In April 2017, the Russian cyber-security firm Kaspersky Lab identified a criminal hacker group operating under the names BlueNoroff and Lazarus. Probably hailing from North Korea, this group targets public and private financial institutions around the world – from Costa Rica to Thailand, India, Gabon and Poland.
The domain name system (DNS) is a fundamental part of the web. This system translates the characters in a website’s name (for example, cybelangel.com) into an IP address, allowing browsers to connect to website servers.
In September 2016, 800,000 users of the pornographic website Brazzers had their details leaked online. CybelAngel accessed and analysed this data.
On 7 November, the English supermarket giant Tesco released an official press release announcing its online banking system had been compromised. Experts consider this attack to be one of the most severe to target the UK banking sector to date – but its origins are unknown.
The announcement of the hacking of nearly 800,000 accounts linked to Brazzersforum.com, linked to the Brazzers.com pornographic site, is certainly less impressive than the 4 million accounts from the Naughty America pornographic site but raises just as many concerns for the users.
Despite the widespread notoriety of the processes used in phishing campaigns, they continue to claim victims. In general, acts of fraud can be detected by paying close attention to the URL.
The French researcher Florian Courtial recently demonstrated that this visual verification could be rendered useless by manipulating the punycode characters to create real homographs.
The computer network of a water and electricity supplier in the State of Michigan in the United States was taken down for a week following a cyber attack.
A hacker whose identity remains unknown infected the computer networks of the Lansing Board of Water & Light (BWL) using malware whose technical specifications have not been disclosed.
On the morning of April 25, BWL detected the malware and immediately shut down its computer networks in order to prevent it from spreading. The program appears to be ransomware: malicious software encrypting the data of an owner from whom a ransom is then demanded in exchange for the key to decrypt the data. Electricity and water distribution networks were in fact spared in the attack.