{"id":56806,"date":"2022-01-29T07:00:00","date_gmt":"2022-01-29T05:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=56806"},"modified":"2025-09-04T08:19:43","modified_gmt":"2025-09-04T05:19:43","slug":"hackers-arrested-in-russia-apple-zero-days-and-other-cybersecurity-news","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/hackers-arrested-in-russia-apple-zero-days-and-other-cybersecurity-news\/","title":{"rendered":"Hackers Arrested in Russia, Apple Zero-days, and Other Cybersecurity News"},"content":{"rendered":"<p>We have gathered the week&#8217;s most important cybersecurity news.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>Apple fixed two zero-day vulnerabilities.<\/li>\n<li>In Russia, members of the hacking group were arrested again\u2014this time The Infraud Organization.<\/li>\n<li>Experts have uncovered a new ransomware, DeadBolt, demanding ransom in Bitcoin.<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"wp-block-heading\"><strong>In Russia, hackers from The Infraud Organization were arrested<\/strong><\/h2>\n<p>Russian law enforcement detained four suspects in connection with the The Infraud Organization hacking group, <a href=\"https:\/\/tass.ru\/proisshestviya\/13497491\">TASS<\/a> reports.<\/p>\n<p>The alleged organizer of the group, Andrey Novak, was remanded for two months, while three others were placed under house arrest.<\/p>\n<p>The operation to locate and detain the hackers was carried out with the support of U.S. law enforcement, where Novak was already wanted on charges of cybercrime.<\/p>\n<p>Some defendants in the case entered into plea agreements and testified against Novak.<\/p>\n<p>In 2020, Russian Sergey Medvedev admitted involvement with The Infraud Organization. The group specialised in trading stolen personal data, compromised credit cards, malware and other illegal activities.<\/p>\n<p>In mid-January the FSB announced <a href=\"https:\/\/u1f987.com\/en\/news\/fsb-says-it-dismantled-the-revil-hacker-group\">the detention of members of the REvil hacker group<\/a>.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Operators of the new DeadBolt ransomware demand 50 BTC for the master key<\/strong><\/h2>\n<p>Experts have discovered a new ransomware, DeadBolt, targeting QNAP devices. The company <a href=\"https:\/\/www.qnap.com\/en\/security-news\/2022\/take-immediate-actions-to-stop-your-nas-from-exposing-to-the-internet-and-update-qts-to-the-latest-available-version-fight-against-ransomware-together\">confirmed<\/a> the attacks.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">New <a href=\"https:\/\/twitter.com\/hashtag\/Ransomware?src=hash&#038;ref_src=twsrc%5Etfw\">#Ransomware<\/a> attack on <a href=\"https:\/\/twitter.com\/QNAP_nas?ref_src=twsrc%5Etfw\">@QNAP_nas<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/Deadbolt?src=hash&#038;ref_src=twsrc%5Etfw\">#Deadbolt<\/a> asking for 0.03 BTC <a href=\"https:\/\/twitter.com\/hashtag\/BTC?src=hash&#038;ref_src=twsrc%5Etfw\">#BTC<\/a> <a href=\"https:\/\/t.co\/IXPqy2Ox29\">pic.twitter.com\/IXPqy2Ox29<\/a><\/p>\n<p>\u2014 Tom Cheney (@cheneydotcom) <a href=\"https:\/\/twitter.com\/cheneydotcom\/status\/1486065172598853635?ref_src=twsrc%5Etfw\">January 25, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p>They demand 0.03 BTC for decrypting data from victims. The DeadBolt operators are also prepared to provide information about the 0-day vulnerability they used for 5 BTC, and for 50 BTC \u2014 additionally hand over the master key to decrypt all victims\u2019 files.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Apple fixes two zero-day vulnerabilities<\/strong><\/h2>\n<p>Apple fixed two zero-day vulnerabilities. One was already used by attackers to compromise iPhone and Mac devices, and information about the second was publicly available, reports <a href=\"https:\/\/www.bleepingcomputer.com\/news\/apple\/apple-fixes-new-zero-day-exploited-to-hack-macos-ios-devices\/\">Bleeping Computer<\/a>.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Kaspersky Lab reveals the price of Russians\u2019 personal data on the darknet<\/strong><\/h2>\n<p>Thirty percent of Russian respondents in a <a href=\"https:\/\/www.kaspersky.ru\/about\/press-releases\/2022_kak-obrashatsya-s-dannymi-v-internete-chtoby-ne-pozhalet-ob-etom-chek-list-laboratorii-kasperskogo\">Kaspersky Lab survey<\/a> shared their personal data, including phone numbers, home addresses or places of work.