On Tuesday, the American company Hold Security reported that the Russian hacking group, codenamed “CyberVar”, has stolen the logins and passwords of over a billion accounts. The stolen information is tied to 500 million e-mail addresses.
Hackers broke into databases of 420 thousand sites and FTP-servers. Hold Security called it the biggest hacking in history. Slon made a selection of several other famous Web hacks.
Mitnick and the Pentagon. 1983 year. Young Kevin Mitnick , before discovering the Pentagon site, for several years hacked telephone networks. As a student, from a computer TRS-80, Mitnik penetrated the global network of ARPANet, the forerunner of the Internet, and reached the servers of the US Department of Defense through the computer of Los Angeles University. The hacking was fixed, the young cyber criminals were quickly found, and in the end he left half a year in the correctional center for youth. In the mid-nineties, the hacker was accused of a number of episodes in causing damage to $ 80 million and was imprisoned for several years. After the conclusion, the pioneer of cyberterrorism corrected himself and now plays for a strong team.
Levin and Citibank. 1994 year. This robbery was the first in the chain of confrontation between Russian hackers and Citibank. In the mid-1990s, St. Petersburg’s Vladimir Levin penetrated the domestic network of an American bank, breaking an analog modem connection, and managed to transfer $ 10.7 million to accounts in the US, Finland, Germany, Israel and the Netherlands. Almost all transfers were blocked (they did not find about $ 400 thousand), and the accomplices gave out the Russian. Levin was arrested in March 1995 in London, and three years later sentenced to three years in prison. In 2005, the website “Independent Review of Providers” publishedinformation according to which a group of Russian hackers initially accessed Citibank systems, after which one of them sold Levin’s method for $ 100.
James and NASA. 1999 year. Fifteen-year-old Jonathan James was the first to reveal the system of the US National Space Agency. He managed to gain access by hacking into the password of a server belonging to another government agency, after which James stole several important files from NASA, including the source code of the international orbital station. NASA estimated the damage of $ 1.7 million. Because of the young age, James was able to escape theprison. In 2008, James was questioned on the case of a large-scale hacking company TJX, and then shot himself : in a suicide note, he said that he does it because he is innocent, but does not believe in justice. Many were confident that this was the work of the Secret Service.
Chelyabinsk hackers and PayPal. year 2000. Twenty-six-year-old Vasily Gorshkov and his twenty-year-old friend Alexei Ivanov were arrested by the FBI in November 2000 in Seattle. They were accused of illegally entering corporate computer networks PayPal, Western Union, and American bank Nara Bank. From home computers in Chelyabinsk, cybercriminals stole 16,000 credit card numbers, which caused damage of $ 25 million. To lure criminals to its territory, the FBI organized a shell company. This caused a small international scandal, Chelyabinsk FSB led the case to colleagues from the United States. As a result, Ivanov received four years in prison, Gorshkov – three, but with the obligation to pay $ 700 thousand compensation.
The source code for Windows. 2004 year. On February 12, 2004, Microsoft announced the theft of the source code for the Windows 2000 operating system. It was stolen 600 million bytes of data, 31,000 files and 13.5 million lines of code. Information leakage also affected Windows NT4. First, the corporation said that the code was stolen through the partnership company Mainsoft, but later it turned out that the data was stolen directly from the Microsoft network.The stolen data was posted on the network. This did not lead to serious losses, since Microsoft had already abandoned the development of this version of the OS by that time, but neither the company nor the FBI were able to find intruders, which caused the IT giant serious reputation losses.
Valdir Paulo de Almeida and funds. 2005 year. The team of the most famous Internet spammer Valdir Paulo de Almeida at the time of his arrest by the Brazilian authorities sent out three million phishing emails a day. According to various estimates, he managed to steal up to $ 37 million from bank cards. The theft of money was made with the help of “Trojans” that penetrated the devices of online banking users from malicious mailings. There was a group of 18 people. From the actions of swindlers, not only ordinary people were injured, but also several foreign funds.
