables can be tampered with to include hidden components that extract data as soon as they are connected. This makes it possible for travelers to fall victim to juice jacking even if they avoid public charging stations but use unfamiliar or unverified cables.

The threat of juice jacking extends far beyond U.S. borders. Airports, hotels, and shopping malls worldwide have reported similar incidents, as the universal nature of USB charging technology makes it a convenient vector for cyberattacks. The rise in reported cases has prompted security experts to raise awareness about this subtle yet significant risk, urging travelers to rethink how and where they charge their devices.

How to Protect Yourself

To stay safe, the FBI and cybersecurity professionals recommend adopting these precautions:

  • Carry Personal Chargers: Use your own charging devices and power banks to avoid reliance on public USB ports.
  • Use a USB Data Blocker: This small device allows charging while preventing data transfer, effectively neutralizing the threat of juice jacking.
  • Opt for Wall Outlets: Whenever possible, plug devices directly into a wall outlet for charging, as this eliminates the risk of data theft.

Some airports and transportation hubs are beginning to address the issue by installing “charge-only” stations that disable data transfer capabilities. However, such solutions are not yet widespread, making it essential for individuals to remain vigilant and proactive in protecting their devices.

Corporate and Financial Sector Responses

Businesses are taking the juice jacking threat seriously, with many companies updating travel policies to discourage employees from using public USB ports. Instead, employees are being provided with approved chargers and power banks to ensure the safety of corporate devices and sensitive data.

The financial sector is also raising alarms, advising customers to avoid conducting banking transactions or accessing sensitive accounts while connected to public USB ports. Even a brief connection to a compromised charging station could lead to unauthorized access to financial apps and accounts, potentially resulting in significant losses.

While steps are being taken to make public charging safer, the onus remains on travelers to prioritize device security. By carrying personal charging equipment, avoiding unverified cables, and utilizing tools like USB data blockers, individuals can mitigate the risks of juice jacking and safeguard their personal and financial information against this evolving cyber threat.

Read more »
trending news
cyber attack Cyber attacks on Industrial leaders cyberattack news digital scam Indian cyber crimes trending news

Indian Textile Tycoon Duped of ₹7 Crore in Elaborate ‘Digital Arrest’ Scam

 

In a shocking incident, SP Oswal, chairman of the Vardhman Group, India, fell victim to a scam that cost him over INR 7 crore. The 82-year-old businessman was tricked into believing he was under investigation for money laundering, with scammers posing as officials from the Central Bureau of Investigation (CBI) and even impersonating Chief Justice of India DY Chandrachud. Through fake court setups, police uniforms, and ID cards, the conmen convinced Oswal that his “digital arrest” was legitimate. 

This case is part of a growing trend where scammers create fear and panic in victims’ minds, leading them to comply with demands for money. Experts have highlighted that the fear psychosis these scammers create makes even well-informed individuals vulnerable to such tactics. 

Oswal is not the only Indian high-profile victim; a lawyer from Bengaluru, and a doctor in Noida were also similarly duped. The lawyer, in particular, was forced to undergo a fake “narcotics test,” strip on camera, and lost INR 14 lakh in the process. Cyber law expert Pawan Duggal explains that “digital arrest” refers to a scam where victims are made to believe they are under investigation for serious crimes. 

Scammers use fake props and legal threats to intimidate their targets into handing over large sums of money. Victims are often coerced into keeping their cameras and microphones on at all times, further intensifying the pressure. The Ministry of Home Affairs has issued warnings about these scams and urged citizens to report suspicious calls on the cybercrime helpline (1930) or via their website. 

Authorities are working with agencies like the Indian Cyber Crime Coordination Centre (I4C) to combat the growing threat of cyber scams. Experts also stress that there is no legal provision for “digital arrest” and advise people to verify suspicious calls through official channels.
Read more »
Subscribe to: Posts (Atom)