- \n
- The founder of Group-IB was sentenced to 14 years in prison.<\/li>\n
- Hacker group SiegedSec claimed to have breached NATO’s portal.<\/li>\n
- Malware that steals cryptocurrency was placed in blockchain games.<\/li>\n
- The BreachForums database was put up for sale.<\/li>\n<\/ul>\n<\/div>\n
Founder of Group-IB sentenced to 14 years in prison<\/strong><\/h2>\n
On 26 July, Ilya Sachkov, founder of Group-IB, the company specialising in preventing cyberattacks, was sentenced to 14 years in a high-security prison for treason. This was reported by BBC<\/a>.<\/p>\n
The case was heard in camera, so it is unclear what exactly is charged. He did not admit his guilt.<\/p>\n
According to some sources, Sachkov about the Russian hackers Fancy Bear<\/a> involved in attacks before the 2016 presidential election. This allegedly helped the United States identify 12 \u201cGRU agents\u201d involved in the attacks.<\/p>\n
The entrepreneur arrested<\/a> in September 2021. Previously he was among cybercrime experts in committees at the State Duma, \u041c\u0418\u0414<\/span> of the Russian Federation, the Council of Europe and \u041e\u0411\u0421\u0415<\/span>.<\/p>\n
Sachkov’s defence intends to appeal the verdict and approach the president of the Russian Federation.<\/p>\n
SiegedSec hackers claim breach of NATO portal<\/strong><\/h2>\n
The hacker group SiegedSec said in its Telegram channel that it breached the COI<\/span> \u2014 a non-classified information-sharing environment for NATO organisations and alliance member states. The incident drew the attention of experts CloudSEK<\/a>.<\/p>\n
![\"Opera-Snimok_2023-07-28_224236_twitter.com_\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/Opera-Snimok_2023-07-28_224236_twitter.com_-842x1024.png\")
Data: X<\/a>.<\/figcaption><\/figure>\n According to their data, the total volume of files purportedly leaked amounts to 845 MB. They contain about 8,000 lines of confidential user information, non-secret documents, and access credentials.<\/p>\n
![\"screenshot_1-138\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/screenshot_1-138.webp\")
Data: SiegedSec Telegram channel.<\/figcaption><\/figure>\n The files include:<\/p>\n
- \n
- full names;<\/li>\n
- the company or division name;<\/li>\n
- information about the workgroup;<\/li>\n
- position;<\/li>\n
- corporate email ID;<\/li>\n
- residential address;<\/li>\n
- photos.<\/li>\n<\/ul>\n
CloudSEK noted that the leak could affect 31 countries.<\/p>\n
Representatives of the alliance are investigating the incident. The hackers themselves said the breach was a \u201cretaliatory strike against NATO countries for their attacks on human rights.\u201d<\/p>\n
Malware that steals cryptocurrency embedded in blockchain games<\/strong><\/h2>\n
SentinelOne researchers detected Realst malware in fake blockchain games, designed to steal cryptocurrency from macOS users.<\/p>\n
![\"Opera-Snimok_2023-07-28_232632_twitter.com_\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/Opera-Snimok_2023-07-28_232632_twitter.com_-814x1024.png\")
Data: X<\/a>.<\/figcaption><\/figure>\n In addition, the Rust-based malware can take screenshots, steal saved passwords from browsers, and exfiltrate information from the Telegram messenger.<\/p>\n
The attackers promote counterfeit games on social networks and invite users to test them as part of paid collaborations. Each has its own site, as well as accounts on X (formerly Twitter) and Discord. In total, researchers identified 16 variants and 59 Realst samples.<\/p>\n
![\"olymp\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/olymp.webp\")
Site of one of the fake games. Data: iamdeadlyz.gitbook.io.<\/figcaption><\/figure>\n Hackers send access codes for downloading fake game clients via direct messages, helping to avoid attention from information-security researchers.<\/p>\n
BreachForums database put up for sale<\/strong><\/h2>\n
A user under the nickname breached_db_person is offering on the dark web the BreachForums database of the recently shuttered hacker forum BreachForums for $100,000\u2013150,000. This is reported by Bleeping Computer<\/a>, citing the Have I Been Pwned data breach aggregator.<\/p>\n
A 2 GB dump dated November 29, 2022 contains 212,000 records, including usernames, IP- and email addresses, as well as private messages, hashed passwords and payment transaction information.<\/p>\n
![\"breached-database-structure\"](\"https:\/\/u1f987.com\/wp-content\/uploads\/breached-database-structure-1024x563.webp\")
Data: Bleeping Computer.<\/figcaption><\/figure>\n The forum\u2019s current administrator under the nickname Baphomet confirmed the authenticity of the leak, calling it part of a \u201ccontinuing campaign to destroy the community.\u201d<\/p>\n
U.S. law enforcement closed BreachForums in March 2023. Its founder and administrator Conor Bryan Fitzpatrick, known by the nickname Pompompurin, arrested<\/a>. In late June the FBI gained control over the forum’s backup domain<\/a> on the clear web.<\/p>\n
Russian telecom regulators barred from providing communications services without installing TSPU<\/strong><\/h2>\n