Olympic Destroyer malware, cryptocurrency-mining malware found on government sites, ransomware at the Sacramento Bee, Google AdWords bitcoin phishing, teenager arrested for DDoS attacks in The Netherlands, and more.
The news keeps coming, and staying on top of the latest security headlines can fall through the cracks. First in a weekly series, This Week in App Security News curates the stories that made the headlines over the previous week.
Olympic Destroyer Malware
A cyberattack aimed at disrupting the 2018 Winter Olympics in Pyeongchang, South Korea took place before the opening ceremonies on February 9 and is blamed for disruption to TV broadcasts and the official Winter Games website. Security researchers now believe creators of the “Olympic Destroyer” malware had previously compromised the Olympic Games’ infrastructure.
Cyberattack Aimed to Disrupt Opening of Winter Olympics (Dark Reading, February 12)
Olympic Destroyer Data-Wiping Malware Is More Complex Than Previously Thought (Bleeping Computer, February 13)
Researchers Find New Twists in ‘Olympic Destroyer’ Malware (Threat Post, February 14)
Cryptocurrency Mining Malware
Malware was introduced on more than 4,000 websites by injecting a cryptocurrency-mining script into Texthelp Browsealoud code. Affected sites included the US Courts, UK Information Commissioner’s Office and the Australian state governments for Victoria and Queensland. The malware was initially discovered and noted February 11 via Twitter by security researcher Scott Helme.
Cryptojacking attack hits ~4,000 websites, including UK’s data watchdog (Tech Crunch, February 11)
Thousands of Government Websites Hacked to Mine Cryptocurrencies (The Hacker News, February 12)
The harmful drive-by currency mining scourge shows no signs of abating (Ars Technica, February 12)
Cryptocurrency Mining Hack That Compromised Thousands of Sites ‘Could Have Been a Catastrophe’ (Motherboard, February 12)
How the U.S. Courts Website Unwittingly Became a Cryptocurrency Miner (Fortune, February 12)
Google AdWords Bitcoin Phishing, Ransomware at the Sacramento Bee and a Teenager Suspected of Launching DDoS Attacks in The Netherlands
Group Makes $50 Million by Phishing Bitcoin Users Using Google AdWords (Bleeping Computer , February 15)
A Ukrainian cybercrime operation has made an estimated $50 million by using Google AdWords to lure users on Bitcoin phishing sites.
Sacramento Bee Databases Hit with Ransomware Attack (Dark Reading, February 9)
The Bee did not pay ransom and deleted its databases to prevent future attacks, according to its publisher.
Teenager Suspected of Crippling Dutch Banks with DDoS Attacks (Computer Weekly, February 8)
A large distributed denial of service attack on banks and other organisations in the Netherlands, first thought to emanate from Russia, is now thought to have been launched by a local teenager
In Other News
Filing Deadline for New Infosec Law Hits NY Finance Firms Thursday (Dark Reading, February 15)
Energy Department creates new office for cyber, energy security (The Hill, February 14)
Cybercrime Costs for Financial Sector up 40% Since 2014 (Dark Reading, February 14)
Lazarus Group Attacks Banks, Bitcoin Users in New Campaign (Dark Reading, February 13)
Domain Theft Strands Thousands of Web Sites (Krebs on Security, February 12)
Romance Scams Drive Necurs Botnet Activity in Run Up to Valentine’s Day (Threat Post, February 12)