#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Russian hackers | Breaking Cybersecurity News | The Hacker News

Hackers stole $800,000 from ATMs using Fileless Malware

Hackers stole $800,000 from ATMs using Fileless Malware

Apr 04, 2017
Hackers targeted at least 8 ATMs in Russia and stole $800,000 in a single night, but the method used by the intruders remained a complete mystery with CCTV footage just showing a lone culprit walking up to the ATM and collecting cash without even touching the machine. Even the affected banks could not find any trace of malware on its ATMs or backend network or any sign of an intrusion. The only clue the unnamed bank's specialists found from the ATM's hard drive was — two files containing malware logs. The log files included the two process strings containing the phrases: "Take the Money Bitch!" and "Dispense Success." This small clue was enough for the researchers from the Russian security firm Kaspersky, who have been investigating the ATM heists, to find malware samples related to the ATM attack. In February, Kaspersky Labs reported that attackers managed to hit over 140 enterprises, including banks, telecoms, and government organizations, in th
Russian Hacker Pleads Guilty to Developing and Distributing Citadel Trojan

Russian Hacker Pleads Guilty to Developing and Distributing Citadel Trojan

Mar 23, 2017
A Russian man accused of developing and distributing the Citadel Banking Trojan , which infected nearly 11 Million computers globally and caused over $500 Million in losses, has finally pleaded guilty to charges of computer fraud. Mark Vartanyan, 29, who was very well known as " Kolypto ," pleaded guilty in an Atlanta courtroom on Monday to charges related to computer fraud and is now co-operating with federal prosecutors in return for a reduced sentence of no more than five years in prison. Vartanyan, a native of Moscow, was arrested in Norway in October 2014 and extradited to the United States in December last year. He was involved in the development, improvement, maintenance and distribution of the nasty Citadel Trojan. "This successful extradition is yet another example of how cooperation among international law enforcement partners can be used to disrupt and dismantle global cyber syndicates," said U.S. Attorney John Horn. "This defendant's
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Yahoo! Hack! How It Took Just One-Click to Execute Biggest Data Breach in History

Yahoo! Hack! How It Took Just One-Click to Execute Biggest Data Breach in History

Mar 16, 2017
In the digital world, it just takes one click to get the keys to the kingdom. Do you know spear-phishing was the only secret weapon behind the biggest data breach in the history? It's true, as one of the Yahoo employees fell victim to a simple phishing attack and clicked one wrong link that let the hackers gain a foothold in the company's internal networks. You may be familiar with phishing attacks — an attempt to steal user credentials or financial data — while, Spear-phishing is a targeted form of phishing in which attackers trick employees or vendors into providing remote-access credentials or opening a malicious attachment containing an exploit or payload. Here's how the Yahoo's massive data breach was traced back to human error and who were the alleged masterminds behind this hack. On Wednesday, the US government charged two Russian spies (Dmitry Dokuchaev and Igor Sushchin) and two criminal hackers (Alexsey Belan and Karim Baratov) in connection with the 20
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
US Charges Two Russian Spies & Two Hackers For Hacking 500 Million Yahoo Accounts

US Charges Two Russian Spies & Two Hackers For Hacking 500 Million Yahoo Accounts

Mar 15, 2017
The 2014 Yahoo hack disclosed late last year that compromised over 500 million Yahoo user accounts was believed to be carried out by a state-sponsored hacking group. Now, two Russian intelligence officers and two criminal hackers have been charged by the US government in connection with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts, the Department of Justice announced Wednesday. According to the prosecutors, at least 30 million accounts were accessed as part of a spam campaign to access the email contents of thousands of people, including journalists, government officials, and technology company employees. The four defendants — Two officers from the Russian Federal Security Service (FSB) and two other hackers — are identified as: Dmitry Aleksandrovich Dokuchaev, 33 — an officer in the FSB Center for Information Security at the time of the hack, and now Russian national and resident. Igor Anatolyevich Sushchin, 43 — an FSB officer, a superior
New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

New MacOS Malware linked to Russian Hackers Can Steal Passwords & iPhone Backups

Feb 16, 2017
Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal. A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices. The malware is designed to steal web browser passwords, take screenshots of the display, detect system configurations, execute files and exfiltrate iPhone backups stored on the computer. The X-Agent malware is tied to Russian hacking group known as APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — that has been operating since at least 2007 and is allegedly linked to the Russian government. "Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the Mac OS binary that currently forms
Russian Hacker behind 'NeverQuest' Malware, Wanted by FBI, Is Arrested in Spain