Alberto Gonzalez and TJX. year 2009. An American of Cuban descent, Alberto Gonzalez, in 2009, organized attacks on the Heartland Payment System, resulting in the theft of tens of millions of credit cards. In the same year, Gonzalez was caught, and he confirmed that he broke the networks of several large retail chains, including TJX Cos, Bj’S Wholesale Club and Barnes & Noble. To resell the data, the hacker organized the ShadowCrew group. During the process, I concluded a deal with the investigation and pleaded guilty. In March 2010, he was sentenced to 20 years’ imprisonment. The court took into account the remorse of the hacker, as well as the voluntary issuance of the stolen million dollars, which was buried in the garden of the young man’s parents, although he earned at least 10 million stolen data.
Smilian and others against Western corporations. year 2013. In July 2013, US authorities charged the fraud and hacking of computer networks to five Russian citizens and a resident of Ukraine. According to the investigation, it is about “one of the biggest cyber crimes in history”. The defendants managed to crack the security systems of the electronic exchange NASDAQ, the largest trading networks and leading banks in Europe and the United States. As a result, 160 million credit cards were stolen and funds were withdrawn from 800,000 bank accounts around the world. Before the court in Newark appeared only Muscovite Dmitry Smilyanets, he was arrested at the request of the FBI in the Netherlands. Nikolai Nasenkov, Roman Kotov, Alexander Kalinin and Ukrainian citizen Mikhail Rytikov are on the wanted list. For seven years, hackers have infiltrated data from more than ten US and international corporations, inflicting damage of hundreds of millions of dollars. In particular, such big operators as the NASDAQ exchange, Heartland Payment Systems Inc. suffered from hackers. and Carrefour SA, as well as the Belgian bank Dexia Bank Belgium. By the way, the names of Russians, according to some reports, was called Alberto Gonzalez.
Stuxnet and Iran’s nuclear program. 2010 year. The Stuxnet computer worm successfully attacked and partially disabled Iran’s nuclear system. According to Iranian data, in the autumn the virus blocked the work of the fifth part of Iranian centrifuges, while copying the recording of video surveillance systems and scrolling it during the operation, so that the security service did not suspect anything. Since the attack was successful, there was a suggestion that this is a development of Israeli special services, which helped the US. Experts at Kaspersky Lab saw it as a “prototype of cyber weapons, the creation of which will entail a new arms race.”
Anonymous, the United States, Israel and Russia, 2012-2014. In January 2012 the MegaUpload site was closed. In protest, Anonymous conducted thelargest in the history of DDoS-attack using LOIC. For several hours, the FBI, the White House, the Justice Ministry, the Universal Music Group, the American Recording Industry Association, the American Film Companies Association, the American Copyright Office were put out of action. In April 2013, Anonymous attacked more than 100,000 Israeli sites. The hackers themselves estimated the total damage from the attack at $ 3 billion. The action was a response to the “Cloud Pillar” operation, which took place in November 2012. Also hacktivists during the Ukrainian crisis in March subjected a powerful attack to government websites of the Russian Federation and websites of Russian media.
The microblogging of Russian Prime Minister Dmitry Medvedev on Twitter on Thursday was subjected to a hacker attack: unknown criminals hacked the account of the head of government and posted several entries on his behalf, including a resignation letter. More details about cyberattacks and hacking in the world in 2000-2014 can be found in the RIA Novosti reference.
On August 14, the government press service reported that the microblogging of Russian Prime Minister Dmitry Medvedev on Twitter was hacked, the latest reports in it are untrue. In particular, the microblogging said that Medvedev decided to resign.All the messages that were published in the microblogging of Russian Prime Minister Dmitry Medvedev on Twitter after the hacking were removed after half an hour.
On July 29 it became known that a powerful DDoS attack was committed on the site of Ukrainian President Petro Poroshenko. Hackers from the Cyberberkut group, created after the dispersal of the Ukrainian special forces of the Berkut Interior Ministry, reported on their portal that the blocking of the website of Ukrainian President Poroshenko, “carrying out the genocide of his own people”, is their work. They thanked for the cooperation of the specialists of the Ukrainian State Service for Special Communication and Information Protection, with whom they plan to “closely cooperate in the near future.” The site of the President of Ukraine did not work almost the whole day.
On July 10, the New York Times quoted senior US officials as saying that Chinese hackers in March launched a major attack on the US Department of Personnel Storage repositories and seized information about federal employees who applied to state structures for providing classified information. As soon as the corresponding services discovered a hack, the access to the files was closed. It remains unknown what information and in what quantity hackers could get.
