#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Cyber Criminal | Breaking Cybersecurity News | The Hacker News

Hackers Steal $60 Million from Taiwanese Bank; Two Suspects Arrested

Hackers Steal $60 Million from Taiwanese Bank; Two Suspects Arrested

Oct 11, 2017
A Taiwanese bank has become the latest to fall victim to hackers siphoning off millions of dollars by targeting the backbone of the world financial system, SWIFT. SWIFT, or Society for Worldwide Interbank Telecommunication, is a global financial messaging system that thousands of banks and commercial organizations across the world use to transfer billions of dollars every day. Hackers reportedly last week managed to steal almost $60 Million from Far Eastern International Bank in Taiwan by planting malware on the bank's servers and through the SWIFT interbank banking system. According to Taiwanese state-owned news agency Central News Agency, most of the stolen money has now been recovered, with only $500,000 remaining, and authorities have made two arrests in connection with the bank cyber-heist. Far Eastern on Friday admitted that some unknown hackers managed to install malware on computers and servers within its organization, and most crucially, onto a SWIFT terminal emplo
APT33: Researchers Expose Iranian Hacking Group Linked to Destructive Malware

APT33: Researchers Expose Iranian Hacking Group Linked to Destructive Malware

Sep 20, 2017
Security researchers have recently uncovered a cyber espionage group targeting aerospace, defence and energy organisations in the United States, Saudi Arabia and South Korea. According to the latest research published Wednesday by US security firm FireEye, an Iranian hacking group that it calls Advanced Persistent Threat 33 (or APT33) has been targeting critical infrastructure, energy and military sectors since at least 2013 as part of a massive cyber-espionage operation to gather intelligence and steal trade secrets. The security firm also says it has evidence that APT33 works on behalf of Iran's government. FireEye researchers have spotted cyber attacks aimed by APT33 since at least May 2016 and found that the group has successfully targeted aviation sector—both military and commercial—as well as organisations in the energy sector with a link to petrochemical. The APT33 victims include a U.S. firm in the aerospace sector, a Saudi Arabian business conglomerate with avi
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Hacker Who Hacked US Spy Chief, FBI & CIA Director Gets 5-Year in Prison

Hacker Who Hacked US Spy Chief, FBI & CIA Director Gets 5-Year in Prison

Sep 09, 2017
Remember " Crackas With Attitude "? The hacking group behind a series of embarrassing hacks that targeted personal email accounts of senior officials at the FBI, the CIA, and the White House, among other United States federal agencies in 2015. A member of Crackas With Attitude , who was arrested last year in September, has now been sentenced to five years in federal prison. Justin Liverman, a 25-year-old man from Morehead City, who was known under the online alias "D3F4ULT," was arrested last year along with another member of the group—Andrew Otto Boggs, 23, of North Wilkesboro, who allegedly used the handle "INCURSIO." The duo hacked into multiple government organizations between October 2015 and February 2016. Boggs was sentenced to two years in prison on June 30, 2017, for his role. Liverman pleaded guilty on January 6 this year to conspiracy to hack U.S. government computers and accounts and was sentenced to 5 years in prison on Friday.
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Marcus Hutchins (MalwareTech) Gets $30,000 Bail, But Can't Leave United States

Marcus Hutchins (MalwareTech) Gets $30,000 Bail, But Can't Leave United States

Aug 05, 2017
Marcus Hutchins, the malware analyst who helped stop global Wannacry menace , has reportedly pleaded not guilty to charges of creating and distributing the infamous Kronos banking malware and is set to release on $30,000 bail on Monday. Hutchins, the 23-year-old who operates under the alias MalwareTech on Twitter, stormed to fame and hailed as a hero over two months ago when he stopped a global epidemic of the WannaCry ransomware attack by finding a kill switch in the malware code. MalwareTech Arrested After Attending Def Con Event Hutchins was recently arrested at the McCarran International Airport before he could board his flight back to the U.K. after attending Def Con event for his alleged role in creating and distributing the Kronos Banking Trojan between 2014-2015. Kronos is a Banking Trojan designed to steal banking credentials and personal information from victims' computers, which was sold for $7,000 on Russian online forums. MalwareTech to Pay $30,000 for
Creator of NanoCore RAT Pleads Guilty to Aiding CyberCriminals