Russian Hacker behind 'NeverQuest' Malware, Wanted by FBI, Is Arrested in Spain

Jan 22, 2017
A Russian computer hacker wanted by the FBI on hacking allegations was arrested and jailed in Spain earlier this week, while a decision on his extradition to the United States has yet to be made. The Guardia Civil, Spanish law enforcement agency officers, have detained 32-year-old Stanislav Lisov at Barcelona–El Prat Airport based on an international arrest warrant issued by Interpol at the request of the FBI. Lisov is arrested on suspicion of creating and operating the NeverQuest Banking Trojan , a nasty malware that targeted financial institutions across the world and caused an estimated damage of $5 Million. The arrest was made after U.S. intelligence agencies found that Russian hackers were behind the November 2016 election hacks that possibly influenced the presidential election in Donald Trump's favor. However, Spanish police made an official statement, saying that the FBI had requested the arrest of Lisov after an investigation that started in 2014. NeverQues
Billion-Dollar Hacker Gang Now Using Google Services to Control Its Banking Malware

Billion-Dollar Hacker Gang Now Using Google Services to Control Its Banking Malware

Jan 20, 2017
Carbanak – One of the most successful cybercriminal gangs ever that's known for the theft of one billion dollars from over 100 banks across 30 countries back in 2015 – is back with a BANG! The Carbanak cyber gang has been found abusing various Google services to issue command and control (C&C) communications for monitoring and controlling the machines of unsuspecting malware victims. Forcepoint Security Labs researchers said Tuesday that while investigating an active exploit sent in phishing messages as an RTF attachment, they discovered that the Carbanak group has been hiding in plain site by using Google services for command and control. "The Carbanak actors continue to look for stealth techniques to evade detection," Forcepoint's senior security researcher Nicholas Griffin said in a blog post . "Using Google as an independent C&C channel is likely to be more successful than using newly created domains or domains with no reputation." Th
Hackers Suspected of Causing Second Power Outage in Ukraine

Hackers Suspected of Causing Second Power Outage in Ukraine

Dec 21, 2016
The same group of hackers that caused the power outage across several regions in Ukraine last Christmas holidays might have once again shut down power supply in northern Ukraine during the weekend. According to Ukrainian energy provider Ukrenergo, a cyber attack on Kyiv's power grid may have caused the power outages in the country on Saturday, December 17, near midnight. The blackout affected the northern part of Kiev, the country's capital, and surrounding areas, Ukrenergo Director Vsevolod Kovalchuk explained in a post on Facebook. Shortly after the incident, Ukrenergo engineers switched to manual mode and started restoring power in approximately 30 minutes in an effort to deal with the cyber attack. Power was fully restored after just an hour and fifteen minutes of the blackout. According to Kovalchuk, the one responsible for the weekend outage could be an "external interference through data network," however, the company's cybersecurity experts a
'MethBot' Ad Fraud Operators Making $5 Million Revenue Every Day

'MethBot' Ad Fraud Operators Making $5 Million Revenue Every Day

Dec 20, 2016
The biggest advertising fraud ever! A group of hackers is making between $3 Million to $5 Million per day from United States brands and media companies in the biggest digital ad fraud ever discovered. Online fraud-prevention firm White Ops uncovered this new Ad fraud campaign, dubbed " Methbot ," that automatically generates more than 300 Million fraudulent video ad impressions every day. The cyber criminal gang, dubbed AFT13, has developed Methbot robo-browser that spoofs all the necessary interactions needed to initiate, carry out and complete the ad transactions. The hackers, allegedly based in Russia, registered more than 6,000 domains and 250,267 distinct URLs impersonating brand and names of high-profile websites like ESPN, Vogue, CBS Sports, Fox News and the Huffington Post, and selling fake video ad slots. Cyber criminals behind Methbot are using servers hosted in Texas and Amsterdam to power more than 570,000 bots with forged IP addresses, mostly belong
President Obama Orders 'Full Review' of Possible Russian hacking in US Election

President Obama Orders 'Full Review' of Possible Russian hacking in US Election

Dec 10, 2016
In his final month in office, President Barack Obama has ordered U.S. intelligence agencies to conduct a "full review" of pre-election cyber attacks against Democratic Party organizations that many believe affected the outcome of the 2016 presidential election. The United States intelligence agencies have attributed those series of cyber-attacks to Russia that shook the US election season. "The President earlier this week instructed the intelligence community to conduct a full review of the pattern of malicious cyber activity related to our presidential election cycle," White House spokesman Eric Schultz told reporters. At an event hosted by the Christian Science Monitor, White House's counterterrorism adviser Lisa Monaco announced that the president had "directed the Intelligence Community to conduct a full review of what happened during the 2016 election process." President is expecting a full report before the end of his term, and Pres
Russia proposes 10 Year in Prison Sentence for Hackers and Malware Authors

