Blacksite’s Intelligence Report – Week of June 9th, 2022
The Blacksite Weekly Intelligence Report
Facebook Phishing Operation Generates Millions
Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. The campaign operators used these stolen accounts to send further phishing messages to their friends, generating significant revenue via online advertising commissions. PIXM was able to trace the threat actor and map the campaign due to a link to a traffic monitoring app (whosamung.us) that was publicly accessible without authentication.
China State-Sponsored Hackers Exploit Network Providers and Devices
U.S. cybersecurity and intelligence agencies have warned about China-based cyber actors leveraging network vulnerabilities to exploit public and private sector organizations since at least 2020. The agencies did not single out a specific threat actor but noted that the findings reflect Chinese state-sponsored groups’ history of aggressively striking critical infrastructure to steal sensitive data. The disclosure comes less than a month after the cybersecurity authorities revealed the most routinely exploited initial access vectors to breach targets, some of which include misconfigured servers, weak password controls, unpatched software, and failure to block phishing attempts.
More information: https://www.cisa.gov/uscert/ncas/alerts/aa22-158a
Telegram to Offer a Premium Service Option
Telegram is working on a new subscription-based project dubbed “Telegram Premium” The company is planning to launch a subscription platform that would reportedly start at $4.99 and reduce the limitations of the messaging app. Telegram is already live in the beta version for Android, but you cannot subscribe to the service at the moment. A Telegram channel, which keeps track of new features coming to the platform, shared a list of expected changes. The company has not been officially monetized, though the company has been exploring support for ads like sponsored messages in public channels.
More information: https://beebom.com/what-is-telegram-premium/
SSNDOB Market Responsible for Selling Information Millions of People Seized by FBI
U.S. law enforcement agencies shut down an illicit online marketplace known as SSNDOB. The Department of Justice announced the seizure of several domains associated with the marketplace. The marketplace trafficked in personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the United States. The takedown marks the continued ramping up of efforts on the part of law enforcement across the world to disrupt malicious cyber activity. Earlier this year, the Federal Bureau of Investigation also neutralized a modular botnet dubbed Cyclops Blink and dismantled RaidForums.
More information: https://blog.chainalysis.com/reports/ssndob-darknet-market-shutdown/
FTC Warns Crypto Scams on the Rise
The US Federal Trade Commission has warned that people have reported losing over $1 billion in crypto to scams since the beginning of 2021. The vast majority of these losses were due to investment scams, in which people are tricked into buying cryptocurrency with the promise of a large return. Younger people (aged 20 to 49) are more than three times as likely to fall for cryptocurrency scams than older people. The FTC offers the following tips to help people recognize cryptocurrency scams: Never mix online dating and investment advice.
Top 10 Banking Trojans Target Hundreds of Financial Apps
10 of the most prolific mobile banking trojans have set their eyes on 639 financial applications that are available on the Google Play Store. The most targeted apps include Walmart-backed PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf – Mon Compte, Postepay, and BBVA México. Of the 639 apps tracked, 121 are based in the U.S., followed by U.K. (55), Italy (43), Turkey (34), Australia (33), France (31), Spain (29), and Portugal (27).
More information: https://get.zimperium.com/mobile-banking-heists/
How Blacksite ZTNA Can Help Protect Your Business Against Cyber Threats
The first step in protecting your company against cyber threats is to make sure you have a solid cybersecurity plan. A cybersecurity plan helps you make sure that your company has the proper safeguards in place to protect your business. Expert security company Blacksite can help you with all your cybersecurity needs. At Blacksite we can help your company develop a cybersecurity plan that is tailored to your business needs. Blacksite implements the latest ZTNA technology to keep your business apps, data, and services safe from prying eyes and potential cybersecurity threats that you might experience in the future. Blacksite specializes in providing cybersecurity solutions in data protection, risk management, encryption, cyber security strategy, and cyber security education at an affordable price to accommodate your business whether it’s a small family owned to that of the size of a fortune 500.
More information: https://blacksite.solutions/products
Please contact us and we’ll be glad to assist you.
Become invisible, become secure.