In April 2017, the Russian cyber-security firm Kaspersky Lab identified a criminal hacker group operating under the names BlueNoroff and Lazarus. Probably hailing from North Korea, this group targets public and private financial institutions around the world – from Costa Rica to Thailand, India, Gabon and Poland.
The announcement of the hacking of nearly 800,000 accounts linked to Brazzersforum.com, linked to the Brazzers.com pornographic site, is certainly less impressive than the 4 million accounts from the Naughty America pornographic site but raises just as many concerns for the users.
A hacker using the name “Hacker Buba” recently attempted to extort money from Invest Bank, based in the United Arab Emirates.
The hacker demanded that the bank pay the equivalent in Bitcoins of USD 3 million in exchange for not selling or publishing client banking data that the hacker had stolen; he claimed to have some 900 GB of data, representing a considerable mass of information.
On 18 November, after the bank had refused to comply, the Twitter account “@hacked_invest” announced that it could sell databases containing the banking information, including payment card numbers.
Security researchers report a rising number of DD4BC attacks, involving one or more hackers whose speciality is the extortion of Bitcoins via Distributed Denial of Service hacking.
DD4BC, an acronym meaning “DDoS for Bitcoins”, appeared in the summer of 2014. Its initial targets were online gaming sites, whereas today’s hacks are essentially aimed at financial institutions and not restricted to a particular country.
Several hundred attacks have taken place since June 2015. The procedure used by the hacker is always the same:
- The victim receives an e-mail stating that he or she must pay the hackers a sum in Bitcoins ranging from 200 to 22,000 euros.
- An initial low-level DDoS hack is launched simultaneously against the victim’s website, to demonstrate the intention and capability of DD4BC.
- If the victim does not pay, larger-scale attacks are launched.
- DD4BC boasts on social networks in order to humiliate the victims whose websites did not withstand attack.
The hackers deploy familiar DDoS methods, targeting the usual ports and protocols. The average power of an attack is some 15 GB/sec, and can reach 56 GB/sec. Although the mode of extortion is innovative, the technique used is not sophisticated: any individual with access to cybercrime forums can use them to purchase DDoS attacks of a similar power level against targets of their choice.
In August of this year, the Carphone Warehouse store chain was the victim of a hacking operation. The hackers used a denial of service (DoS) attack to divert and steal in parallel the data concerning 2.4 million customers.
The data stolen were the customers’ names, addresses and dates of birth. For 90,000 of them, payment card numbers were also stolen. It seems that the hackers deployed a DoS attack against the Carphone Warehouse information system while penetrating the databases. The security personnel are thought to have been too busy restarting the systems to notice the exfiltration of data.