McAfee Indicted on Cryptocurrency Fraud Charges
REvil ransomware gang offers new tactics to pressure victims, Cyberattacks launched on Czech systems, Hackers breached British aid projects, Russia and China behind Dutch medicine site hacks, more
Check out our special report from this morning on the one-two punch of the Chinese APT hack of Microsoft Exchange coming on the heels of the SolarWinds breach. And don’t forget to tell your friends and colleagues about Metacurity!
A newly unsealed indictment in Manhattan federal court reveals that antivirus pioneer John McAfee was indicted on fraud and money laundering conspiracy charges. The indictment alleges that he and cohorts made over $13 million by fooling investors zealous over the emerging cryptocurrency market.
McAfee has been detained in Spain on separate criminal charges filed by the U.S. Justice Department’s tax division. (Larry Neumeister / Associated Press)
Related: BBC News, SecurityWeek, BBC News, Channel News Asia, Reuters, The Sun, Daily Mail, News.com.au, Tech Xplore, TribLIVE, ABC.net.au, Justice.gov, UPI.com, Wired, WashingtonExaminer.com, New York Post, PerthNow, CNBC, Daily Beast, Courthouse News Service, The Sun, The New Daily, The Guardian, City A.M. - Technology, Business Insider, WRAL Tech Wire, Bitcoin News, The Record by Recorded Future, South China Morning Post, HotHardware.com, Gizmodo, Mashable, The Hill: Cybersecurity, CNN.com, Dark Reading, Axios, Bleeping Computer, Raw Story, The Verge, Mediaite, The Verge, Law, and Crime
A security researcher known as 3xp0rt discovered that the REvil ransomware operation (also known as Sodinokibi) has introduced new tactics, including DDoS attacks and voice calls to journalists and victim's business partners, that affiliates can use to exert even more pressure on victims.
REvil’s new paid service will allow affiliates to perform Layer 3 and Layer 7 DDoS attacks against a company for maximum pressure. (Lawrence Abrams / Bleeping Computer)
Prague officials said that unknown attackers launched a widespread but limited cyber attack on Czech public administration systems.
The attacks follow several other attempts to hack state organizations in the Czech Republic over the past year, including Prague airports or hospitals. (Robert Mueller / Reuters)
The Foreign, Commonwealth and Development Office (FCDO) and experts from the National Cyber Security Centre (NCSC), an arm of the UK’s GCHQ, are investigating how hackers got access to British aid projects, including details related to projects funded by a secretive national security fund.
Among those affected by the breach include individuals working on UK aid projects financed by the Conflict, Security and Stabilisation Fund (CSSF). (Ben Quinn / The Guardian)
A Russian intelligence agency and Chinese spies were behind cyberattacks on the European Medicines Agency (EMA) last year, sources told Dutch newspaper De Volkskrant.
The drug regulator reported a cyberattack last December in which documents relating to COVID-19 vaccines and medicines were stolen and leaked on the internet. (Bart Meijer, Emily Chow, and Tom Balmforth / Reuters)
U.S. officials, including an official with the State Department’s Global Information Center, say that Russian intelligence agencies mounted a campaign to undermine confidence in Pfizer Inc.’s and other Western vaccines, using online publications that in recent months have questioned the vaccines’ development and safety.
Four publications reportedly served as fronts for Russian intelligence and played up vaccines’ side effects, and questioned their efficacy. Russia made the efforts to denigrate Pfizer and other vaccine makers to elevate the status of its own vaccine called Sputnik, a report by the Alliance for Securing Democracy says. (Michael R. Gordon and Dustin Volz / Wall Street Journal)
Dustin Volz @dnvolzNew: Russian intelligence agencies have mounted a campaign to undermine confidence in Pfizer and other Covid vaccines using online front publications that in recent months have questioned their development and safety, U.S. officials said. w/ @mgordonwsj https://t.co/x0P4rCiEAx
The Justice Department issued a warning regarding cybercriminals who are impersonating state workforce agencies (SWAs) to steal Americans’ personal information and other sensitive data.
DOJ says that individuals who need to apply for unemployment benefits should directly go to an official SWA website to avoid these convincing but fake sites. (Habiba Rashid / HackRead)
The website for attorney Debra Katz of Katz, Marshall & Banks, LLP was hacked and taken offline Saturday morning. Katz represents former political aide Charlotte Bennett in the investigation into alleged sexual harassment by Gov. Andrew Cuomo (D-NY).
The law firm restored its website and reporter the incident to law enforcement. (Colin Kalmbacher / Law and Crime)