InfoSec Round-Up Jan 14th
This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
Hackers’ Own Goal
An Indian-linked cyber espionage group known as Patchwork has reportedly exposed its own operation after accidentally infecting themselves with a remote access trojan (RAT).
Having been active since late 2015, the threat actors used the malicious software to harvest confidential information, as well as targeting various political organisations via spear-phishing attacks.
With their own compromise being discovered by Malwarebytes Labs, security researchers were able to gather their own information, monitoring the hackers via keystrokes and screenshots of computers and virtual machines.
Able to establish evidence of successful attacks against Pakistan’s Ministry of Defense, the National Defense University of Islam Abad and the International centre for chemical and biological sciences, Malwarebytes Labs noted, “Thanks to data captured by the threat actor’s own malware, we were able to get a better understanding about who sits behind the keyboard… Patchwork, like some other East Asian Advanced persistent threats (APTs) is not as sophisticated as their Russian and North Korean counterparts.”
Romance Fraud Warning
The UK’s Action Fraud has issued a warning urging people to be on the lookout for online fraudsters after an estimated £92 million was lost to romance fraud in the last year alone.
With 8,863 cases reported between November 2020 and October 2021, representing a 27% increase on the previous year, Action Fraud along with the City of London Police, noted how those beginning relationships around Valentines Day are most susceptible to this kind of scam.
Urging those who are not particularly tech savvy to be vigilant, Temporary Detective Chief Superintendent Matt Bradford, from the City of London Police, explains: “Typically, romance fraudsters will spend weeks gaining their victims’ trust… and initially make no suggestion of any desire to ask for any money, so the victim may believe their new love interest is genuine.”
Adding, “But weeks, or sometimes months later, these criminals will ask for money for a variety of emotive reasons and as the emotional relationship has already been formed, victims often transfer money without a second thought.”
Spear Phishing Attack Hits Russian Gov
Hackers thought to be associated with the North Korean government have affected members of Russia’s Ministry of Foreign Affairs (MID) as well as several of the country’s diplomates operating in different regions.
Researchers found that a spear phishing campaign, launched in December of last year, targeted diplomates via a remote access trojan (RAT) disguised as a New Year theme screensaver sent from fellow Russian offices in Serbia.
Thought to be perpetrated by the threat actors known as ‘Konni’, researchers at Lumen Technologies’ Black Lotus Labs, who have analysed the attack, urged caution regarding phishing attacks whilst noting on the incident, “While this particular campaign was highly targeted, it is vital for defenders to understand the evolving capabilities of advanced actors to achieve infection of coveted targets.
Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.
When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.
Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021
How Secure is Microsoft Teams? Information Security blog by Information Security Awareness solution provider Hut Six Security
Best Ways To Ensure Enterprise Data Regulation guest blog by technivorz.com and information security awareness solution Hut Six Security.
Writing a Disaster Recovery Plan: information security planning blog by information security awareness solution provider Hut Six Security.
Security program policies blog by information security awareness training provider Hut Six Security.
Security awareness training for Cyber Essentials blog by information security awareness training provider Hut Six Security.
Information Security Awareness Training in 2021 blog by information security awareness training platform Hut Six Security
What are the best VPNs for work? - VPN review blog by security awareness training provider Hut Six Security.