Cybersecurity Weekly: Carding gang busted, Tupperware suffers cyberattack, Linksys under fire

March 30, 2020 by Sam Fay

Government officials shut down a huge credit card fraud ring. A cyberattack harvests card details from Tupperware customers. Linksys routers see more frequent cyberattacks as more employees work from home. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. Russians shut down huge card fraud ring

Federal investigators in Russia charged over 25 people accused of operating a sprawling international credit card theft ring. The raid included the charging of a major carding kingpin. He is thought to be tied to dozens of carding shops and some of the bigger data breaches targeting western retailers over the past decade.
Read more »


2. Tupperware cyberattack stores away customer payment cards

Cybercriminals hacked the official website of Tupperware and injected a payment card skimmer into its checkout page to steal the credit card details of online customers. Security researchers first identified the skimmer on March 20, but there’s no indication of how long the site was compromised before that.
Read more »


3. Brute-force attack aims at Linksys routers as more people work remotely

A cybercrime group is scanning the internet for vulnerable Linksys routers. This is the first stage of an attack that ultimately aims to fool users into downloading and installing malware. After compromising the router, the attacker directs the victim to a page that uses the fear of the coronavirus pandemic to install the malicious program.
Read more »


4. Emerging APT mounts mass iPhone surveillance campaign

A new mass-targeted watering-hole campaign is aiming at iPhone users in Hong Kong, infecting website visitors with custom surveillance malware. That malicious software contains exploits for known and patched Apple iOS vulnerabilities, and has an endgame of installing proprietary backdoor spyware.
Read more »


5. Hackers exploit Zoom’s overnight success to spread malware

Cybercriminals are taking advantage of the spike in Zoom video conferencing usage by registering new fake Zoom domains and malicious executable files in an attempt to trick people into downloading malware on their devices. Researchers found over 1,700 newly registered Zoom domains since the onset of the pandemic.
Read more »


6. Maze ransomware group claims Chubb as victim

This week, insurance firm Chubb reportedly found itself a victim of the Maze ransomware, which encrypted the company’s files. The hacker group put a notice on its news site claiming that it encrypted the insurance company’s network. Chubb has not yet announced whether or not it plans to pay the ransom.
Read more »


7. TrickBot mobile app bypasses 2FA for banking services

The malware group behind TrickBot banking trojan developed a new Android app that can intercept one-time authorization codes sent to Internet banking customers via SMS to complete fraudulent transactions. The app is currently targeting German users whose desktops have been previously infected with the TrickBot malware.
Read more »


8. Hackers attack pharma, manufacturing companies in Europe

Russian malware was used in attacks in late January against at least two European companies in the pharmaceutical and manufacturing industries. Based on the tools employed in the attacks, the suspects are likely the Silence and TA505 financially-motivated groups. Both groups used new IP addresses in their attacks to mask their identities.
Read more »


9. Ryuk ransomware keeps targeting hospitals during the pandemic

Unlike some other ransomware operators, such as Maze and DoppelPaymer, Ryuk ransomware operators continue to target hospitals even as these organizations are overwhelmed during the COVID-19 pandemic. Last week, a U.S. health care provider was attacked and encrypted overnight by Ryuk.
Read more »


10. BadUSB attack detected in the wild against U.S. hospitality provider

A U.S. hospitality provider has recently been the target of an incredibly rare BadUSB attack. The attack happened after the company received an envelope containing a fake Best Buy gift card, along with a USB thumb drive. The victim was told to plug the USB thumb drive into a computer to access a list of items the gift card could be used for.
Read more »

Posted: March 30, 2020
Sam Fay
View Profile