Top news from the world of cybersecurity this week.
Here are the four most outstanding news about cybersecurity this week:
- Ministry of the Interior of the Russian Federation, with the support of FAC.CT eliminated the Jewelry Team.
- Unknown subjects leaked customer data from several large stores in the Russian Federation.
- Fracturiser malware found in mods for Minecraft.
- Researchers have created a robot to extract RAM content.
With the Support of FAC.CT, Ministry of the Interior of the Russian Federation Eliminated the Jewelry Team
Experts from the information security company FAC.CT discovered a group of scammers Jewelry Team, who stole money from the Russians through the popular BlaBlaCar travel companion matching service.
According to the investigation, since September 2021, members of the group have been posting fake ads on behalf of drivers. As a result, the scammers received not only a “deposit” in the amount of 500-1,500 rubles but also bank card data.
Criminal proceedings have been opened for embezzlement. The alleged leader of the Jewelry Team, as well as one of his accomplices, was sent to house arrest, while a third one is in jail.
Unsubs Leaked Customer Data from Several Large Stores in Russia
Within a week, user data from several large Russian stores appeared in the public domain, as reported by the Telegram channel “Information leaks”. The databases of the Auchan and Tvoy Dom retail chains were the first to leak online, with 7.8 million and more than 713,000 lines, respectively.
The attackers then leaked 2 to 4 million online dumps containing customer data from the Gloria Jeans clothing store chain, the Askona mattress store, and the book24.ru online bookstore.
Subsequently, they laid the foundations for the Bookvoed online bookstore (6.8 million lines), the TVOE online clothing store (2.2 million lines), the Leroy Merlin online store (5.1 million lines) and the web of culinary recipes “Eat at Home” (more than 535,000 lines).
The information was allegedly leaked by the attackers responsible for leaking Sberbank and other Russian companies. In the near future, they promised to publish new data.
Fracturiser Malware Found in Mods for Minecraft
Fracturiser, a self-propagating malware that attacks systems running Windows and Linux, has been found in various Minecraft mods. This was reported by representatives of the CurseForge platform. In turn, the creators of the Prism Launcher utility suggested that this is about exploiting a vulnerability on the Overwolf platform.
Users were urged to stop downloading and updating mods for the game immediately, as well as to change passwords for all accounts. To make it easier to find indicators of compromise, iCurseForge has published a guide to removing the infection.
Researchers Have Created a Robot to Extract the Contents of RAM
Red Balloon Security employees Ang Cui and Yuanzhe Wu have unveiled a cryomechanical robot capable of extracting the contents of DDR3 RAM at low temperatures.
This attack is called Cold Boot Attack and it is achieved due to the effect of saving data in dynamic and static RAM after power off. A device that costs less than $1,000 literally freezes a RAM chip. To read the data, the removed physical memory is placed in the FPGA.
The researchers believe that if they use a more expensive FPGA-based memory read platform (costing around $10,000), their method is applicable to sophisticated attacks on DDR4 and DDR5
By Audy Castaneda
