- \n
- The head of F.A.C.C.T.’s department was detained in Kazakhstan at the request of the United States and was arrested in absentia in Russia.<\/li>\n
- The LockBit ransomware operators demanded $70 million from semiconductor maker TSMC.<\/li>\n
- In Australia, an inmate ran a Bitcoin scheme worth $2 million.<\/li>\n
- The FBI seized several BreachForums-linked domains.<\/li>\n<\/ul>\n<\/div>\n
The head of F.A.C.C.T.’s department detained in Kazakhstan at the request of the United States and arrested in absentia in Russia<\/strong><\/h2>\n
On June 22, Kazakh authorities detained F.A.C.C.T.’s department head Nikita Kislytsin at the request of the United States; his colleagues said. stated<\/a> by his colleagues.<\/p>\n
Kislytsin will be held in custody during the period of examining grounds for extradition to the United States.<\/p>\n
The charges against him became known in 2020. At that time the U.S. Department of Justice unsealed<\/a> a 2014 indictment outlining the alleged involvement of the Russian national in conspiring to sell login credentials stolen from the Formspring forum in 2012 (before he joined Group-IB).<\/p>\n
Separately on June 28, the Tverskoy Court of Moscow authorized<\/a> Kislytsin’s arrest in absentia in a case of illegal access to protected computer information. He was declared on the federal wanted list and intends to to seek extradition<\/a> to his homeland.<\/p>\n
Representatives of F.A.C.C.T. said that the charges against Kislytsin have no relation to the company itself and relate to his period as a journalist and cybersecurity researcher. They are sure there were no lawful grounds for detaining their colleague.<\/p>\n
LockBit ransomware operators demanded $70 million from semiconductor maker TSMC<\/strong><\/h2>\n
The operators of the LockBit ransomware claimed a successful breach of the world’s largest semiconductor maker, TSMC, and demanded a $70 million ransom. The company, however, denied the leak, according to Bleeping Computer<\/a>.<\/p>\n
According to the initially published screenshots, the attackers gained access to a substantial amount of email addresses and credentials allegedly belonging to TSMC for various internal systems. Later this information was removed, and instead a ransom note appeared.<\/p>\n
![\"lockbit2\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/lockbit2.webp\")
Data: LockBit leak site.<\/figcaption><\/figure>\n As explained by a TSMC spokesperson, hackers breached one of their IT equipment suppliers, Kinmax Technology. As a result, information relating to system installation and server configuration was leaked. The company later also confirmed the incident.<\/p>\n
The attack did not affect TSMC’s business operations or the security of customer data.<\/p>\n
The investigation is ongoing with law enforcement involvement. During the proceedings, the semiconductor maker halted operations with the affected supplier.<\/p>\n
In Australia, an inmate carried out a Bitcoin scheme worth $2 million<\/strong><\/h2>\n
Ishan Sinar Sappidin, an inmate in Australia serving a 12-year sentence for organizing a financial pyramid scheme, persuaded at least six inmates to transfer over $2 million to accounts under his control, under the pretext of investments in Bitcoin, according to the Daily Mail.<\/p>\n
The events occurred between 2020 and 2022. Sappidin claimed to have extensive experience in the cryptocurrency market, allegedly working with Australian billionaire Mike Cannon-Brookes.<\/p>\n
Among the scammer’s victims was the well-known Australian rugby player Jarryd Hayne.<\/p>\n
Because inmates lacked internet access, they turned to third parties outside the prison to transfer funds to the scammer. Despite assurances of substantial profits, the victims never received any payouts.<\/p>\n
Authorities began an investigation into the case, and Sappidin was moved to a higher-security prison.<\/p>\n
The FBI seized several BreachForums-linked domains<\/strong><\/h2>\n
U.S. law enforcement gained control of BreachForums’ backup domain on the clearnet three months after the arrest of its founder and administrator Conor Brian Fitzpatrick, known as Pompompurin. This is reported by Bleeping Computer<\/a>.<\/p>\n
Now the Breached.vc address displays a banner listing the agencies involved in the operation, along with a clenched-arms avatar of Pompompurin.<\/p>\n
![\"2023-06-30-19.13.20\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/2023-06-30-19.13.20-1024x574.jpg\")
Data: Bleeping Computer.<\/figcaption><\/figure>\n Additionally, the pompur[.]in domain, which belonged to Fitzpatrick personally, was confiscated, and the BreachForums site on the dark web now shows a 404 Not Found error.<\/p>\n
DNS servers of all seized domains have been changed to ns1.seizedservers.com and ns2.seizedservers.com, commonly used by authorities in such cases.<\/p>\n
The operation also affected one of the DataBreaches.net news site, which was used to post data leaks \u2014 Breaches.net. Media representatives have already contacted the FBI to challenge the domain seizure.<\/p>\n
\u201cTinkoff\u201d fined 70,000 rubles for data leak<\/strong><\/h2>\n
The Savyolovsky District Court of Moscow fined Tinkoff Bank 70,000 rubles for a data leak. RIA News<\/a> reports.<\/p>\n
The bank itself rejected claims of violations. Representatives said the court decision is connected to a technical error in servicing one of the bank’s clients.<\/p>\n
Experts uncover a new Trojan from the Andariel hackers<\/strong><\/h2>\n
The Andariel subgroup of the Lazarus cybercrime group has begun using a new remote access Trojan, EarlyRat. This was reported by Kaspersky Lab<\/span>.<\/p>\n
\n
Beyond DTrack #malware & Maui #ransomware: #Andariel expands its TTPs?
Log4j appeared to be the source of EarlyRat based on our initial investigations. However, while hunting for more samples, we found #phishing<\/a> docs that dropped #EarlyRat<\/a>.
More details\u2b07\ufe0fhttps:\/\/t.co\/qVLbLway8f<\/a><\/p>\n\u2014 Kaspersky (@kaspersky) June 29, 2023<\/a><\/p><\/blockquote>\n