Creator of NanoCore RAT Pleads Guilty to Aiding CyberCriminals

Jul 27, 2017
A programmer who was arrested in March this year—not because he hacked someone, but because he created and distributed a remote access software that helped cyber criminals—has finally pleaded guilty. Taylor Huddleston , 26, of Hot Springs, Arkansas, pleaded guilty on Tuesday to federal charges of aiding and abetting computer intrusions for intentionally selling a remote access tool (RAT), called NanoCore, to hackers. NanoCore RAT happens to be popular among hackers and has been linked to instructions in at least 10 countries, among them was a high-profile assault on Middle Eastern energy firms in 2015. NanoCore RAT, a $25 piece of remote access software, allows attackers to steal sensitive information from victim computers, such as passwords, emails, and instant messages. The RAT could even secretly activate the webcam on the victims' computers in order to spy on them. Huddleston began developing NanoCore in late 2012, not with any malicious purpose, but with a motive to o
Gang Behind Fireball Malware that Infected 250 Million PCs Busted by Police

Gang Behind Fireball Malware that Infected 250 Million PCs Busted by Police

Jul 26, 2017
Chinese authorities have recently initiated a crackdown on the operators of a massive adware campaign that infected around 250 Million computers , including Windows and Mac OS, across the world earlier this year. The adware campaign was uncovered by security researchers at Check Point last month after it already infected over 25 million computers in India, 24 million in Brazil, 16 million in Mexico, 13 million in Indonesia and 5.5 million in the United States. Dubbed Fireball , the infamous adware comes bundled with other free legitimate software that you download off the Internet. Once installed, the malware installs browser plug-ins to manipulate the victim's web browser configurations and replace their default search engines and home pages with fake search engines. Far from legitimate purposes, Fireball has the ability to spy on victim's web traffic, execute malicious code on the infected computers, install plugins, and even perform efficient malware dropping, cr
AlphaBay Shut Down After Police Raid; Alleged Founder Commits Suicide in Jail

AlphaBay Shut Down After Police Raid; Alleged Founder Commits Suicide in Jail

Jul 14, 2017
AlphaBay Market — one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods — that mysteriously went dark earlier this month without any explanation from its admins has reportedly been shut down by the international authorities. On July 4th, the dark web marketplace suddenly went down without any explanation from its admins, which left its customers who have paid large sums in panic. Some customers even suspected that the site's admins had pulled an exit scam to steal user funds. However, according to the Wall Street Journal , the disappearance of the AlphaBay came after authorities in the United States, Canada, and Thailand collaborated to conduct a series of raids and arrest  Alexandre Cazes , who allegedly was one of the AlphaBay's operators. Citing "people familiar with the matter," the publication claims that Cazes, a resident of Canada, was arrested in Thailand and taken into custody in Bangkok on July 5th, the same day the
Russian Financial Cybercriminal Gets Over 9 Years In U.S. Prison

Russian Financial Cybercriminal Gets Over 9 Years In U.S. Prison

Jul 11, 2017
A 29-year-old Russian-born, Los Angeles resident has been sentenced to over nine years in prison for running botnets of half a million computers and stealing and trafficking tens of thousands of credit card numbers on exclusive Russian-speaking cybercriminal forums. Alexander Tverdokhlebov was arrested in February, pleaded guilty on March 31 to wire fraud and on Monday, a federal court sentenced him to 110 months in prison. According to court documents , Tverdokhlebov was an active member of several highly exclusive Russian-speaking cybercriminal forums largely engaged in money laundering services, selling stolen sensitive data, and malware tools since at least 2008. Tverdokhlebov offered several illegal services on these underground forums, including the exchange of tools, services and stolen personal and financial information. The hacker also operated several botnets – a network of compromised ordinary home and office computers that are controlled by hackers and can be us
LinkedIn Hacker, Wanted by US & Russian, Can be Extradited to Either State

