Takedowns of global hacker operations have been making headlines as of late, highlighting the importance of strong cybersecurity.
Hacker Data Market Seized by FBI
Western law enforcement agencies have dismantled an online marketplace, called RaidForums, used to buy and sell hacked and stolen personal data belonging to millions of people, reported The Seattle Times (April 12).
Authorities say the website trafficked in hundreds of databases of sensitive data, such as credit card and Social Security numbers, as well as bank account information, that was hacked or stolen from victims.
“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information,” Assistant Attorney General Kenneth A. Polite Jr., head of the Justice Department’s criminal division, said in a statement.
The site offered paid access to members, including a “God” membership that prosecutors say enabled nearly unlimited access, and sold “credits” which enabled members to download means of identification and stolen information.
The FBI and Justice Department and other Western law enforcement agencies, including Europol and agencies in Sweden, Portugal, Germany and the UK, were involved in the operation.
Russian Invasion of Ukraine Triggers U.S. Hacker Crackdown
Meanwhile, Russia’s invasion of Ukraine has triggered a U.S. crackdown on its hackers, reported Wired (April 8).
Over the past two months, President Joe Biden’s executive branch has taken action to deter and temporarily disarm Russia’s most dangerous hackers.
Some of the measures have included publicly blaming the distributed denial of service attacks targeting Ukrainian banks on Russia’s GRU military intelligence agency and unsealing two indictments against the members of notorious Russian state hacker groups.
NSA and Cyber Command director general Paul Nakasone has told Congress that Cyber Command sent “hunt forward teams” of U.S. cybersecurity personnel to Eastern Europe to seek out and eliminate network vulnerabilities that hackers could exploit in both Ukraine and the networks of other allies.
A Russian military-linked hacking group has already attempted to infiltrate Ukrainian power substations and deploy malicious code capable of cutting electricity, Ukrainian government officials and private investigators said, reported CNN (April 12).
The cyberattack appears to have been stopped and the Ukrainian government Computer Emergency Response Team said it had prevented the attackers from “carrying out [their] malicious intent.”
In other news:
- Email marketing platform Mailchimp confirmed that hackers used an internal tool to steal data from more than 100 of its clients, with the data being used to mount phishing attacks on the users of cryptocurrency services, reported TechCrunch (April 4).
- T-Mobile secretly bought its customer data from hackers to stop a leak after a breach last year, reported Vice (April 12). However, the plan ultimately failed.
- Popular blockchain game Axie Infinity, which lets users earn money as they play, is connected to what could be the largest decentralized finance, or DeFi, hack in history, reported CNBC (March 29).