They say the threat landscape is always changing, and usually not for the better. This particular change, 3ve (pronounced Eve), may have escaped your attention in 2018. There were so many Russian based hacks wandering about in newsprint, that one which was “under the radar” would be easily missed. But the real story in this case is not the fraud or the fact that you missed hearing about it (as did I). Rather, the story is that all 8 hackers were identified and indicted, warrants for their arrest sent globally and three apprehended, now awaiting extradition. That just doesn’t happen! Not usually.
In this case, the fraudulent activity had to do with scamming the ad software used by digital advertisers. They had amassed a large and sophisticated botnet that controlled over 1.7 million unique IP addresses. The most common tactic was to infect legitimate computers and have them silently mimic a typical user’s behavior. In this way, they were able redirect advertising funds generating millions of dollars in stolen revenue. This action also eroded trust in the online advertisers, expectedly. The video below provides a vivid visual explanation that is worth the 1:43 to watch.
Our friend, Malwarebytes, was involved in the take down of this botnet, along with Google, Whiteops.com and several other high profile companies. 20 resources in all, working together to discover and dismantle. The excitement is now old. The US Department of Justice made the announcement of their indictment last November. But that doesn’t mean the threat is a part of history. While three individuals are actually incarcerated, awaiting extradition to the US, the other 5 remain free. Their equipment confiscated in the raid on their East New York facility, they still have the experience and desire to strike again.
It may be a small victory. But it is a victory. And somehow, just seeing the criminals indicted lessens their power of intimidation. Perhaps you will benefit from the posted list of criminals indicted from the DOJ Brooklyn Court. They are real and they are known.
Russian Federation and Ukraine
Republic of Kazakhstan
Republic of Kazakhstan
As a consumer, the best defense – after working at a company with a multi-layered cybersecurity approach – is an alert understanding of what is out there. For example, you can no longer simply assume that viruses are synonymous with cyberthreats. Viruses are not the problem today. The attacks are much more sophisticated. The company that claims “cybersecurity protection” but delivers at the antivirus level breeds confusion. Confusion leads consumers to focus in the wrong direction and miss the telltale signs of something more vicious than virus threat.
Malwarebytes’ 2019 security predictions provides an informative backdrop against which to view your daily experiences on the internet. Nine distinct areas worth your attention, because you may be called upon to respond. Urgently! If you have further questions, you can always give Alliant a call at 626-461-1300.