AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/17/2021

1 – Bitcoin And Alternative Cryptos In The Cybercriminal Underground

The popularity of Bitcoin and cryptocurrencies continue to progress in the modern-day, with drastically surging valuations. Notably, Bitcoin surpassed its all-time high of USD 20,000 (in 2017) to achieve an eye-watering USD 60,000 at the time of writing (April 2021). And while legislation and law enforcement continue to try to get a stranglehold on the growing cryptocurrency space, cybercriminality has been at the forefront of its use since the early days. These days, Bitcoin and cybercrime go hand in hand. Still, recent question marks over their relationship have appeared, mainly owing to increased law-enforcement intervention and criminal organizations being uncovered through their ongoing use of the digital currency. However, with a host of alternative cryptocurrencies making more secure and privacy-orientated features available to the cybercriminal world, is it inevitable that we will increasingly see cybercriminals shift away from the Bitcoin crypto-powerhouse?


2 – Darkside ransomware gang says it lost control of its servers & money a day after Biden threat

A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments. “A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. CDN servers,” said Darksupp, the operator of the Darkside ransomware, in a post spotted by Recorded Future threat intelligence analyst Dmitry Smilyanets. “Now these servers are unavailable via SSH, and the hosting panels are blocked,” said the Darkside operator while also complaining that the web hosting provider refused to cooperate. In addition, the Darkside operator also reported that cryptocurrency funds were also withdrawn from the gang’s payment server, which was hosting ransom payments made by victims. The funds, which the Darkside gang was supposed to split between itself and its affiliates (the threat actors who breach networks and deploy the ransomware), were transferred to an unknown wallet, Darksupp said.


3 – Gamers beware! Crooks take advantage of MSI download outage…

Well-known computer gaming hardware vendor MSI is warning of fake download sites ripping off its brand. The company doesn’t just sell high-end graphics cards and gaming rigs, it also offers a free software product called Afterburner that it trumpets as “the gold standard of overclocking utilities.” Overclocking is how enthusiasts describe the act of squeezing maximum performance out of their hardware by running it up to, at or even beyond the limits usually recommended by the component manufacturers. For example, you might decide to run your processor faster than usual so it can perform calculations more quickly. But that might cause it to overheat and shut down, so you might then try tweaking the operating voltage slightly to adjust the current draw and reduce the heating effect.


4 – Scammers Target Families Who Post Missing Persons on Social Media

The FBI warns the public of scammers seeking to extort family members of missing persons. These actors identify missing persons through social media posts and gather information about the missing person and family to legitimize their ransom demands without ever having physical contact with the missing person. The FBI defines this type of extortion as a range of telephonic coercion schemes for extorting quick ransom payments from the families of missing persons who are manipulated to believe their loved one has been abducted, is at risk of being abducted, or is in imminent danger. Additionally, the FBI defines social media as websites and mobile applications that allow users to create and share content or to participate in social networking, or to find people with similar interests.


5 – Cloudflare says it’s time to end CAPTCHA ‘madness’, launches new security key-based replacement

Cloudflare, which you may know as a provider of DNS services or the company telling you why the website you clicked on won’t load, wants to replace the “madness” of CAPTCHAs across the web with an entirely new system. CAPTCHAs are those tests you have to take, often when trying to log into a service, that ask you to click images of things like busses or crosswalks or bicycles to prove that you’re a human. (CAPTCHA, if you didn’t know, stands for “Completely Automated Public Turing test to tell Computers and Humans Apart.”) The problem is, they add a lot of friction to using the web and can sometimes be difficult to solve — I’m sure I’m not the only person who has frustratingly failed a CAPTCHA because I didn’t see that corner of a crosswalk in one image.


6 – PimEyes Facial Recognition System Scans Over 900-Million Images in Seconds

Facial recognition systems are nothing new, but are normally reserved for use by law enforcement. Introducing PimEyes, a free tool that claims to prevent the misuse of images. Simply put, users upload photos for free and then it scans over 900-million images from news sites, blogs, social media, etc. in seconds to find matches. These results do not include exact names, although you will find many doppelgangers. Read more for a video demonstration. The Polish company believes that the ability to search for one’s face online should be a basic human right open to anyone, not just governments. How do they make money? Well, they offers paid subscription packages for anyone wanting real-time alerts when their photos have been posted online.

Related Posts