We’ve collected the most important news from the world of cybersecurity over the past week.
- As part of two international operations, law enforcers dismantled the Emotet botnet and successfully disrupted the ransomware NetWalker.
- The Russian admitted to the American authorities that he was the administrator of the Deer darknet marketplace.
- The vast majority of Russian government applications share information with third parties, the researchers said.
Law enforcement officers conducted two international operations to neutralize malware
This week, authorities around the world announced two successful and massive anti-malware operations.
Eight countries in cooperation with Europol eliminated the Emotet botnetconsidered by many to be the most dangerous malware in the world. They managed to take control of the botnet infrastructure.
Law enforcers in the Netherlands reported installing an update with a special code that should remove Emotet from all infected devices on March 25, 2021.
The US Department of Justice spoke about the second major operation. Together with the Bulgarian police, American law enforcement officers managed disrupt the NetWalker ransomware…
As part of the investigation, the authorities also accused a Canadian citizen of using NetWalker and seized $ 454,530 in cryptocurrency.
Research: 88% of government applications in the Russian Federation transfer data to third parties
Experts of ANO “Information Culture” analyzed privacy of Russian state mobile applications. 88% of them have at least one built-in third-party tracker and transfer data to third parties.
Each of the applications studied uses at least one potentially dangerous resolution, the study authors say. These include requesting read and write access to external data storage, access to location, camera, and device information.
A bug in TikTok allowed collecting personal data of users
Check Point Specialists identified vulnerability in the popular TikTok application, thanks to which you can access the phone number, unique ID, photos of users. It also made it possible to hide the profile and manage subscriptions.
The vulnerability threatened users who linked a phone number to their account.
We will remind, last year hackers from Anonymous accused TikTok of mass surveillance of users and the transfer of data to the Chinese authorities.
TikTok accused of mass surveillance of users and transfer of data to Chinese authorities
Media: Signal blocked in Iran
Iranian authorities have launched a fight against privacy-focused messenger Signal, writes Al jazeera…
Since January 14, it has been ordered to be removed from Cafe Bazaar, the Iranian version of Google Play, and another local app store, Myket.
Officially, the authorities say they have not been blocking media or messengers since 2019. Iranian cybersecurity researcher Amir Rashidi noted that Signal has blocked the Telecommunication Infrastructure Company, the only provider of telecommunications infrastructure for all private and public operators in Iran.
Update: @signalapp‘s website was blocked by TIC and the app is blocked on ISP level. https://t.co/pktAWPlRab
– AmiR Rashidi (@Ammir) January 25, 2021
Signal was already blocked in Iran in 2016-2017, but little was said about the blocking, since at that time the messenger did not have a large number of users.
Since the beginning of 2021, the service’s user base has grown rapidly amid massive churn from WhatsApp.
WhatsApp Issues, $ 150 Million for Ryuk Operators and Other Cybersecurity Events
Signal said it would fight censorship as Iranian residents deserve privacy.
Ever since Signal simultaneously hit # 1 on the 🇮🇷 Play Store and # 1 on the 🇮🇷 government’s block list, we’ve been working around 🇮🇷 censorship.
Unable to stop registration, the IR censors are now dropping all Signal traffic.
Iranian people deserve privacy. We haven’t given up.
– Signal (@signalapp) January 25, 2021
More than 2 million users of the MeetMindful dating site turned out to be online
Hackers published database size 1.2 GB with the data of users of the American dating site MeetMindful.
It contains data from about 2.28 million people, including their names, dates of birth, emails, IP addresses, hashed passwords from accounts, where they live, and much more.
The authorities will spend almost 3 billion rubles on face recognition in New Moscow
The Department of Information Technology (DIT) of Moscow is going to spend 2.917 billion rubles on a video surveillance system with the ability to recognize faces in the Novomoskovsk and Troitsk administrative districts. This was reported by “B” with a link to documents on the public procurement portal.
The contractor will have to “agree on the installation sites” of 1,700 cameras in the yards and 292 cameras in “crowded places”. Until September 2025, the video will be transferred to the Unified Data Storage and Processing Center. Cameras are integrated into the city’s face recognition system and the Ministry of Internal Affairs system.
Earlier, the public organization RosKomSvoboda demanded introduce a moratorium on the face recognition system in Moscow.
Administrator of the darknet marketplace Deer from Russia pleaded guilty
Russian citizen Kirill Firsov detained in the USA pleaded guilty in cybercrimes.
He confirmed that he was the administrator of the Deer site, which specialized in trading stolen personal data and information about bank cards. In the message of the Ministry of Justice, it is called “the Russian platform”.
Payment for the use of Deer services was carried out in bitcoins or through the WebMoney system.
Recall the FBI arrested Firsov in March 2020.
Media: US Intelligence Buys Location Data Of Smartphone Users
The military unit of the US Intelligence Community buys geolocation databases of users of various applications and uses them to track the movements of Americans and foreigners without a warrant, writes The New York Times…
According to the publication, using this information, intelligence is tracking the location of foreigners in order to prevent “threats to American troops deployed around the world.”
However, data sellers do not distinguish between US and overseas users. In order to access the database of US residents, analysts who filter information must request special permission. Over the past 2.5 years, such a permit was issued only five times, notes The New York Times.
Previously, journalists already reportedthat the US military buys data from applications on the movement of people in different countries.
Also on ForkLog:
What to read on the weekend?
“Russian hackers” have already become a household name, especially on the American agenda.
We tell the story of the Russian hacker group Lurk, which stole more than a billion rubles from bank accounts and violated one of the unspoken rules among cybercriminals – “do not work with RU”.
Bank thefts, intelligence agencies and the Democratic Party hacking: the history of Russian hackers Lurk
Subscribe to ForkLog news on Telegram: ForkLog Feed – the entire news feed, ForkLog – the most important news and polls.
Found a mistake in the text? Select it and press CTRL + ENTER