Security Brief: Operation Ababil, Dexter, Garry McKinnon

The main events of the week between December 10 and December 16

  Garry McKinnon
This week we can safely say that we’ve had a little bit of everything: hacks, new malware, data leaks, vulnerabilities and a number of controversial infosec-related stories.

This week we can safely say that we’ve had a little bit of everything: hacks, new malware, data leaks, vulnerabilities and a number of controversial infosec-related stories.

One of the most important events of this past week was the initiation of the second phase of Operation Ababil.

Izz ad-Din al-Qassam Cyber Fighters appointed another round of victims and, one by one, they disrupted their websites. US Bank, Chase, Bank of America, PNC and SunTrust all reported temporary outages.

Security experts who analyzed the distributed denial-of-service (DDOS) attacks revealed that some of them were as large as 60Gbps.

Another DDOS attack that made a lot of headlines in the past week was the one that targeted German electricity provider 50Hertz. The attack, which lasted for a total of 5 days, temporarily disrupted the company’s communications.

In the meantime, the John McAfee saga continues. The antivirus pioneer was released from detention by Guatemalan authorities and sent back to the United States.

Shortly after arriving in the US, McAfee admitted that he had faked his “heart attack.” He has also claimed that he is broke because all his wealth is back in Belize where he is wanted for questioning.

We have also covered a series of interesting hacks. First, we learned that Anonymous hackers breached the systems of state-owned Indian telecoms company BSNL.

Then, Inj3ct0r Team claimed to have breached the systems of rival service ExploitHub. They boasted about gaining access to valuable private exploit, but ExploitHub denied their claims.

An FBI memo revealed that hackers managed to penetrate the industrial control systems of a New Jersey air conditioning company back in February and March. The attackers leveraged a backdoor in the Tridium Niagara AX Framework to access the firm’s ventilation, air conditioning and internal heating units.

As far as larger campaigns are concerned, it appears that several Russian industries – including space research, education, information and telecommunication – are targeted by cybercriminals most likely from Korea.

McAfee revealed that the massive cybercriminal operation against US banks, Operation Blitzkrieg, is a real threat.

Another massive campaign was carried out by Team GhostShell. The hackers leaked 1.6 million records from NASA, ESA, and various contractors working with US government agencies.

When it comes to malware, a couple of interesting samples have been identified. One is the first fake installer Trojan that targets Mac OS X systems, and the second one is Dexter – a custom-built malware that targets Point of Sale (POS) devices.

In case you missed it, NASA hacker Garry McKinnon will not be prosecuted in the UK, and Saudi Aramco revealed some additional details about the hack that affected the company back in August.

Finally, did you know that hackers can take over your Samsung Smart TV? Apparently, they can install malware on it, access the information from attached removable storage units, and even change the channel for you.

Comments