On November 8, the media reported that hackers hacked websites of the president and head of the Singapore government. The attack occurred after the Singapore authorities announced that they plan to take action against the hacker group Anonymous. On one of the pages of the site of the President of Singapore, Tony Tana, the hackers posted an image of a woman showing the middle finger and an obscene inscription. On the page of Prime Minister Li Xianlong members of the hacker group Anonymous indicated their involvement in the attack. On the site there were inscriptions, accompanied by curses.
October 28, Time magazine reported that hackers were able to crack the links in US President Barack Obama’s accounts in social networks Facebook and Twitter, but they could not control account records. The representative of the NGO Organizing for Action, which controls Obama’s accounts, explained that it was a hacking of the short-link generator that they added to the records-they clicked on the links of users and redirected them to the site of the so-called “Syrian electronic army”.
On September 20, the media reported that unknown hackers “hacked” the computer network in the office of Prime Minister of Belgium Elio di Rupo.
The day before it became known about the “hacking” of computer infrastructure in the Belgian Foreign Ministry. According to the report of the Belgian special services, traces of “pirates” lead to China.
On August 7, non-main accounts of RIA Novosti – the International Multimedia Press Center and RIA Novosti Deutsch were hacked. Hackers posted false accounts in the accounts of the death of Soviet President Mikhail Gorbachev. Both fake tweets hung for no more than five minutes and were deleted.
RIA Novosti is not the first time an object of attacks by intruders. In May 2013, the agency underwent the largest DDoS attack, which was repeated in July.
July 29, hackers from the international group Anonymous hacked the website of the President of Peru and a number of government agencies. The pages of the departments left questions that hackers addressed to the authorities on the days of the celebrated 192nd anniversary of the independence of the South American country.
July 26, a massive cyber attack was carried out on a number of sites related to the authorities of Venezuela. Hackers broke into the websites of the army of Venezuela, the Air Force, the National Guard – a total of 12 websites of government agencies.Also, the site of the Venezuelan exchange was hacked. The responsibility for this was taken over by hackers Anonymous Venezuela and Venezuelan Hackers.
In June, the FBI and Microsoft conducted a joint operation, which resulted in the suppression of the activities of about a thousand botnets included in the viral network. Using the Citadel software complex (“Citadel”), cybercriminals “infected” users’ computers, accessed all personal data, including bank accounts. In total, over the past year and a half, hackers have stolen about $ 500 million.
On April 23, an account was compromised on the Twitter micro-blog site of the Associated Press news agency. A false report was posted on the social network stating that there were two explosions in the White House, as a result of which US President Barack Obama was wounded. Later, the spokesman for the administration of the American president, Jay Carney, denied this information, saying that the US president is “OK”.
April 14 microblogging presidential candidate Nicholas Maduro on Twitter was hacked by unknown hackers, most likely from neighboring Peru. Attack on the microblogging Maduro occurred a few hours before the closure of polling stations in the country that elects the president. In the microblogging Maduro, there were messages written allegedly on his behalf and reporting on the upcoming fraud of voters during the election. Cyberattack also affected a number of other sites related to the government of Venezuela.
In March , a DDoS attack was conducted, named by experts of one of the largest for today. It has led to a slowdown in the work of the Internet in several European countries. The main victim of hackers was the site of the non-profit organization Spamhaus, which fights against spammers.
On December 21, hackers withdrew $ 4,500,000 in 4,500 ATMs, gaining access to the Indian operator of prepaid Visa and MasterCard cards, raising the cash withdrawal limit in the UAE bank and transcoding magnetic cards in 20 countries around the world. Two months later, on February 19, 2013, the catch of cyber-robbers amounted to $ 40 million for 36,000 transactions. The second operation was conducted after the hacking of a prepaid card operator based in the US, and the hacker’s withdrawal limit was raised in the bank of Oman.
On the night of November 28, hackers attacked one of the servers of the International Atomic Energy Agency (IAEA) and posted on their website e-mail addresses of one hundred employees of the organization. Responsibility for the incident was assumed by the organization Parastoo, whose name is a popular female name in Iran, and in translation from Farsi means “swallow”. The hackers called on the agency employees whose contact details were stolen to sign a petition demanding an “open investigation” of Israel’s nuclear activities.
