{"id":37118,"date":"2021-02-27T07:00:33","date_gmt":"2021-02-27T05:00:33","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=37118"},"modified":"2025-08-29T09:53:52","modified_gmt":"2025-08-29T06:53:52","slug":"microsoft-and-evidence-of-russian-hacker-attacks-lastpass-trackers-and-other-cybersecurity-developments","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/microsoft-and-evidence-of-russian-hacker-attacks-lastpass-trackers-and-other-cybersecurity-developments\/","title":{"rendered":"Microsoft and Evidence of Russian Hacker Attacks, LastPass Trackers, and Other Cybersecurity Developments"},"content":{"rendered":"<p><span style=\\\"font-weight: 400;\\\">We have gathered the most important cybersecurity news from the past week.<\/span><\/p>\n<div class=\\\"wp-block-text-wrappers-keypoints article_keypoints\\\">\n<ul class=\\\"wp-block-list\\\">\n<li>Media reports that Russia will study identifying internet users by their phone numbers.<\/li>\n<li>Seven trackers were found in LastPass for Android.<\/li>\n<li>The head of Microsoft said the company has evidence that Russian hackers are behind the cyberattacks on U.S. government agencies.<\/li>\n<\/ul>\n<\/div>\n<p><!--more--><\/p>\n<h3 class=\\\"wp-block-heading\\\"><span style=\\\"font-weight: 400;\\\"><\/span><b>In Russia, authorities may begin identifying internet users by their phone numbers<\/b><span style=\\\"font-weight: 400;\\\">\u00a0<\/span><\/h3>\n<p><span style=\\\"font-weight: 400;\\\">The Central Scientific Research Institute of Communications (TsNIIS) will study the possibility of identifying internet service users using a system mapping phone numbers to domain names.\u00a0<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">According to <a href=\\\"https:\/\/www.kommersant.ru\/doc\/4704028?from=four_business\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\"><span style=\\\"font-weight: 400;\\\">\u00ab\u042a\u00bb<\/span><\/a><span style=\\\"font-weight: 400;\\\"> citing procurement-site documentation, around 33 million rubles are planned to be spent.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\"><b>Microsoft says it has evidence of Russia&#8217;s involvement in the attack on U.S. government systems<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">During testimony before the U.S. Senate Intelligence Committee, Microsoft head Brad Smith <a href=\\\"https:\/\/www.youtube.com\/watch?v=IPozXgMqMag\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\"><span style=\\\"font-weight: 400;\\\">stated<\/span><\/a><span style=\\\"font-weight: 400;\\\"> that the company has strong evidence of Russia&#8217;s involvement in cyberattacks affecting multiple U.S. government agencies.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">He added that Microsoft specialists found no signs indicating involvement by anyone else.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">Also, White House national security adviser Jake Sullivan <a href=\\\"https:\/\/www.cbsnews.com\/news\/transcript-jake-sullivan-on-face-the-nation-february-21-2021\/\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\"><span style=\\\"font-weight: 400;\\\">said<\/span><\/a><span style=\\\"font-weight: 400;\\\"> that the United States will prepare a response to Russia for these cyberattacks. According to him, the response will include not only sanctions but also \u201cvisible and invisible tools.\u201d<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">The large-scale attack first came to light in December 2020.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\"><b>Part of Clubhouse conversations were broadcast to a third-party site<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">An unknown user managed to bypass the security settings of the popular Clubhouse app and streamed some conversations from closed \u201crooms\u201d to a third-party site, reports <a href=\\\"https:\/\/www.bloomberg.com\/news\/articles\/2021-02-22\/clubhouse-chats-are-breached-raising-concerns-over-security\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\"><span style=\\\"font-weight: 400;\\\">Bloomberg<\/span><\/a><span style=\\\"font-weight: 400;\\\">.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">The company said it has already blocked the user and introduced additional security measures. Nevertheless, experts noted that the app cannot fully guarantee data confidentiality.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\"><b>In Ukraine, a cyberattack on the state document-management system is linked to Russian hackers<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">The National Cybersecurity Coordination Center under the Ukrainian National Security and Defense Council recorded attempts to distribute malware via the government document-interaction system. The attack is linked to Russian hackers.<\/span><\/p>\n<blockquote class=\\\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">The <a href=\\\"https:\/\/twitter.com\/ncsccUA?ref_src=twsrc%5Etfw\\\">@ncsccUA<\/a> warns of a cyberattack on the document management system of state bodies. The attack belongs to the so-called supply chain attacks. Methods and means of carrying out this cyberattack allow to connect it with one of Russia\u2019s hacker spy groups.<a href=\\\"https:\/\/t.co\/ICgYxuuflH\\\">https:\/\/t.co\/ICgYxuuflH<\/a><\/p>\n<p>\u2014 NSDC of Ukraine (@NSDC_ua) <a href=\\\"https:\/\/twitter.com\/NSDC_ua\/status\/1364484306329079808?ref_src=twsrc%5Etfw\\\">February 24, 2021<\/a><\/p>\n<\/blockquote>\n<p><script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>The aim of the attack was to infect Ukrainian government information resources and gain remote access to devices.<\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u201cThe methods and means of implementing this cyberattack allow tying it to one of Russia&#8217;s hacker espionage groups,\u201d said the statement.