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u00abPeople often think that they are not of interest to attackers. But that is not quite true: the individual user may not be of interest, but their data certainly is,\u00bb the experts noted.<\/p>\n<\/blockquote>\n<p>According to Kaspersky Lab, in the Russian-language darknet segment a package with a passport scan, a passport selfie, INN and SNILS costs from 300 rubles; a passport scan with INN alone costs about 100 rubles.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Media: Conti ransomware attacked Apple and Tesla contractor<\/strong><\/h2>\n<p>Taiwanese company Delta Electronics, a contractor for Apple, Tesla, HP and Dell, was attacked by hackers using ransomware. The Record reports.<\/p>\n<p>Although the company&#8217;s own statement about the attack did not name the perpetrators, local media citing documents say the responsibility could lie with the Conti ransomware operators.<\/p>\n<p>The attackers reportedly demanded a $15 million ransom from the company.<\/p>\n<p>In 2021 Conti attacked <a href=\"https:\/\/u1f987.com\/en\/news\/nokias-us-subsidiary-sac-wireless-hit-by-conti-ransomware\">the Nokia subsidiary<\/a> in the United States and <a href=\"https:\/\/u1f987.com\/en\/news\/conti-ransomware-operators-stole-graff-client-data-including-trump-and-beckham\">the Graff jewelry firm<\/a>.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Russia records largest botnet attack on retailers<\/strong><\/h2>\n<p>Qrator Labs specialists detected a powerful botnet of a record 160,000 devices, aimed at companies in the retail sector, reports <a href=\"https:\/\/www.kommersant.ru\/doc\/5183610\">Kommersant<\/a>.<\/p>\n<p>The botnet was used not to damage the victims\u2019 infrastructure through DDoS attacks but to harvest internal information.<\/p>\n<p>Also on ForkLog:<\/p>\n<ul class=\"wp-block-list\">\n<li>An OpenSea vulnerability earned the user <a href=\"https:\/\/u1f987.com\/en\/news\/opensea-vulnerability-nets-user-347-eth\">347 ETH<\/a>.<\/li>\n<li>Hackers <a href=\"https:\/\/u1f987.com\/en\/news\/hackers-drain-80-million-from-defi-platform-qubit-finance-pool\">drained<\/a> DeFi platforms of Qubit Finance $80 million.<\/li>\n<li>Roskomsvoboda appealed the Tor blockade in Russia.<\/li>\n<li>Unknown individuals hacked the accounts of crypto bloggers on YouTube.<\/li>\n<li>A darknet publication of Russians\u2019 vaccination QR codes was deemed invalid by Rostelecom.<\/li>\n<li>According to Chainalys\u0456s, in 2021 cybercriminals laundered $8.6 billion in cryptocurrency.<\/li>\n<li>CERT-UA detected a potential link between the attack on Ukrainian sites and the <a href=\"https:\/\/u1f987.com\/en\/news\/chainalysis-in-2021-cybercriminals-laundered-8-6-billion-in-cryptocurrency\">miner from the WEX exchange<\/a>.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><strong>What to read this weekend?<\/strong><\/h2>\n<p>Against the backdrop of several hacker arrests in Russia over the past month, we recall the history of another well-known cybercrime group \u2014 Lurk.<\/p>\n<p>Follow ForkLog&#8217;s bitcoin news on our <a href=\"\/\/telegram.me\/forklog\" target=\"\u201c_blank\u201d\" rel=\"\u201cnofollow\u201d noopener\">Telegram<\/a> \u2014 cryptocurrency news, rates and analytics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have gathered the week&#8217;s most important cybersecurity news.<\/p>\n","protected":false},"author":1,"featured_media":56807,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-56806","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"29","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/56806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=56806"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/56806\/revisions"}],"predecessor-version":[{"id":56808,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/56806\/revisions\/56808"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/56807"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=56806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=56806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=56806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}