Six Russian Government Officials Involved in DNC Hack, Hackers Poison Google Search Results and Deliver Banking Trojan & Art Galleries Attacked by Hackers

 

DNC Hack – The US Department of Justice has reportedly gathered enough evidence to charge at least six Russian government officials for their alleged role in the DNC hack during the 2016 presidential election. With US intelligence agencies concluding that Russia was behind the hack and now Capitol Hill being shown how the likes of Facebook, Instagram and Twitter were all used to favour Donald Trump and influence a nation, the charges against the Russians could come as early as next year. With Vladimir Putin allegedly also ordering the hack personally, dozens of other Russian officials may also have participated but Putin and the Russian government deny this accusation. FireEye, who investigated the incident also identified hacking tools and techniques normally associated with Fancy Bear, a state-sponsored hacking group of the Russian military intelligence. However, despite the charges against them, the six Russian officials will not be prosecuted in the US as it does not have an extradition agreement with Russia.

Zeus Panda Banking Trojan – A novel way of delivering malware has been discovered by a group who leverage the Google Search Engine Results Pages (SERP) to move their malicious pages to the top of Google’s search results for specific queries related to online banking and personal finances. The group relied on a network of already hacked sites on which they carefully inserted or hid keywords into new pages that the Google bots would pick up and subsequently move the page higher up the search rankings. Aiming to deliver the Zeus Panda banking trojan to their victims, users clicking on these malicious links would arrive on the hacked site, where malicious JavaScript code would execute in the background and redirected the user through a series of sites until they reached one offering a Word document for download. This is an interesting case as it is not relying on the usual distribution methods that malware authors usual use and show how they are keen to adapt their methods to get results.

London Art Galleries Beware – Cyber-criminals appear to be targeting art galleries and dealers in an email scam that has already claimed some victims. After breaking into an art dealer’s email accounts and carefully monitoring outgoing messages, they send buyers duplicated invoices after intercepting the originals with the bank details changed to the hacker’s own accounts.┬áThe Rosenfeld Porcini gallery in London was one of the organisations that fell victim to the scam after agreeing the sale of an artwork. The best way currently to mitigate this threat is to enable two-factor authentication on all your accounts and check with the seller before sending any money across to an unknown bank account.