<\/p>\n<\/blockquote>\n<h2 class=\\\"wp-block-heading\\\"><b>Seven trackers found in LastPass for Android<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">Security researcher Mike Kuketz discovered seven trackers in the LastPass Android app and recommended users drop the service.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">The company said the trackers do not transmit actual passwords or user names, and the latter can be opted out at any time.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">Nevertheless, Kuketz noted that the mere presence of trackers is a bad sign for a security-critical app handling confidential data.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\"><b>Trend Micro: the number of cyber threats detected by the company in 2020 exceeded 62.6 billion<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">Last year, Trend Micro researchers detected 119,000 cyber threats per minute, ForkLog representatives said.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">One of hackers&#8217; main targets last year was remote workers and network infrastructure.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">There was a 34% rise in new ransomware families used in \u201cdouble extortion\u201d attacks \u2014 when hackers first steal data and demand a ransom to avoid publishing it, then encrypt it.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">The total number of cyber threats detected and blocked by Trend Micro grew by 20% in 2020 and exceeded 62.6 billion.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\"><b>Australian authorities reached an agreement with Facebook after blocking news on the social network<\/b><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">After Facebook <a href=\"https:\/\/u1f987.com\/en\/news\/attack-on-a-crypto-exchange-yandex-data-leak-and-other-cybersecurity-developments\">left Australian users without news<\/a>, and also stopped showing Australian media posts to users in other countries in protest against the proposed news law, the companies and local authorities managed to reach a settlement.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">According to the agreements, the bill was amended. Among other things, tech giants like Google or Facebook received more time to negotiate with Australian media companies about the remuneration for hosting their content on platforms. If talks fail, the government will set the remuneration amount.<\/span><\/p>\n<p><span style=\\\"font-weight: 400;\\\">As a result, this week the law <a href=\\\"https:\/\/www.reuters.com\/article\/us-australia-media\/australian-media-reforms-pass-parliament-after-last-ditch-changes-idUSKBN2AO2ZL\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\"><span style=\\\"font-weight: 400;\\\">passed<\/span><\/a><span style=\\\"font-weight: 400;\\\">.<\/span><\/p>\n<h2 class=\\\"wp-block-heading\\\">Tor released an update to boost security<\/h2>\n<p>Tor Project released OnionShare 2.3, aimed at improving secure and anonymous file transfer.<\/p>\n<p><span style=\\\"font-weight: 400;\\\">Also on ForkLog:<\/span><\/p>\n<ul class=\\\"wp-block-list\\\">\n<li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Moscow authorities will establish a new <a href=\"https:\/\/u1f987.com\/en\/news\/moscow-to-install-facial-recognition-cameras-on-metro-screens\">system for tracking citizens in the metro<\/a>.<\/span><\/li>\n<li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">An Ukrainian court ordered access to ForkLog, the GitHub subdomain and LiveJournal to be blocked. Later, the criminal case that formed the basis for the court decision was <a href=\"https:\/\/u1f987.com\/en\/news\/ukrainian-court-orders-blocking-access-to-forklog-a-github-subdomain-and-livejournal\">closed<\/a>.<\/span><\/li>\n<li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">A hacker put up for sale <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-lists-purported-trezor-user-database-developers-suspect-it-is-fake\">an alleged Trezor user database<\/a>. The developers suspected it was fake.<\/span><\/li>\n<li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">The attacker <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-demanded-bitcoins-to-decrypt-a-companys-files-in-zarechny\">demanded bitcoins<\/a> to decrypt files of an enterprise in Zarechny.<\/span><\/li>\n<li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">The media reported that hackers <a href=\"https:\/\/u1f987.com\/en\/news\/media-hackers-withdraw-45000-in-crypto-assets-from-non-operational-cryptopia-exchange\">withdrew crypto assets worth $45,000<\/a> from the non-operational Cryptopia exchange.<\/span><\/li>\n<\/ul>\n<h2 class=\\\"wp-block-heading\\\"><strong>What to read this weekend?<\/strong><\/h2>\n<p><span style=\\\"font-weight: 400;\\\">A ForkLog exclusive examines how Russian authorities deploy a CCTV camera system and what it means.<\/span><\/p>\n<p>Subscribe to ForkLog news on Telegram: <a href=\\\"https:\/\/t.me\/forklogfeed\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener\\\">ForkLog Feed<\/a> \u2014 all the news, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener\\\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have gathered the most important cybersecurity news from the past week.<\/p>\n","protected":false},"author":1,"featured_media":37119,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-37118","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/37118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=37118"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/37118\/revisions"}],"predecessor-version":[{"id":37120,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/37118\/revisions\/37120"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/37119"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=37118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=37118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=37118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}