AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 9/10/2024

New RAMBO attack steals data using RAM in air-gapped computers

A novel side-channel attack dubbed  “RAMBO” (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device’s RAM to send data from air-gapped computers. Air-gapped systems, typically used in mission-critical environments with exceptionally high-security requirements, such as governments, weapon systems, and nuclear power stations, are isolated from the public internet and other networks to prevent malware infections and data theft. Although these systems are not connected to a broader network, they can still be infected by rogue employees introducing malware through physical media (USB drives) or sophisticated supply chain attacks carried out by state actors.

 

Feds indicted two alleged administrators of WWH Club dark web marketplace

Alex Khodyrev (35) from Kazakhstan) and Pavel Kublitskii (37) from Russia have been indicted in Tampa, Florida, for conspiracy to commit access device fraud and wire fraud. Between 2014 and 2024, the duo operated the dark web marketplace WWH Club (wwh-club[.]ws) which focused on selling stolen personal data and conducting illegal activities. WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime. The indictment also notifies Alex Khodyrev and Pavel Kublitskii of the seizure respectively of a 2023 Mercedes-Benz G63 AMG and a 2020 Cadillac CT5 Sport sedan. The two vehicles were likely paid with the proceeds of their alleged crimes.

 

Sextortion scams now use your “cheating” spouse’s name as a lure

A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. In sextortion emails, scammers pretend to have hacked your computer to steal images or videos of you performing sexual acts and demand that you send a payment of $500 to $5,000 not to have them sent to family and friends. While you may think that no one would fall for these scams, they were very profitable when they first appeared in 2018, generating over $50,000 in a week.

 

1.7M potentially pwned after payment services provider takes a year to notice break-in

Around 1.7 million people will receive a letter from Florida-based Slim CD, if they haven’t already, after the company detected an intrusion dating back nearly a year. Slim CD provides payment processing solutions – and credit card numbers along with their expiry dates are among the data types potentially compromised in the incident. The cardholder’s name and address may also be affected, meaning potential for financial fraud should that data be sold, although Slim CD says it hasn’t detected any misuse of the data.

 

DoJ Distributes $18.5m to Western Union Fraud Victims

Around 3000 international victims of historic fraud facilitated by Western Union will receive millions of dollars in the latest round of reimbursements announced yesterday. The Justice Department (DoJ) said that the second distribution of the second phase of the Western Union Remission would compensate the victims from a further $18.5m forfeited to the government by the Colorado-headquartered money transfer business. The remission fund has to date distributed over $420m to more than 175,000 victims – including $40m to over 25,000 victims in the first distribution of the second phase back in 2023. The idea is to fully compensate all victims for their losses.

Related Posts