On June 12, a number of Russian media outlets announced a DDoS attack on their Internet resources. The sites of Novaya Gazeta, Slon.ru, Ekho Moskvy radio station and Dozhd television channel were attacked on June 12 by one botnet consisting of 133 thousand infected computers. The attack power was up to 800 Mbit / s. The smallest blow fell on slon.ru: 450 Mbit / s in peak. On the sites of the TV channel “Rain” and the radio station Ekho Moskvy, an attack with a capacity of about 2 Gbit / s was conducted.
The same messages came from several Russian media in early May this year, including from the agency RIA Novosti, whose website on May 10 was subjected to a massive DDos attack.
May 22, it became known that cybercriminals got unauthorized access to the site of the US Department of Justice. According to the representative of the ministry, hackers got access to the server, which collected data on all crimes committed in the US and, in particular, in the computer field. Responsibility for the attack was assumed by the hacker group Anonymous.
In May, experts from Kaspersky Lab’s anti-virus company jointly with the International Telecommunication Union announced the discovery of a complex malicious program called Flame. According to experts, the main target of the attack was Iran. According to the Washington Post, behind the development of the detected Flame virus there were reconnaissance structures of the USA and Israel. The virus was aimed at kidnapping industrial drawings from government computers in Iran and a number of other Middle Eastern countries.
In June , Citigroup Inc, a banking group, reported 360,000 victims of a hacker attack on a database of bank cardholders in North America. The data concerning the account numbers of the main cardholders, their names and surnames, contact information were stolen.
In March, hackers broke into the computer network RSA, the division of EMC, having access to information about the technology SecurID, which is used to ensure the security of corporate computer networks. SecurID solutions to protect the information infrastructure are widely used by government and commercial organizations around the world.
Subsequently, in October, a list of companies was published , whose computer networks were probably compromised using the same resources as when attacking the RSA network. This list includes, for example, the largest IT companies (Facebook, eBay, Google, Cisco, Motorola, IBM, Intel), defense firms (Northrop Grumman), financial and research organizations (the European Space Agency).
In November and December, members of the Anonymous group of hackers organized a series of DDoS attacks on the sites of companies and organizations that counteracted the activities of the WikiLeaks resource. Among the attacked were the sites PayPal, Visa and MasterCard.
The sites of the groupings, which later merged with hackers from the LulzSec group, also became the websites of Sony, Nintendo, PBS, the US Senate website, the government sites of Brazil, Mexico, Italy and other resources.
In September, Iran stated that the computer virus Stuxnet hit computers of employees of the nuclear power plant in Bushehr. In late November, Iranian President Mahmoud Ahmadinejad stated that “the enemies of Iran” with the help of a computer program could create “limited” problems in the functioning of centrifuges of the uranium enrichment complex in Natanz.
According to experts , Stuxnet was the first virus to be used as a cyber weapon.
In September , US authorities accused more than 60 people of involvement in a global hacker attack on banks. For the period from May 2009 to September 2010, the criminal network in the US stole at least $ 3 million, the British – at least $ 9.5 million.According to the prosecution, the criminal scheme was based on the use of the Zeus Trojan allegedly developed in Russia.
On December 21, Fox News reported that the Federal Security Service had launched an investigation into tens of millions of dollars in theft of the Citigroup Inc. banking group. According to the American television channel, Russian hackers are suspected of committing a crime.
The attack was committed to a subsidiary of Citigroup Citibank, which includes North American banks that work with individuals, and other companies.
On July 8, South Korean authorities announced a massive cyber attack on the country’s most important government and banking websites. According to the representative of the Korean Information Security Agency, Internet portals of eleven South Korean organizations, including websites of the presidential administration, the Ministry of Defense, parliament, several banks and the popular Internet portal Naver, became unavailable to users on the night of July 7-8. According to the South Korean Communication Commission, the malicious code that caused the DDoS attack infected more than 18,000 personal computers.
On April 21, the Wall Street Journal quoted US government officials as saying that cyber-crooks had infiltrated the Pentagon’s computer system and stole information about the new multi-role fighter of the fifth generation of Joint Strike Fighter, also known as the F-35 Lightning II. Hackers managed to copy several terabytes of data relating to the design and electronic system of the new aircraft. According to experts, this information can be used to develop protection systems against this type of fighter.
