Les dernières cyberattaques (18 juillet 2023)

Voici la sélection des cyberattaques majeures découvertes la semaine passée.

Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !

Les actus sélectionnées cette semaine

Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting

💰 Ransomware attacks continue to rise in 2023, with cybercriminals extorting a staggering $449.1 million in the first half of the year alone.

US government emails were hacked by Chinese spies

A China-based hacking group focused on espionage has breached email accounts linked to around 25 organizations, including government agencies in Western Europe and the US.

Russian state hackers lure Western diplomats with BMW car ads

The Russian state-sponsored hacking group ‘APT29’ (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice diplomats in Ukraine to click on malicious links that deliver malware.

Genesis Market infrastructure and inventory sold on hacker forum

The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins « next month. »

Hackers Target Gamers With Microsoft-Signed Rootkit

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools.

Linux Hacker Exploits Researchers With Fake PoCs Posted to GitHub

A cyber attacker gives defenders a taste of their own medicine, with GitHub honeypots concealing infostealers.

Belarus Hackers Targeting Poland, Ukraine With RAT, Phishing

Belarus state-linked hackers are targeting government and military entities in both Ukraine and Poland with spear-phishing campaigns that deliver remote access

Ransomware Payments are at a Record High for 2023: $449.1 million through June.

Ransomware attacks are increasing, and attackers are on track for their second-highest earning year ever. As of June, they have already extorted a minimum of $449.1 million.

Enquête ouverte sur un potentiel piratage chez Razer, le célèbre fabriquant de périphériques pour gamers

L’entreprise a lancé des investigations après la publication d’une annonce sur un forum de fuite de données mettant en vente des codes sources et des clés de chiffrement.

Archive of Our Own Is Back Online After a Massive DDoS Attack

The popular fanfiction site was targeted by a group claiming to be a part of Anonymous, but is likely a Russian-backed extortionist group.

Razer investigates potential breach involving its digital wallet

The gaming peripheral maker says it’s still probing a breach impacting its virtual credits platform Razer Gold, after hackers claim to have stolen source code and encryption keys.

Play Ransomware Attacking Private and Public Organizations Across Industries

This alarming pace of ransomware is significantly concerning the thousands of private and public organizations around the world across several industries.

Archive of Our Own Website Suffering Massive DDoS Attacks

Archive of Our Own (AO3) said that the perpetrators behind these DDoS attacks are « a collective of religiously and politically motivated hackers. »

New ‘Big Head’ ransomware displays fake Windows update alert

Security researchers have dissected a recently emerged ransomware strain named ‘Big Head’ that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word installers.

RomCom RAT Targeting NATO and Ukraine Support Groups

RomCom RAT strikes again! 😱 Cyber threat actors are targeting the NATO Summit in Vilnius with phishing attacks.

UK Finance company loses £20m to Cyber Criminals – Cybersecurity Insiders

Revolut, a financial firm that is governed by Bank of Lithuania within European Union has apparently lost £20m to the act of cyber criminals who smartly

Anonymous Sudan launches DDoS Attack on fan fiction website for 24 hours – Cybersecurity Insiders

Anonymous Sudan, that proclaims to be a pro-russian hacktivist group has claimed that its gang of hackers have launched Distributed Denial of Service