LinkedIn Hacker, Wanted by US & Russian, Can be Extradited to Either State

May 31, 2017
The alleged Russian hacker, who was arrested by the Czech police in Prague last October on suspicion of massive 2012 data breach at LinkedIn, can be extradited to either the United States or Russia, a Czech court ruled on Tuesday. Yevgeniy Aleksandrovich Nikulin , a 29-years-old Russian national, is accused of allegedly hacking not just LinkedIn , but also the online cloud storage platform Dropbox , and now-defunct social-networking company Formspring. However, he has repeatedly denied all accusations. Nikulin was arrested in Prague on October 5 by the Czech police after Interpol issued an international arrest warrant against him. Nikulin appeared at a court hearing held inside a high-security prison in Prague on Tuesday and emaciated after eight months in solitary confinement. The court ruling, pending appeals, left the final decision in the hands of Czech Justice Minister Robert Pelikan, who can approve extradition to one of the countries and block the other. The United
US Charges Two Russian Spies & Two Hackers For Hacking 500 Million Yahoo Accounts

US Charges Two Russian Spies & Two Hackers For Hacking 500 Million Yahoo Accounts

Mar 15, 2017
The 2014 Yahoo hack disclosed late last year that compromised over 500 million Yahoo user accounts was believed to be carried out by a state-sponsored hacking group. Now, two Russian intelligence officers and two criminal hackers have been charged by the US government in connection with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts, the Department of Justice announced Wednesday. According to the prosecutors, at least 30 million accounts were accessed as part of a spam campaign to access the email contents of thousands of people, including journalists, government officials, and technology company employees. The four defendants — Two officers from the Russian Federal Security Service (FSB) and two other hackers — are identified as: Dmitry Aleksandrovich Dokuchaev, 33 — an officer in the FSB Center for Information Security at the time of the hack, and now Russian national and resident. Igor Anatolyevich Sushchin, 43 — an FSB officer, a superior
Police Arrest 5 Cyber Thieves Who Stole 3.2 Million From ATMs Using Malware

Police Arrest 5 Cyber Thieves Who Stole 3.2 Million From ATMs Using Malware

Jan 28, 2017
Law enforcement authorities from Europe and Russia have arrested five members of an international cyber criminal gang for stealing $3.2 million cash from ATMs using malware. Three of the suspects, Andrejs Peregudovs (41), of Latvia, Niklae Penkov (34) of Moldova, and Mihail Colibaba (30) of Romania, were arrested in Taiwan by the Taiwanese Criminal Investigation Bureau last summer, have already been sentenced to 5 years in prison for their role in a massive ATM heist operation, involving 22 individuals from 6 countries. The European-based cyber criminal gang used a variety of different hacking techniques to infect ATMs with malware and force them to dispense cash. According to Europol that began its investigation in early 2016, the gang used spear-phishing emails containing malicious attachments to target bank employees and penetrate the bank's internal networks. From there, the cyber crooks then located and hacked into the network of ATMs from the inside, and used a m
FBI Most Wanted Fugitive JPMorgan Hacker Arrested in New York

FBI Most Wanted Fugitive JPMorgan Hacker Arrested in New York

Dec 15, 2016
One of the FBI's most wanted hackers who was behind the largest theft of financial data has finally been arrested at the JFK airport in New York. Joshua Samuel Aaron is accused of being part of a hacking group that attacked several major financial institutions, including JPMorgan Chase , and according to the officials, which was "the largest theft of user data from a U.S. financial institution in history." Aaron was believed to have been living as a fugitive in Moscow, Russia after being charged with hacking crimes in 2015, which exposed the personal information of more than 100 Million people. On June 2015, a federal arrest warrant was issued for Aaron by the United States District Court, and the FBI and US secret service agents arrested him upon his arrival at the JFK airport in NY, announced the US Department of Justice. "Aaron allegedly worked to hack into the networks of dozens of American companies, ultimately leading to the largest theft of person
Hacker who stole Celebrity Emails, Tapes, Movie Scripts Gets 5 Years in Prison

