Excerpt from Empire moderator Melbourne's apology to market users after an exit scam led to the theft of their cryptocurrency. (Source: Digital Shadows)

Why Darknet Markets Persist

Mathew J. Schwartz • September 18, 2020

Empire is the latest darknet market to "exit scam," meaning administrators ran away with users' cryptocurrency, leaving the market to fail. Given the ongoing risk of exit scams, as well as police often targeting such markets, why do they persist?

Blockchain & Cryptocurrency

Visa Warns of Fresh Skimmer Targeting E-Commerce Sites

Latest

Account Takeover Fraud

Attacks Using Cerberus Banking Trojan Surge

Chinmay Rautmare • September 18, 2020

The posting on Russian underground forums of source code for the Android mobile banking Trojan Cerberus has led to an increase in attacks as well as updates to the malware, the security firm Kaspersky reports.

Application Security

US Banning TikTok, WeChat Downloads

Doug Olenick • September 18, 2020

The U.S. Commerce Department is banning the downloading and hosting of China-based social media apps TikTok and WeChat effective on Sunday, citing national security concerns. The announcement comes as Oracle continues to negotiate a deal for partnering on TikTok's U.S. operations.

Blockchain & Cryptocurrency

Researchers Find Mozi Botnet Continues to Grow

Prajeet Nair • September 18, 2020

Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit. The malware is being used to launch DDoS attacks as well as mine for cryptocurrency.

Breach Notification

Analysis: Is Chinese Database Exposure a Cause for Concern?

Anna Delaney • September 18, 2020

The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.

Cyberwarfare / Nation-State Attacks

US Imposes Sanctions on Iranian APT Group

Doug Olenick • September 17, 2020

The U.S. Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government allegedly used to run a years-long malware campaign that targeted Iranian dissidents, journalists and others.

Cybercrime

Analyzing the Role of Fraud Fusion Centers

Akshaya Asokan • September 17, 2020

Many financial institutions have deployed fraud fusion centers as a way to help mitigate risks. But as fraudsters revamp their techniques, banks need to revamp these centers to keep up, says Jeff Dant of BMO Financial Group, who will speak at ISMG's Virtual Cybersecurity and Fraud Summit: Toronto.

Cyberwarfare / Nation-State Attacks

2 Iranians Indicted for Lengthy Hacking Campaign

Akshaya Asokan • September 17, 2020

Two Iranian nationals have been charged with participating in a years-long hacking campaign that targeted vulnerable networks in the U.S., Europe and the Middle East to steal "hundreds of terabytes" of data, according to the U.S. Department of Justice.

Business Continuity Management / Disaster Recovery

Maze Ransomware Attack Borrows RagnarLocker Hacking Move

Mathew J. Schwartz • September 17, 2020

Stop me if you think you've heard this one before: Some ransomware attackers are hiding attack code in virtual machines or creating new leaking sites to pressure victims into paying.

Cybercrime

5 Chinese Suspects Charged in Connection With 100 Breaches

Doug Olenick • September 16, 2020

Federal prosecutors have unsealed indictments charging five Chinese suspects - alleged members of the China-linked APT41 hacking group - with breaching more than 100 companies, government agencies and other organizations around the world.

Cyberwarfare / Nation-State Attacks

Iranian Hackers Exploiting Unpatched Vulnerabilities

Akshaya Asokan • September 16, 2020

The hacking group "Pioneer Kitten," which has suspected ties to the Iranian government, is taking advantage of several unpatched vulnerabilities and using open source tools to target U.S. businesses as well as federal government agencies, according to the Cybersecurity and Infrastructure Security Agency.

Cyberwarfare / Nation-State Attacks

TikTok's Response to Trump? Let's Make a Deal

Mathew J. Schwartz • September 16, 2020

President Donald Trump says TikTok and Oracle are close to making a deal. Don't neglect to read the fine print. While the president has demanded TikTok divest its U.S. operations - preferably to Oracle - because of national security concerns, the Chinese firm is instead offering Oracle a minority stake.

Cyberwarfare / Nation-State Attacks

National Guard Cybersecurity Units Ready to Protect Election

Doug Olenick • September 15, 2020

National Guard units are commonly called up to help deal with the aftermath of a natural disaster. And they played a role in responding to the COVID-19 pandemic and civil unrest. But some states are now calling out the National Guard to help safeguard elections from online attacks and interference.