American experts noted that cyber attacks originated in China, but it is very difficult to pinpoint this, because it is easy to disguise identification on the Internet.
On April 8, The Wall Street Journal quoted unnamed representatives of the US Department of Homeland Security as saying that hackers from Russia and China attacked computers that monitor the operation of power grids throughout the United States. US intelligence agencies claimed that crackers did not attempt to disrupt the power supply system, but could implement programs that could disrupt the operation of power grids during a crisis or war. In addition to power networks, the result of cyber attacks was the threat of sewerage, water supply and other infrastructures.
On March 30, the Latvian newspaper Chas cited data from an investigation conducted during 10 months by experts in the field of computer crimes, reported that the spy program, which was called GhostNet, was attacked by the Foreign Ministries of Iran, Bangladesh, Latvia, Indonesia, the Philippines , Brunei, Barbados and Bhutan. In addition, according to the publication, traces of “electronic spies” were found in the embassies of Germany, Portugal, India, Pakistan, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand and Taiwan. As noted by the publication, the creators of the program had access to 1295 computers of government agencies and individuals.
At the end of the year, the network detected the Conficker virus. By April 2009, he had already penetrated more than 12 million computers.
Suffered digital systems of ships of the British Navy, as well as the House of Commons of the British Parliament. The virus easily hacks passwords, and then uses infected machines to send spam or as a storage base for stolen information.
In April, hackers launched attacks on the websites of official institutions in Estonia. On April 27, hackers hacked the Internet site of the ruling Reform Party. On the same day, access to the website of the Estonian government was restricted. On April 28, access to the websites of the Estonian president, the parliament of the country and the Estonian Foreign Ministry was blocked for some time. Hacker attacks on the websites of Estonian government agencies began after the country’s authorities decided to begin work on the exhumation and identification of the remains of Soviet soldiers buried near the Monument to the Liberator Warrior.
Representatives of the Estonian government accused Russia and Russian special services of their organization. According to experts, hacker attacks were global and did not come from one country.
August 16, the virus attacked the systems of leading print media, as well as radio and TV companies of the United States. In particular, the Windows-2000 operating system was temporarily disabled in the New York Times and on TV channels ABC and CNN.The hacker also cracked the databases of several banks and made frauds with the accounts, violating the system of transfer of funds. Hundreds of thousands of computers were infected around the world.
May 3 attacked the latest computer virus Sasser, which is distributed using the flawed Windows software, was subjected to Italy. Tens of thousands of personal computers from private users and in various organizations “hung” and disconnected for long hours. Especially great damage was done to the electronic systems of the Italian Railways and the State Post. For some time even the computers of the Ministry of Internal Affairs of Italy failed. For information about the creator of the virus, Microsoft has appointed a premium of $ 250,000.
On January 25-26 the Slammer virus became active, which led to a significant slowdown in the speed of the Internet in Europe and North America. At the same time, some regions – in particular, South Korea – turned out to be completely cut off from the network.
In May , the Internet was registered the appearance of the virus I Love You – one of the most malicious in the history of the Network. According to some estimates, the damage caused to users of personal computers around the world amounted to more than $ 10 billion.
Hacker attacks – 2015
Outgoing 2015 continued a series of high-profile hacker attacks in 2014 and forced to discuss the principles of collective cybersecurity and the use of cyber weapons. Hacking of military departments and the administration of the US president and leakage of correspondence of high-ranking Kremlin officials revealed gaps in the cybersecurity of the largest countries at the state level. The technology department of “Gazety.Ru” remembered computer hacking, which was remembered in 2015.
The year began with the hacking of US military command accounts in social networks by the Cyberhalifat group associated with the terrorist organization Islamic State, whose activities are banned in Russia and other countries of the world. In the very hacking there was nothing complicated, but it had an extremely negative impact on the discussion about the control of special services for users in social networks.
The hacking of the US government’s management and the White House network, which resulted in the leakage of personal data of 4 million US civil servants, and the correspondence of President Barack Obama (later the leakage of correspondence was disproved), showed the vulnerability of even super-secure government networks to the human factor – letters with phishing links , for which employees of agencies went carelessly.