Hacker who stole Celebrity Emails, Tapes, Movie Scripts Gets 5 Years in Prison

Dec 07, 2016
A hacker who was arrested last year for hacking into celebrities' email accounts to steal the unreleased movie and television scripts, their private messages, and tapes to sell them has finally been sentenced five years in prison. Alonzo Knowles , a 24-year-old Bahamian man, was convicted by U.S. District Judge Paul A. Engelmayer in Manhattan on Tuesday. Knowles, who maintained a list of emails and phone numbers of 130 celebrities, pleaded guilty in May to charges of identity theft and criminal copyright infringement. The sentence is twice longer than the amount of years the federal sentencing guidelines suggested, as the judge felt that Knowles "would be a clear and present danger to commit the very same crime again," the New York Times reports . The hacker expressed remorse in court and had already handed over unreleased scripts, songs, and $1,900 in cash. The authorities arrested Knowles late December and seized his laptop that was later destroyed by inv
Beware — Someone is dropping Malware-infected USB Sticks into People's Letterbox

Beware — Someone is dropping Malware-infected USB Sticks into People's Letterbox

Sep 22, 2016
Hey! Wait! Wait! Wait! Don't plug in that USB stick into your laptop. It could infect your computer with malware and viruses. Australia's Victoria Police Force has issued a warning regarding unmarked USB flash drives containing harmful malware being dropped inside random people's letterboxes in the Melbourne suburb of Pakenham. It seems to one of the latest tactics of cyber criminals to target people by dropping malware-laden USB sticks into their mailboxes, in the hope unsuspecting users will plug the infected devices into their personal or home computers. The warning, published on the official website of the Victoria Police, one of Australia's state police departments, reads: "Members of the public are allegedly finding unmarked USB drives in their letterboxes. Upon inserting the USB drives into their computers victims have experienced fraudulent media streaming service offers, as well as other serious issues [malware]. The USB drives are belie
Fraudsters Stole ¥1.4 Billion from 1,400 Japanese ATMs in Just 3 Hours

Fraudsters Stole ¥1.4 Billion from 1,400 Japanese ATMs in Just 3 Hours

May 23, 2016
In an era where major data hacks are on the rise, it is no surprise breaches on individuals are also up. In just three hours, over 100 criminals managed to steal ¥1.4 Billion ( approx. US$12.7 Million ) from around 1,400 ATMs placed in small convenience stores across Japan. The heist took place on May 15, between 5:00 am and 8:00 am, and looked like a coordinated attack by an international crime network. The crooks operated around 1,400 convenience store ATMs from where the cash was withdrawn simultaneously in 16 prefectures around Japan, including Tokyo, Osaka, Fukuoka, Kanagawa, Aichi, Nagasaki, Hyogo, Chiba and Nigata, The Mainichi reports . Also Read: Tyupkin Malware Hacking ATM Machines Worldwide Many ATM incidents involve a long-established technique called ' ATM Skimming ' in which criminals install devices to obtain card details via its magnetic stripe, or use ATM malware or from data breaches, and then work with so-called carders and money mules to pilfe
U.S. developing Technology to Identify and Track Hackers Worldwide

U.S. developing Technology to Identify and Track Hackers Worldwide

May 05, 2016
Without adequate analysis and algorithms, mass surveillance is not the answer to fighting terrorism and tracking suspects. That's what President Obama had learned last year when he signed the USA Freedom Act , which ends the bulk collection of domestic phone data by US Intelligence Agencies. There is no doubt that US Government is collecting a vast quantity of data from your smartphone to every connected device i.e. Internet of the things , but… Do they have enough capabilities to predict and identify terrorists or cyber criminals or state-sponsored hackers before they act? Well, if they had, I would not be getting chance to write about so many brutal cyber attacks , data breaches, and terrorist attacks that not only threatened Americans but also impacted people worldwide. The Ex-NSA technical director William E. Binney, who served the US National Security Agency for over 30-years, said last year in the front of Parliamentary Joint Committee that forcing analysts t
Russian Hacker Who Stole From Banks Ordered to Pay $7 Million

