Operation Trojan Shield Ensnared Cybercrime Rings Across 16 Countries
Apple outlines new customer data protections, Cyberattack hobbles New York City's law department, Evil Corp rebrands malware, Massive Russian spearphishing campaign targets Ukraine, more
Check out our special report on the feds’ seizure of DarkSide’s alleged bitcoin wallet. Also, check out my CSO column from this morning on why the FBI might be so mysterious about the details of this seizure.
A global sting operation, called Operation Trojan Shield, involving an encrypted communications platform called ANOM developed by the FBI, has delivered a blow to cybercrime rings across 16 countries. More than 800 suspects were arrested, and more than 32 tons of illegal drugs were seized along with 250 firearms, 55 luxury cars, and more than $148 million in cash and cryptocurrencies.
The FBI led the operation and involved the U.S. Drug Enforcement Administration, Europol, and law enforcement agencies in more than a dozen countries. Operation Trojan Shield began after law enforcement agencies took down two other encrypted platforms popular among cybercriminals, EncroChat and Sky ECC, earlier this year. (Mike Corder, Nick Perry / Associated Press)
Related: Security News | Tech Times, RTE, Axios, Malay Mail - All, Daily Mail, France 24, The Age, New York Post, The Guardian, The New Daily, WA Today, NBC News Top Stories, Bloomberg Politics, Japan Today, CTVNews.ca, EURACTIV.com, Channel News Asia, Europol, rthk.hk World News, TODAYonline, intelNews.org, Nord News, NL Times, ZDNet Security, The Record
At its annual Worldwide Developers Conference, Apple outline new plans to increase user privacy and protect customers’ data, including the ability for users to scan ID cards in participating U.S. states and keep them in encrypted wallets.
Apple has also updated the paid version of its iCloud storage service to include a service that obscures a use’ Web-browsing habits, even from Apple. Another new iCloud feature will let users hide their real email addresses. (Stephen Nellis / Reuters)
Related: TechCrunch, AppleInsider, The Guardian, TechCrunch, SlashGear, iPhone Hacks, Evening Standard, Ad Week, SlashGear, The Apple Post, AppleInsider, CNET News, iClarified, iPhone in Canada Blog, 9to5Mac, xda-developers, SlashGear, Marketwatch, The Mac Observer, MobileSyrup.com, Redmond Pie, New York Times, Reuters, Devdiscourse News Desk, iNews, Cult of Mac, iMore, Macworld, xda-developers, Trusted Reviews, Tech Xplore, Associated Press Technology, Explica, Channel News Asia, CNET News, MacRumors, The Apple Post, AppleInsider, Mashable, Slashdot, 9to5Mac, The Verge
Apple settled a case with a 21-year-old woman after two repair technicians uploaded personal explicit images and videos to her Facebook account from her phone during the repair process.
Apple said it fired the two employees and had taken steps to strengthen its vendor protocols. (James Titcomb / Telegraph)
Related: Cult of Mac, 9to5Mac, iMore, iPhone Hacks, TechNadu, The Apple Post, iPhone Hacks, SlashGear, TechSpot, Macworld, MacRumors, Trusted Reviews, Tech Insider, TechNadu, The Mac Observer, The Mac Observer, xda-developers, BGR, The Loop, Investor's Business Daily, diginomica, TIME, WRAL Tech Wire, Invezz, WCCFtech, Protocol, Pocket-lint
A cyberattack, possibly a ransomware attack, has hobbled the New York City government’s 1,000-lawyer strong law department, leaving attorneys unable to access sensitive documents and possibly exposing private personnel data.
Mayor Bill de Blasio said that the city has yet to find any evidence Law Department information has been compromised. (Michael Gartland, Stephen Rex Brown, Clayton Guse, Shant Shahrigian / New York Daily News)
Code repository GitHub updated its community guidelines that explain how the company will deal with exploits and malware samples hosted on their service.
The new guidelines respond to criticism leveled at Microsoft-owned GitHub after removing a proof-of-concept exploit (PoC) in March for the Microsoft Exchange ProxyLogon vulnerability. (Lawrence Abrams / Bleeping Computer)
The Evil Corp gang, also known as Indrik Spider and the Dridex gang, rebranded its ransomware to mimick PayloadBIN ransomware to evade sanctions imposed by the US Treasury Department's Office of Foreign Assets Control (OFAC).
Fabian Wosar of Emsisoft and Michael Gillespie of ID Ransomware confirmed that the ransomware rebrands Evil Corp's previous ransomware operations. (Lawrence Abrams / Bleeping Computer)
According to alerts published by the Ukrainian Secret Service, Ukrainian Cyber Police, and CERT Ukraine, a “massive” spear-phishing operation was carried out by Russian threat actors against the Ukrainian government and the private sector.
The operation took place in June, and the attackers sent emails posing as representatives for the Kyiv Patrol Police Department, warning recipients of their failure to pay local taxes. (Catalin Cimpanu / The Record)
Related: Security Affairs
An investigation by the Washington Post discovered that almost 2% of the top 1,000 highest-grossing apps on Apple’s app store are scams.
Those apps have bilked consumers out of an estimated $48 million during the time they’ve been on the App Store, according to market research firm Appfigures, with Apple taking up to 30% of the apps’ revenue from its App Store. (Reed Albergotti and Chris Alcantara / Washington Post)
Bain Capital Private Equity and Crosspoint Capital Partners have agreed to acquire cybersecurity company ExtraHop for $900 million.
ExtraHop provides network detection and response services, including combating ransomware attacks. (Laura Cooper / Wall Street Journal)