AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/09/2021

Italian man arrested after allegedly paying hitman in cryptocurrency

According to a Europol alert on Wednesday, the suspect dove into the darkest corners of the internet to find a hitman and eventually located a website claiming to offer these services on the dark web. It is necessary to use the Tor network to access the deep web — an underlayer that is not indexed by typical search engines — and a sector of this area, known as the dark web, is where illegal activities and purchases take place.  After contact was made, someone apparently happy to perform the task of assassinating his ex-girlfriend was paid roughly €10,000 in Bitcoin (BTC). However, Europol and the Italian Postal and Communication Police apparently caught wind of the plan and an “urgent, complex crypto-analysis” was performed. 


Wine scams spiked during COVID-19 lockdown

Absolute monsters. Wine-themed domain registrations rose once COVID-19 lockdowns took hold, some of them malicious and used in phishing campaigns, Recorded Future and Area 1 Security said in a joint report out Wednesday. “As the interest in virtual happy hours and get-togethers increased so did the increase in wine-themed domain registrations,” the report states. Amid the COVID outbreak, alcohol has proven itself a target for hackers — but it hasn’t been clear before that scammers were trying to exploit people who were staying home and imbibing more. Alcohol delivery service Drizly, for instance, suffered a breach in July, while ransomware hit liquor and wine maker Brown-Forman around the same time.


Why Didn’t Government Detect SolarWinds Attack?

Two senators are pressing the Department of Homeland Security to explain why its Einstein system failed to detect the SolarWinds supply chain breach that affected nine federal agencies as well as private corporations. “Signature-based intrusion detection and intrusion prevention systems are largely limited to detecting previously seen threats – they are ineffective at identifying or blocking sophisticated and novel attacks like the SolarWinds hack,” according to the letter addressed to Brandon Wales, the acting director of DHS’ Cybersecurity and Infrastructure Security Agency. “As this committee warned nearly five years ago, ‘Current reliance on decades old signature-based detection technology limits the effectiveness of Einstein against advanced persistent threats.'”


Apple’s Find My network now offers new third-party finding experiences

Apple today introduced the updated Find My app, allowing third-party products to use the private and secure finding capabilities of Apple’s Find My network, which comprises hundreds of millions of Apple devices. The Find My network accessory program opens up the vast and global Find My network to third-party device manufacturers to build products utilizing the service, so their customers can use the Find My app to locate and keep track of the important items in their lives. New products that work with the Find My app from Belkin, Chipolo, and VanMoof will be available beginning next week.


Hackers are abusing Discord, Slack file-sharing to distribute malware

Hackers are increasingly using Slack and Discord to distribute malware to unsuspecting victims, according to Cisco Talos research published Wednesday.  Suspected cybercriminals have been uploading files to the platforms, which are then stored within the apps’ content delivery networks, resulting in a link to malicious content. Attackers then share the links outside of Slack and Discord — over email or on other chat applications, for instance — allowing hackers to share the link wherever they want. It’s the kind of workaround that could allows hackers to meet targets where they already are — on platforms they trust and need to conduct business or socialize — which could allow them to boost the success of any social engineering efforts. 


Digital artists meet scam artists, as criminals pounce on NFT craze

Many people have never even heard of non-fungible tokens. And yet, it’s become such a hot trend that scammers have taken notice and are attempting to lure current and prospective traders onto NFT-themed phishing and fraud websites. For the uninitiated, NFTs are unique tokens that accompany original and collectible digital artwork or videos that can be sold or traded as a form of cryptocurrency, with transactions registered on the blockchain. Many of the earlier NFTs involved illustrations of kittens, but they can take the form of just about anything. For instance, a collage created by digital artist Mike Winkelmann, aka Beeple, recently earned $69.4 million in an auction, while the first-ever tweet from Twitter CEO Jack Dorsey was digitally pawned for $2.9 million. Meanwhile, it was also just announced NFL quarterback Tom Brady is forming his own NFT company, Autograph.

Related Posts