Briefly about the most significant events of the past week.

Last week, it became known about the leak of customer data from Sberbank. As stated in the financial institution itself, the incident affected at least 200 people. An investigation was conducted into the leak, during which the culprit of the incident, who turned out to be an employee of Sberbank, was identified.

Thanks to errors in ensuring operational security, information security specialists were able to identify a large-scale bank botnet Geost. At least 800 thousand owners of Android devices in the Russian Federation became victims of the malicious campaign, in particular, attackers gained access to their bank accounts, which totaled several million euros.

The German police closed a large hosting network of four clandestine trading floors that offered various illegal goods, including drugs, stolen data, fake documents, and child pornography. Law enforcement authorities seized about 200 servers located in the former NATO bunker, and also arrested seven service operators suspected of a series of cyber attacks.

In the same week, Dutch law enforcement authorities neutralized the so-called “bulletproof” hosting service, which provided dozens of IoT botnets that were used to conduct hundreds of thousands of DDoS attacks around the world. And in Ukraine, the cyberpolice stopped the activities of a major service for registering “fake” accounts in social networks, instant messengers, payment systems and email services used for mass mailing of messages.

Researchers at Check Point have uncovered an Egyptian espionage campaign allegedly organized by the government. The surveillance was carried out using mobile applications that allow you to read emails, as well as collect data on the location of users. The objects of surveillance were Egyptian journalists, politicians, activists, lawyers, as well as members of commercial organizations.

Specialists of the Google Project Zero team reported a vulnerability in the Android operating system, which is already actively used by cybercriminals in real attacks. The problem is contained in the Android kernel code and can be used to completely compromise the device. According to the researchers, the vulnerability affects gadgets based on versions of Android 8.x and higher, including Google Pixel 2, Samsung, Huawei and Xiaomi devices.

  • ru
  • en