The five most outstanding news of the week regarding the world of cybersecurity.
Here are the five top cybersecurity news this week:
- US scientists were able to calculate geolocation by manipulating SMS.
- The FBI has offered a $10 million reward for information on the Cl0p hackers.
- The BreachForums darknet forum database has been leaked online.
- US Mobile Accessories Manufacturer Discovers Hack Two Months Later.
- In the Russian Federation legalized fines for “illegal use of foreign couriers.”
US Scientists Managed to Calculate Geolocation by Manipulating SMS
American scientists from Cornell University, as part of the Freaky Leaky SMS attack, were able to calculate the location of the recipient with great precision, focusing on the time of sending the message delivery reports.
As part of the experiment, the authors of the article sent packets of 20 messages every hour for three days to various test devices in the United States, the United Arab Emirates, and several European countries, covering a dozen operators with various communication technologies.
As a result, they determined the recipient’s location with an accuracy of up to 96% across different countries and up to 86% for two locations within the same country.
Despite the complexity of the attack and a number of practical limitations, experts suggest that it potentially threatens user privacy.
FBI Offers $10 Million Reward for Information on Cl0p Hackers
The announcement follows a massive attack in May that affected 85 organizations, including PwC, Ernst & Young, Medibank, and the Metro Vancouver Transit Police.
Using sql-Vulnerability in the MOVEit Transfer managed file transfer solution, hackers infected devices with malware and stole information from databases. Under the threat of a drain, attackers demand multi-million dollar ransoms.
Law enforcement officials are gathering information about the connection of Cl0p and other attackers targeting critical US infrastructure with foreign governments.
Darknet Forum Database Leaked Online BreachForos
On June 19, a table of registered users of the closed darknet BreachForums forum appeared in the public domain. The partial dump contains 4,202 entries with logins, hashed passwords, emails, and registration IP addresses. According to experts, the hack was organized by competing groups.
In parallel, a court in Amsterdam sentenced hacker Erkan Sezgin, 25, to three years in prison for selling hacked data on another closed darknet forum, RaidForums, phishing, and laundering more than €700,000 in cryptocurrency.
US Mobile Accessories Manufacturer Discovers Hack Two Months Later
The popular American manufacturer of mobile device accessories, iOttie, has reported that its website has been hacked. The incident occurred on April 12, but the company only discovered it on June 13.
During this time, the site collected customer credit card information, as well as their personal information, including names, access codes, and account PINs. iOttie reported 241 casualties.
Russia Legalizes Fines for “Illegal Use of Foreign Couriers”
The State Duma in the third reading approved a law on the introduction of administrative liability for “illegal use of foreign couriers” when sending personal and financial information.
The normative act applies only to departments and officials; therefore, it will not affect ordinary users.
For their use, officials face a fine from 30,000 to 50,000 rubles, legal entities – from 100,000 to 700,000 rubles. The law will enter into force from the moment of its official publication.
By Audy Castaneda
