The Cyber News Rundown brings you the latest happenings in cybersecurity news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst and a guy with a passion for all things security. Any questions? Just ask.
Russia Blocks Millions of IPs to Halt Use of Telegram
Recently, Russia has been putting pressure on Telegram, an end-to-end encrypted messaging service, to release a master key that would allow Russian officials to monitor suspected terrorist communications. Many of the blocked IPs belong to Amazon and Google, which have prompted Telegram users to switch to VPN services to continue using the app.
Facebook Accounts Breached by Stress Relief App
Within the last week, nearly 40,000 Facebook accounts have been compromised after users installed a stress relief painting program that silently steals available browser data. Likely being spread through spam emails, the malware itself runs a fully functional painting program that closely imitates the recently defunct Microsoft Paint and continues to gather data anytime its host computer restarts.
New Cryptominer Bypasses Open Browser Requirement
A recently discovered cryptominer functions like most previous miners, though its XMRig has been updated to no longer require an open internet browser session to begin its This change is significant, as it means the malware itself has been changed from being internet-reliant to endpoint-based, which allows it to function on the infected device without user interaction. While XMRig is still not the most prolific cryptominer currently operating, it’s believed to have spread to over 15 million unique endpoints around the world.
Tax Season is Open Season for Cyber Criminals
As the 2018 tax season wraps up, officials are working hard to determine if high volumes of tax returns being sent from individual computers are from tax professionals or criminals. While the IRS does have methods for stopping massive quantities of returns from being issued from a single device, tax professionals regularly file up to hundreds of returns per year. So how do they determine if they are legitimate or not? Now, cybercriminals have also recognized this loophole and have begun targeting pros, rather than individuals, to stay undetected while submitting fraudulent tax returns.
Microsoft Engineer Charged for Ransomware Money Laundering
A Microsoft employee was charged this week with laundering money accrued from a Reveton ransomware variant that was used as a prominent screen-locker several years ago. The engineer is accused of transferring over 100,000 USD to a partner in the UK that had been extorted as ransom for restoring the system to its normal functionality.