InfoSec Round-Up Sep 24th

Play Video

Ministry of Defence Breach, REvil Scam & Mobile Security

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

REvil Scams Affiliates

The ransomware-as-a-service operation REvil was reportedly using a secret backdoor function to cut affiliates out of ransomware negotiations with victims, thus securing 100% of funds for themselves.

The now defunct ransomware operation, which launched in early 2019 and vanished in July of 2021, worked on the basis of ‘affiliates’ using the software to breach and encrypt victims’ systems, a ransomware being negotiated, then the proceeds being divided between both the affiliates and the software developers.

Though, according to cyber security researchers, as well as users on criminal forums, REvil had in several instances changed its tactics by cutting out the middleman and conducting its own secret negotiations, unbeknownst to affiliates.

With the ransomware gang believed to have stolen over $100 million in 2020 alone, having claimed victims that include Travelex, Acer, Quanta Computer, and meat processing giant JBS, the phrase ‘no honour amongst thieves’ comes to mind.

Yelisey Boguslavskiy, head of research at Advanced Intel stated on this discovery, “This evidence correlates with the underground’s approach to REvil as a talkative and perpetually lying group that should not be trusted by the community or even by its own members.”

Lithuania Urges Cyber Caution

Following a report by Lithuania’s National Cyber Security Centre, the country’s Defence Ministry has warned consumers they should throw away Chinese made phones over serious security concerns.

Having tested Chinese manufactured 5G devices, the report claims that one Xiaomi phone in question, not only transferred encrypted data to a server in Singapore, but also had built-in censorship tools, discovering more than 449 terms (including “Free Tibet”) that could be censored – capabilities, although not active, could be remotely enabled.

As well as this, it was also found that a certain Huawei device “directs users to third-party e-stores where some of the applications have been assessed by anti-virus programs as malicious or infected with viruses”.

The recommendation that citizens dispose of, and not buy new Chinese phones comes at a time of mounting tensions between Lithuania and China following an incident regarding the legitimacy of Taiwan as a nation independent from mainland China.

With both device manufacturers denying such claims, a representative of Xiaomi has stated “[our] devices do not censor communications to or from its users… Xiaomi has never and will never restrict or block any personal behaviours of our smartphone users.”

MoD Data Breach

The UK’s Ministry of Defence (MoD) has reportedly suffered two separate data breaches that have exposed the details of Afghan citizens.

Both incidents involving the accidental copying in of email recipients, the exposed data included the personal information of over 25 Afghan interpreters who worked for British forces, as well as information relating to 55 Afghans who may have been eligible for UK relocation.

Potentially putting people at risk of reprisals from the newly installed Taliban rule, the mistakes were apparently quickly realised with the MoD sending another message asking recipients to delete the first email only 30 minutes hence.

With the MoD having apologised for the breach, one of the individuals affected stated on the incident, “This mistake could cost the life of interpreters, especially for those who are still in Afghanistan.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.


The importance of an email security policy

Why Organisations Need an Email Security Policy

An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.

Preventing Human Error in Information Security

Human Error in Information Security

When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.

Security Awareness - Return on Investment

Investing in Information Security Awareness Training

Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021

Microsoft Teams Security

How Secure is Microsoft Teams?

How Secure is Microsoft Teams? Information Security blog by Information Security Awareness solution provider Hut Six Security

Enterprise Data Regulation

Best Ways To Ensure Enterprise Data Regulation

Best Ways To Ensure Enterprise Data Regulation guest blog by and information security awareness solution Hut Six Security.

Disaster Recovery Plan

Writing a Disaster Recovery Plan

Writing a Disaster Recovery Plan: information security planning blog by information security awareness solution provider Hut Six Security.

Security Program Policies for 2021

What Policies Do I Need for a Security Program?

Security program policies blog by information security awareness training provider Hut Six Security.

Security Awareness Training for Cyber Essentials

Preparing for Cyber Essentials with Information Security Awareness Training

Security awareness training for Cyber Essentials blog by information security awareness training provider Hut Six Security.

Security Awareness in 2021 - what has changed?

Information Security Awareness Training in 2021

Information Security Awareness Training in 2021 blog by information security awareness training platform Hut Six Security

Virtual Privacy Networks for Businesses

The Five Best VPNs for Work

What are the best VPNs for work? - VPN review blog by security awareness training provider Hut Six Security.

Speak to us about your Cyber Awareness