A website of the North Atlantic Treaty Organization (NATO), managed by an external company, has suffered a possible theft of information through a computer attack, as reported by the organization in a statement.
The following highlights the most important news from the world of cybersecurity of the week:
- The founder of Group-IB was sentenced to 14 years in prison.
- SiegedSec hackers announced that the NATO portal had been hacked.
- Crypto-stealing malware has been placed in Blockchain games.
- The BreachForums database is for sale.
Group-IB Founder Sentenced to 14 Years in Prison
On July 26, Ilya Sachkov, founder of Group-IB, a cyber-attack prevention company, was sentenced to 14 years in a strict colony in a treason case. The BBC reports it.
The case was considered behind closed doors, so it is not known what exactly the businessman is accused of. He did not admit his guilt.
According to some sources, Sachkov may be accused of passing data to the US on Russian Fancy Bear hackers involved in cyberattacks ahead of the 2016 presidential election. This allegedly helped the US identify 12.” GRU agents involved in the attacks.
Ilya Sachkov’s defense intends to appeal the verdict and appeal to the President of the Russian Federation.
SiegedSec Hackers Claim NATO Portal Has Been Hacked
The hacker group SiegedSec reported a hack on its Telegram channel COI — an unclassified environment for information sharing between NATO organizations and alliance member states. CloudSEK experts drew attention to the incident.
According to them, the total size of the published files of the alleged leak is 845 MB. They contain around 8,000 lines of confidential information about users, unclassified documents, as well as account access data. CloudSEK noted that the leak may affect 31 countries.
Alliance representatives are investigating the incident. The hackers themselves said the attack was “a retaliatory attack against NATO countries for their attacks on human rights.”
Cryptocurrency Theft Malware Placed in Blockchain Games
SentinelOne experts have discovered a Realst malware in fake Blockchain games aimed at stealing cryptocurrency from macOS users.
In addition, malware written in Rust is capable of taking screenshots and stealing saved passwords from browsers, and information from the Telegram messenger.
Attackers advertise fake games on social media and offer users to try them out as part of a paid collaboration. They each have their own website, as well as X (formerly Twitter) and Discord accounts. In total, the experts identified 16 variants and 59 Realst samples.
Hackers send access codes to download fake game clients in private messages, allowing them to avoid the attention of information security researchers.
BreachForums Database for Sale
A user with the nickname breached_db_persona is selling the database of the recently closed hacker forum BreachForums on the darknet for $100,000–$150,000. This is reported by Bleeping Computer, citing leak aggregator Have I Been Pwned.
Dated November 29, 2022, the 2 GB dump contains 212,000 records, including usernames, IPs, and email addresses, as well as private messages, encrypted passwords, and payment transaction information.
The forum’s current administrator, nicknamed Baphomet, confirmed the authenticity of the leak, calling it part of an “ongoing campaign to destroy the community.”
BreachForums was shut down by US police in March 2023. Its creator and administrator, Conor Brian Fitzpatrick, aka Pompompurin, was arrested. In late June, the FBI gained control of a waiting forum domain on the web.
By Audy Castaneda