Russia proposes 10 Year in Prison Sentence for Hackers and Malware Authors

Dec 08, 2016
The Russian government has introduced a draft bill that proposes prison sentences as punishment for hackers and cyber criminals creating malicious software used in targeting critical Russian infrastructure, even if they have no part in actual cyber attacks. The bill, published on the Russian government's website on Wednesday, proposes amendments to the Russian Criminal Code and Criminal Procedure Code with a new article titled, "Illegal influence upon the critical informational infrastructure of the Russian Federation." The article introduces punishment for many malicious acts, including the "creation and distribution of programs or information, which can be used for the destruction, blocking or copying data from the Russian systems." When suspects found as part of any hacking operation, they will face a fine between 500,000 and 1 Million rubles (about $7,700 to $15,400) and up to five years in prison, even if the hacking causes little or no harm. Also R
5 Major Russian Banks Hit With Powerful DDoS Attacks

5 Major Russian Banks Hit With Powerful DDoS Attacks

Nov 11, 2016
Distributed Denial of Service (DDoS) attacks have risen enormously in past few months and, mostly, they are coming from hacked and insecure internet-connected devices, most commonly known as Internet of Things (IoT). Recent DDoS attack against DNS provider Dyn that brought down a large chunk of the Internet came from hacked and vulnerable IoT devices such as DVRs, security cameras, and smart home appliances. This DDoS was the biggest cyber attack the world has ever seen. Now, in the latest incident, at least five Russian banks have been subject to a swathe of DDoS attacks for two days, said the Russian banking regulator. The state-owned Sberbank was one of the five targets of the attacks that began on last Tuesday afternoon and lasted over the next two days. According to Kaspersky Lab, the longest attack last for 12 hours and peaked at 660,000 requests per second came from a botnet of at least 24,000 hacked devices located in 30 countries. Although the culprit appears
Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

Microsoft Patches Windows Zero-Day Flaw Disclosed by Google

Nov 09, 2016
Microsoft was very upset with Google last week when its Threat Analysis Group publically disclosed a critical Windows kernel vulnerability (CVE-2016-7255) that had yet to be patched. The company criticized Google's move , claiming that the disclosure of the vulnerability, which was being exploited in the wild, put its customers "at potential risk." The vulnerability affects all Windows versions from Windows Vista through current versions of Windows 10, and Microsoft was set to issue a fix come this month's Patch Tuesday. So, as part of its monthly Patch Tuesday, Microsoft today patched the security flaw in Windows that was actively being exploited by hackers. According to Microsoft's security bulletin released today, any hacker who tricked victims into running a "specially-crafted application" could successfully exploit the system bug and gain the ability to "install programs; view, change, or delete data; or create new accounts with fu
Microsoft Says Russian Hackers Using Unpatched Windows Bug Disclosed by Google

Microsoft Says Russian Hackers Using Unpatched Windows Bug Disclosed by Google

Nov 02, 2016
Google's Threat Analysis Group publically disclosed on Monday a critical zero-day vulnerability in most versions of Windows just 10 days after privately disclosed both zero days to Microsoft and Adobe. While Adobe rushed an emergency patch for its Flash Player software on October 26, Microsoft had yet to release a fix. Microsoft criticized Google's move, saying that the public disclosure of the vulnerability — which is being exploited in the wild — before the company had time to prepare a fix, puts Windows users at "potential risk." The result? Windows Vista through current versions of Windows 10 is still vulnerable , and now everybody knows about the critical vulnerability. Now, Microsoft said that the company would be releasing a patch for the zero-day flaw on 8th November, as part of its regular round of monthly security updates. Russian Hackers are actively exploiting critical Windows kernel bug Microsoft acknowledged the vulnerability in a blog
Russian Hacker Behind LinkedIn Breach also Charged with Hacking Dropbox and Formspring

Russian Hacker Behind LinkedIn Breach also Charged with Hacking Dropbox and Formspring

Oct 24, 2016
The alleged Russian hacker, who was arrested by the FBI in collaboration with the Czech police, was believed to be the one responsible for massive 2012 data breach at LinkedIn, according to a statement released by LinkedIn. Now, United States authorities have officially indicted Yevgeniy Aleksandrovich Nikulin , 29-years-old Russian national, for hacking not just LinkedIn , but also the online cloud storage platform Dropbox, and now-defunct social-networking company Formspring. Nikulin was arrested in Prague [ Watch Video ] on October 5 by the Czech police after Interpol issued an international arrest warrant. According to an indictment unsealed Friday, Nikulin had hacked three Bay Area technology companies in the spring and summer of 2012, which includes LinkedIn Corp, Dropbox, and Formspring. Nikulin gained access to LinkedIn's network between March 3 and March 4, 2012; Dropbox's network between May 14 and July 25, 2012; and Formspring between June 13 and June 2
Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