Russian Hacker Who Stole From Banks Ordered to Pay $7 Million

May 03, 2016
A Russian man who spent about 3 years behind bars in the United States has been spared further prison time but ordered to pay $7 Million to cover damages he caused to banks using a vicious computer virus. Nikita Vladimirovich Kuzmin was arrested in 2010 and imprisoned in August 2011 for developing a sophisticated computer malware called Gozi and infecting more than 1 million computers worldwide, causing tens of millions of dollars in losses. Kuzmin was sentenced Monday to the 37 months he has already served in custody, and ordered to pay $6,934,979 that authorities have identified as the damages experienced by two major Banks, one located in the U.S. and the other in Europe, Department of Justice says . Kuzmin received a lighter sentence due to his "substantial assistance" in the investigation that resulted in the conviction of Latvian national Deniss Calovskis as well as the arrest of Romanian Mihai Ionut Paunescu, who is awaiting extradition to the United States.
Car Hackers Could Face Life In Prison. That's Insane!

Car Hackers Could Face Life In Prison. That's Insane!

May 02, 2016
Yes, you heard it right. You can now end up your whole life behind bars if you intentionally hack into a vehicle's electronic system or exploit its internal flaws. Car Hacking is a hot topic. Today, many automobiles companies are offering cars that run mostly on the drive-by-wire system, which means the majority of functions are electronically controlled, from instrument cluster to steering, brakes, and accelerator. No doubt these auto-control electronic systems improve your driving experience, but at the same time also increase the risk of getting hacked. Previous research demonstrated hackers capabilities to hijack a car remotely and control its steering, brakes and transmission, and to disable car's crucial functions like airbags by exploiting security bugs affecting significant automobiles. Messing with Cars can Cost You Keeping these risks in mind, the Michigan state Senate has proposed two bills which, if passed into law, will introduce life sentences i
US releases Iranian Hacker as part of Prisoner Exchange Program

US releases Iranian Hacker as part of Prisoner Exchange Program

Jan 20, 2016
The United States has freed 4 Iranian nationals ( including one Hacker ) and reduced the sentences of 3 others in exchange for the release of 5 Americans formerly held by Iran as part of a prisoner swap or Prisoner Exchange Program. The Iranian citizens released from the United States custody through a side deal to the Iran nuclear agreement. Iran released five Americans, including: Washington Post reporter Jason Rezaian Former U.S. Marine Amir Hekmati Student Matthew Trevithick Christian pastor Saeed Abedini Pastor Nosratollah Khosravi-Roodsari The United States pardoned seven Iranian nationals, including: Nader Modanlou Bahram Mechanic Khosrow Afqahi Arash Ghahreman Touraj Faridi Nima Golestaneh (Hacker) Ali Sabounchi "These individuals weren't charged with terrorism or any violent offenses. They are civilians, and their release is a one-time gesture to Iran given the unique opportunity offered by this moment and the larger circumstance
FBI Has Named Hacker allegedly responsible for The Fappening Leaks

FBI Has Named Hacker allegedly responsible for The Fappening Leaks

Jan 18, 2016
Remember The Fappening incident? Took place in mid-2014, in the incident, anonymous hackers flooded the Internet with private photographs of major celebrities, including Jennifer Lawrence , Kim Kardashian , Kate Upton and Kirsten Dunst. The Fappening was the result of the hack of thousands of Apple's iCloud accounts, including those belonging to Hollywood actresses, models and major celebrities. Main Culprit Behind The Fappening However, now two years later, new court documents reveal the name of the FBI's top suspected hacker: Ed Majerczyk . In October of 2014, the Federal Bureau of Investigation (FBI) raided the home of Ed Majerczyk, a Chicago man believed to be the chief culprit behind a series of 2014 leaked celebrity photos that came to be known as ' The Fappening ' or ' Celebgate '. The man allegedly suspected of illegally accessing iCloud accounts from his home in Chicago. Also, the FBI found some sexual photographs lifted from
Cybersecurity Resources