The US was accused of hacking Russian hackers, which could have a negative impact on the already difficult relations between the two countries.
Humpty Dumpty sits on the Kremlin
Grouping “Anonymous International” posted in the network the next batch of documents, which she presented as correspondence from the internal … →
In Russia, similar in meaning was the breaking of the e-mail of Dmitriy Medvedev’s press secretary, Natalia Timakova, by the hacking group Anonymous International, also known as the Humpty Dumpty. As a result of the hacking, letters were written by Timur Prokopenko, deputy head of the presidential administration’s internal policy department, with reports on the results of efforts to counter opposition actions, and 500 messages from the personal correspondence of Prime Minister Dmitry Medvedev were put up for sale. This hacking was the beginning of a discussion about the need to take the Russian segment of the Internet under the control of the authorities.
Computer security professionals identify hacks that can have a significant impact on the protection of users, companies and institutions in the future.
“The main event of the year is the hacking of the Italian cyber group Hacking Team, which develops spyware for orders of special services and law enforcement agencies,” said leading virus analyst ESET Russia Artem Baranov.
The source code for zero-day exploits and other tools for the implementation of cyber-campaigns flowed into the network. The incident was the most large-scale in history in terms of the amount of leakage of confidential information of this kind.
“Another resonant event is a targeted attack on Kaspersky Lab using Duqu 2 malware,” says Baranov.”The attack used zero-day vulnerabilities, which allow to automatically install malicious software with a valid digital signature.”
US cracked antiviruses
Former employee of the NSA Edward Snowden revealed the hacking of popular antiviruses by US and British special services. Their goal was to develop viruses and models … →
Also Baranov notes the placement in the Apple App Store of malicious applications, indistinguishable from legitimate. The hackers managed to make this operation by distributing the Xcode compilation tool on Chinese websites. As a result, software developers for iOS did not suspect that the programs they compiled are supplied with malicious code.
Prior to this cyberattack, the App Store was considered the most secure of all existing application stores.
The head of the analytical center of the company in the field of providing corporate computer security Zecurion Vladimir Ulyanov identifies the next five world burglaries.
Hacking of the company Anthem, one of the largest American insurers. As a result of server hacking, personal data of 80 million people fell into the hands of intruders.
“It’s really a big scale,” Ulyanov says. “Plus, the latest data and the leakage of those very” social security numbers “that are more important for Americans than plastic card numbers.”
In fact, hackers have all the information for the so-called “identity theft”.
In October 2015, hackers gained access to personal data of 15 million T-Mobile subscribers.
“The piquancy of the situation is that the leak occurred through the partner T-Mobile, the company Experian (on its server the information was stored),” says Ulyanov. – Meanwhile, Experian is one of the largest companies that specializes in risk management. And it is often chosen as a monitoring agency to minimize the risks of identity theft in such incidents. ”
CIA directors cracked addicts
The hacking of the personal mail of CIA Director John Brennan led to the publication of six letters containing secret information on WikiLeaks and caused bewilderment … →
In November this year, a group of hackers reported the hacking of the corporate FBI portal, through which agents exchange information from many countries. As a result, hackers received information about the names and whereabouts of more than 9 thousand employees.This is really very sensitive information for the FBI.
Hacking the personnel management of the US was much more serious than originally thought. According to preliminary data, hackers received personal data about 4-5 million employees, but when investigating the incident it was found that the victims are much more – about 18 million people.
Early in the year, a Morgan Stanley employee stole data from 350,000 customers. Here the consequences are shocking. Shares immediately fell by several percent, which is equivalent to a billion-dollar decline in capitalization.
The triad of Russian break-ins, according to Ulyanov, looks like this.
“In Russia, a fresh incident – an ex-employee of” Yandex “tried to sell the source code of the search engine, estimated at several billion rubles. It is important that this is not a hacker attack (from outside), but an insider attack (from the inside), says Ulyanov. –
It’s amazing how easily an employee was able to carry out really confidential information, the basis of the business of such a giant company as Yandex.And it was only by a lucky chance that the incident did not lead to billions (according to the company’s estimates) losses. ”
Another event is the leak of personal data of 300,000 customers of the bank “St. Petersburg”. Ulyanov believes that the incident in the media is surprising for Russia. Usually such things by all truths and crooks tend to be silenced, since there are no direct sanctions for leakage. However, this is still a tangible blow to the reputation.