Oct 19, 2016
The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn , which affected nearly 117 Million user accounts. Yevgeniy N , 29-year-old Russian hacker was arrested in Prague on October 5 suspected of participating in conducting cyber-attacks against the United States, according to Reuters . Earlier it was suspected that the hacker could be involved in hacking against the  Democratic National Committee  (DNC), or its presidential candidate Hillary Clinton , intended to influence the presidential election. However, the latest statement released by LinkedIn suggests that the arrest was related to a 2012 data breach at the social network that exposed emails and hashed password of nearly 117 Million users. "We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this
Russian Hacker who was wanted by FBI arrested in Prague

Russian Hacker who was wanted by FBI arrested in Prague

Oct 19, 2016
UPDATE — It Turns out that the Russian Hacker arrested by the FBI is responsible for 2012 LinkedIn Data Breach. ( Read latest update here ) Czech police, in cooperation with the FBI, has arrested a Russian citizen in Prague suspected of participating in conducting cyber-attacks against the United States. Czech police announced the arrest on its official website Tuesday evening, without giving any further details about the man and for what he is wanted for. Yevgeniy N , 29-year-old, alleged Russian Hacker, was arrested after Interpol issued a warrant. Police detained the individual at a hotel in the city's center 12 hours after receiving the order. Officials say he was living in the country with his girlfriend and enjoying a lavish lifestyle, driving expensive cars. Neither the Czech police nor the FBI has issued any details on the charges that led to the arrest of the suspect. "Czech police carried out a successful joint operation with the US Federal Bureau of
Russia's Largest Portal HACKED; Nearly 100 Million Plaintext Passwords Leaked

Russia's Largest Portal HACKED; Nearly 100 Million Plaintext Passwords Leaked

Sep 06, 2016
Another data breach from 2012, and this time, it's Russia's biggest internet portal and email provider Rambler.ru . Rambler.ru , also known as Russia's Yahoo, suffered a massive data breach in 2012 in which an unknown hacker or a group of hackers managed to steal nearly 100 Million user accounts, including their unencrypted plaintext passwords. The copy of the hacked database obtained by the breach notification website LeakedSource contained details of 98,167,935 Rambler.ru users that were originally stolen on 17 February 2012, but went unreported. The leaked user records in the database included usernames, email addresses, ICQ numbers (IM chat service), social account details, passwords and some internal data, the data breach indexing site said in a blog post . The data breach was reported by the same hacker using the daykalif@xmpp.jp Jabber ID who handed LeakedSource over 43.5 Million user records from another 2012 hack suffered by the Last.fm music streaming se
Russian Lawmaker's Son Convicted of Stealing 2.9 Million Credit Card Numbers

Russian Lawmaker's Son Convicted of Stealing 2.9 Million Credit Card Numbers

Aug 29, 2016
The son of a prominent Russian lawmaker has been found guilty in the United States of running a hacking scheme that stole and sold 2.9 million US credit card numbers using Point-of-Sale (POS) malware, costing financial institutions more than $169 Million. Roman Seleznev , 32, the son of Russian Parliament member Valery Seleznev, was arrested in 2014 while attempting to board a flight in the Maldives, which sparked an international dispute between American and Russian authorities, who characterized the extradition as a " kidnapping ." Prosecutors introduced evidence from a corrupted laptop seized by the authorities at the time of his arrest.  "I don't know of any case that has allowed such outrageous behavior," said his lawyer, John Henry Browne. Also Read: How to Freeze Credit Report To Protect Yourself Against Identity Theft . According to the Department of Justice, Seleznev, who also went by the moniker ' Track2 ' online, was convicted in
Guccifer 2.0 Leaks Personal Info of Nearly 200 Congressional Democrats

Guccifer 2.0 Leaks Personal Info of Nearly 200 Congressional Democrats

Aug 13, 2016
The hacker, who recently claimed responsibility for the high-profile hack of Democratic National Committee (DNC), has now taken credit for hacking into the Democratic Congressional Campaign Committee (DCCC) as well. To prove his claims, the hacker, going by the moniker Guccifer 2.0, dumped on Friday night a massive amount of personal information belonging to nearly 200 Democratic House members onto his blog . The notorious hacker published several documents that include cell phone numbers, home addresses, official and personal e-mail addresses, names of staffers, and other personal information for the entire roster of Democratic representatives. The data dump also includes several memos from House Minority Leader Nancy Pelosi's personal computer, detailing fundraisers and campaign overviews. "As you see the US presidential elections are becoming a farce, a big political performance where the voters are far from playing the leading role," the hacker wrote in a
Cybersecurity Resources