Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Israeli Security Researches Reveals a Global Hacking Operation
#1
https://news.softpedia.com/news/israeli-...3457.shtml       
Israeli Security Researches Reveals a Global Hacking Operation
2,000 Windows servers compromised for crypto-mining purposes
Jul 8, 2021 08:55 GMT  ·  By George Dascalu  ·     

Liad Mordekovitz and Ophir Harpaz uncovered a cyberattack that targeted several organizations and compromised servers to mine crypto or get data, says Israel Hayom.

Approximately 2,000 companies were attacked and had their servers as a launching pad to carry out attacks on more organizations. Since the attacks were decentralized, it made them harder to trace. The primary targets of the cyberattack were largely commercial and institutional servers within the media, tourism, health, and education industries, in India, Vietnam, and the United States.
What is the end goal of these cyberattacks on Windows Servers?

Bad actors took control of servers with the goal of mining digital money, infecting them with malware or Trojans, and stealing sensitive information stored. What's interesting is that hackers deleted malware from other malicious agents and employed more complex approaches to ensure their exclusive access the machines. Moreover, they were wise enough to erase their own Trojans and malware after using them as a precaution.

The servers were compromised by attacking the SMB protocol developed by Microsoft. The intrusions allowed cybercriminals to repeatedly access networks and subsequently sell the stolen credentials on the dark web. Each compromised Windows server is estimated to be worth approximately $300, thus multiplying this figure by 2,000 organizations results in a profit of $600,000, overall a sizable reward.

Researchers from Guardicore published a tool that would allow chiefs of cybersecurity to determine whether their organization's systems were vulnerable to a cyberattack and what actions they should take to protect their systems from similar cyberattacks.

The Guardicore cybersecurity solution is a software-based system that operates outside of a physical network. The security tool can break the ransomware chain and stop lateral movement on a network, as well as stop the rapid and wide spread of malware after ransomware attacks.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Hacker group claims to steal 3 million users’ data from Israeli hiking websites mrtrout 0 997 01-22-2022 , 11:03 PM
Last Post: mrtrout
  U.S. State Department phones hacked with Israeli company spyware - sources mrtrout 0 2,094 12-04-2021 , 11:24 AM
Last Post: mrtrout
  Apple suing Israeli hacker-for-hire company NSO Group mrtrout 0 659 11-24-2021 , 04:21 AM
Last Post: mrtrout
  Operation Cyclone deals blow to Clop ransomware operation mrtrout 0 1,586 11-08-2021 , 01:02 AM
Last Post: mrtrout
  Amnesty International links cybersecurity firm to spyware operation mrtrout 0 522 10-11-2021 , 10:02 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)