Hackers put up for sale 10 million Russians
Unknown hackers hacked and abducted a Russian dating site. Data on 20 million users, including about 10 million Russians, are on sale. →
“Russian” three, according to Ulyanov, closes hacking dating service TopFace (this is a domestic project, although popular abroad). The user base (about 20 million people, about half of which are Russian accounts) were found on sale in one of the underground forums. TopFace owners contacted the seller, the base was removed from the sale, and the hacker was paid compensation for the detection of the vulnerability.
In the opinion of Denis Makrushin, Kaspersky Lab’s anti-virus expert, the top break-ins according to the degree of danger are as follows:
The financial targeted threat of Carbanak is an unprecedented cybercrime operation, in which criminals kidnapped a billion US dollars. Cyber-robbery lasted two years and affected about 100 financial organizations around the world (the investigation was completed in 2015. – “Gazeta.Ru”). Experts believe that this high-profile incident is an international group of cybercriminals from Russia, Ukraine, a number of other European countries, as well as China.
“This robbery marks a new stage,” says Makrushin.”Now, cybercriminals can steal money directly from banks, not from users.”
As experts found out, the largest sums of money were stolen during the invasion of the banking network: for each such raid, cybercriminals stole up to $ 10 million. On average, the robbery of one bank from infecting the first computer in the corporate network to stealing money and folding activities took from hackers from two to four months.
How Russian and Ukrainian hackers stole a billion
A group of hackers from Russia and Ukraine stole about a billion rubles. Among the victims were banks and financial institutions in Russia and around the world. →
Another dangerous grouping – Equation – has been interacting with other influential groups for many years, such as Stuxnet and Flame.
“Attacks Equation at the moment, perhaps the most sophisticated of all known incidents,” – said Makrushin.
One of the modules of malicious software allows you to change the firmware of hard disks. Since 2001, the Equation group has managed to infect computers of thousands of victims in Iran, Russia, Syria, Afghanistan, the United States and other countries. The victims’ activities are governmental and diplomatic institutions, telecommunications, aerospace, energy and others.
Hacking the dating site Ashley Madison, according to Makrushin, was quite non-trivial: hackers declared war on a large company, and in this war they were able to win.
“As a result of hacking, there were a lot of details about the site’s audience,” the expert says.”Information was published about almost every registered user, and this entailed a wave of blackmail from other cybercriminals who demanded a ransom for not disclosing information to spouses.”
Vladimir Ulyanov agrees that the hacking is interesting even not because more than 30 million users flowed into the network, including personal correspondence, but by the fact that among the compromised there were addresses of high-ranking sources, and the service took money for removing accounts and history and, like it turned out, did not delete anything.
Closes the top remote car breaking.
What else hackers can crack?
Hacker attacks on services and sites today no one surprises. However, with the development of technology, attackers can hack even the most … →
“What was so afraid of before, finally became a harsh reality: the car’s on-board systems were hacked, with the brakes, transmission, steering and dash functions being” edited “from the other end of the country via Wi-Fi,” says Makrushin.
As two hard-hitting automotive hackers Charlie Miller and Chris Valasek demonstrated, Chrysler’s on-board information and entertainment system Jeep Cherokee is not isolated from the critical functions of the dashboard, allowing attackers to gain control over them.
“This is a kind of elementary error that shows how the venerable automaker, apparently, has well saved on the very basics of information security,” the expert said.
Spies crack Sims
Edward Snowden spoke about the largest hacking of networks of mobile operators around the world in the history of mobile communications. The documents submitted to them … →
Add to this list, according to the editors, can be the largest data leak from the Netherlands company Gemalto, the manufacturer of SIM-cards for the largest mobile operators, information about which in February 2015 disclosed a former employee of the NSA Edward Snowden. As a result of the leak, a large number of SIM cards were compromised, which allows US and British special services to monitor, listen to telephone conversations, intercept text messages and mobile Internet traffic. The company itself has refuted the leak.Nevertheless, the method described by Snowden, which consists in the routine monitoring of the correspondence of relevant employees, sending sensitive information in clear form simply in letters, allows you to obtain data about SIM cards even without a serious hacking.