Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

Share post:

Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more.

Welcome to Cyber Security Today. It’s Friday, April 19th, 2024. I’m Howard Solomon.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

The Europol European police co-operative says one of the largest phishing-as-a-service platforms has been severely disrupted. This week law enforcement agencies from 19 countries including the U.K., the United States and Canada shut the IT infrastructure of LabHost. They also arrested 37 suspects. For a monthly subscription the site sold access to phishing kits, infrastructure for hosting phony web pages and more. An estimated 10,000 crooks around the world used its services. Singapore-based cybersecurity firm Group-IB says there was a Canadian angle to LabHost. The service was actively promoted in a Canadian channel on the Telegram messaging service by three users. One of those users owns the service LabHost Refunds, which only operates in Canada. This user also sold profiles of Canadians for creating credit cards or opening bank accounts. Europol said four of the 37 people arrested were in the U.K. and allegedly ran the site, including the alleged original developer.

A virus has been sitting undetected since 2015 on some Windows systems in Ukraine, say researchers at Cisco Systems. As part of a regular threat hunting in open-source repositories for infected documents, Cisco found over 100 infected documents with potentially confidential information about government and police activities in Ukraine. The documents could only be spread by being shared through removable media like USB memory sticks. It isn’t known who created the virus.

So you’ve got cyber insurance. But do you have enough? Maybe not, says CYE, a company that measures cyber risk of organizations. Looking at a dataset of 101 data breaches, CYE says 80 per cent of those with insurance didn’t have sufficient coverage to pay for their full data breach costs. On average three-quarters of insurable costs weren’t covered.

Finally, a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international. That’s according to researchers at Kaspersky. It says organizations in the U.S., Canada, Japan, the Netherlands, Luxembourg and South Korea have submitted examples of the malware to a virus scanning service, suggesting IT people in those countries have come across it. Kaspersky calls this campaign DuneQuixote. The goal is to install a memory-only backdoor using either a regular dropper or tampered installer files for a legitimate tool called Total Commander. What’s unique is the use of snippets from Spanish poems in the code to help evade detection by anti-malware tools.

That’s it for now. But later today the Week in Review podcast will be available. My guest will be Jen Ellis, a member of the Ransomware Task Force, who will talk about its recent report on steps governments should take before passing laws forbidding organizations from paying ransoms.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Pablo Listingart from ComIT – Hashtag Trending the Weekend Edition for May 25, 2024

Pablo Listingart, founder and executive director of ComIT, discusses the resource shortage in cybersecurity and IT and the...

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Consumers don’t trust social media companies with AI. Hashtag Trending for Friday, May 24th, 2024

A new Axios poll says that consumers don’t trust social media giants branching into AI.  Two companies headed...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways