Cybercrime
,
Fraud Management & Cybercrime
,
Incident & Breach Response
Also, Cyberattack Targets Japan’s Space Agency JAXA
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, Ukraine’s intelligence service hacked Russian aviation agency, a cyberattack targeted Japan’s space agency, Google addressed another zero-day, a French-led operation dismantled a Ukrainian ransomware group, and spyware targeted Serbian civil society.
See Also: Live Webinar Today | Generative AI: Myths, Realities and Practical Use Cases
Ukraine Intelligence Hacks Russian Aviation Agency
Ukraine’s intelligence service said it hacked Russian federal air transport agency Rosaviatsia and found documents that show a developing crisis in the nation’s aviation industry. Ukraine said it found documents recording 185 accidents in Russian civil aviation from January, and one-third of them were categorized as dangerous incidents – a threefold increase from the previous year. Aircraft malfunctions surged from 50 to 150 in the first nine months of 2023, emphasizing critical issues with engines, landing gear and essential systems.
Moscow’s struggles with aircraft maintenance prompted the use of uncertified services in Iran, a country “with an air fatality record even worse than Russia’s,” Politico reported in October. Western countries choked off the supply of aviation parts from Russia after the Kremlin invaded Ukraine in February 2022. Iran has faced Western sanctions for decades, which have restricted its access to modern avionics.
Cyberattack Targets Japan’s Space Agency
Japan’s space agency JAXA fell victim to a cyberattack targeting its network server, though no sensitive information was compromised. Hackers gained unauthorized access to the central Active Directory server, which manages employee IDs and passwords. The breach prompted a temporary network shutdown for assessment, and there were no confirmed data leaks. The agency’s website remains operational.
Google Addresses Zero-Day Flaw
Google released security updates for its Chrome browser that fix seven issues, including a zero-day vulnerability actively exploited in the wild. Discovered on Friday, the high-severity bug is an integer overflow in the Skia 2D graphics library. While Google confirmed the existence of an exploit in the wild, it has not disclosed details about the attacks and threat actors.
With the latest update, Google has now addressed a total of seven zero-days in Chrome this year, covering issues such as type confusion, integer overflow and heap buffer overflow in components such as V8, Skia, WebP and libvpx.
French-Led Operation Dismantles Ukrainian Ransomware Group
A French-led police operation resulted in the arrest by Ukrainian authorities of core members of a ransomware group. Police detained the ringleader and four other suspects, searched 30 locations and seized more than 100 digital tools. Authorities from France, Germany, the Netherlands, Norway, Switzerland, Ukraine and the United States participated in the investigation.
The ransomware group targeted organizations in 71 countries, and its attacks resulted in losses of several hundred million euros. The suspects played diverse roles in the criminal network, using methods such as phishing emails and deploying malware including Trickbot. They deployed ransomware variants including LockerGoga, MegaCortex, Hive and Dharma.
Spyware Targets Serbian Civil Society
Civil society organizations found traces of an attempted spyware attack on two counterparts in Serbia. On Oct. 30, the two Serbs received notification from Apple that they had been potential targets, promoting an investigation by the Share Foundation, Access Now and Amnesty International’s Security Lab.
The attempted attack exploited the iOS HomeKit functionality, possibly through the “PwnYourHome” bug, an exploit previously linked to Pegasus spyware developed by NSO Group.
With reporting from Information Security Media Group’s Mihir Bagwe in Mumbai.