CyberSec Roundup – 11th April, 2022

CyberSec Roundup
A synopsis of the Latest Cybersecurity News

 

Desert Falcon Hackers Catfish Israeli officials

Some high-ranking Israeli government and law enforcement officials were the targets of a very sophisticated social engineering operation. A Hamas-backed hacking group, known as APT-C-23 and Desert Falcon, executed a campaign with the codename “Operation Bearded Barbie”. Fake Facebook accounts and networks were elaborately setup, with profiles images of stolen or AI-generated women, and these fake accounts would catfish their targets into romantic online relationships. Once trust was developed between the parties, the victims would be encouraged to switch their conversations to WhatsApp, then to another more private messaging app (which is actually VolatileVenom malware) for more erotic conversations. Victims were also sent a RAR archive file with explicit sexual content that also contained malware. In both cases, once the malware was installed, their device was compromised and monitored by the threat actors.

Spain’s Energy Giant Hacked

Iberdrola was the victim of a cyberattack in March, where the threat actors were able to infiltrate the company’s network and steal personal information (such as names and addresses) of 1.3 million of their customers. The company confirmed that no financial or credit card information was access during the breach and that corrective actions were taken. While it has not been confirmed that Russia is behind the attack, the company was warned by the U.S. to be on the alert after Russia invaded Ukraine.

Mailchimp breached

The email marketing company, had its platform hacked last week. One of their internal customer support and account management tools was used to steal data from more than 100 of its clients. The threat actors used this information to target users of the Trezor hardware cryptocurrency wallet and send them sophisticated phishing emails. The spear phishing campaign aimed to steal their credentials and gain control of the victim’s crypto wallet.

 

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)

In Cyber News
Share this post? Twitter Facebook Google+
Prev Post
Next Post

Recent Posts

CyberSec Roundup – 20th January, 2025

CyberSec Roundup – 10th September, 2024

CyberSec Roundup – 22nd July, 2024

July 22, 2024

×

Hello!

Glad to see you here, You can directly contact us on WhatsApp. We would are happy to assist you!

× Whatsapp Us