BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • FBI News Cyber Siege Russian Cybercrime Syndicate Infiltrates And Breach Federal Agencies

    Several federal agencies became the target of a Russian-speaking cybercrime gang called CLoP, according to Cybersecurity and Infrastructure Security Agency (CISA) and Homeland Security officials. The attack was related to a popular file-transfer software used by federal agencies and other organizations.

    The file-transfer product called MOVEit has a weakness which the gang targeted and stole information belonging to multiple federal agencies and other companies across the globe. The intention of the attack was to extract ransom from the victims to keep their data from being dumped on the internet.

    The executive assistant director for Cybersecurity at CISA, Eric Goldstein has stated the agency is offering assistance to multiple federal agencies that have been hit by the security breach. He said, “We are working urgently to understand impacts and ensure timely remediation.”

    A ranking official disclosed to reporters that the government ascertained that CLoP carried out the hacks. The official, however, asked to remain in anonymity in exchange for providing details.

    According to the official, very few federal agencies became victims, but they haven’t received any ransom demand from CLoP, and their data haven’t been leaked. The individual also mentioned that according to CISA, the attacks hadn’t made an impact on military and intelligence communities.

    The official also added that the government hadn’t found evidence of CLoP collaborating with the Russian government.

    In another interview, Jen Easterly, the CISA Director, told the press that the attack was not meant to obtain highly-valuable information or wider access. It was an opportunistic one.

    She also mentioned the SolarWinds campaign, which poses a “systemic risk” to the country’s security and networks. It was a well-planned campaign connected to “state-backed Russian intelligence agents.” The CISA Director talked about this campaign to compare with CLoP. She said the latter wasn’t as damaging as the former and was superficial, so the authorities quickly discovered it.

    When further inquired, she also stated, “We’ve been working closely… with the FBI and with our federal partners to understand prevalence within federal agencies,”. 

    As per reports, the National Security Council and CISA didn’t comment when asked which federal agencies got hit in the attack. However, though the government hasn’t released the names of all the victims, the names of other organizations have come to light.

    They include the Department of Energy, Oregon’s Department of Transportation, the Nova Scotia provincial government, Louisiana’s of Motor Vehicles, U.K. drugstore chain Boots, British Broadcasting Company, and British Airways.

    When reporters asked for comments, the Department of Energy didn’t respond. The National Security Agency also refused to comment on the attacks. However, an FBI spokesman (though the person didn’t comment) indicated a “cyber advisory” from CISA and FBI on the MOVEit program that urged businesses and organizations to talk about and consider threats from the cybercrime gang.

    The advisory from the FBI and CISA said that the Russian ransomware gang exploited the weakness in two other applications in the past. File-transfer applications are popular programs because they’re efficient and convenient. But they also come with some vulnerabilities, so cybercrime gangs like CLoP take advantage and target different agencies to demand ransom.

    An aide (who wished to remain anonymous) for the Senate Homeland Security and Governmental Affairs Committee Chairperson has said that the agency is privy to the situation, and the office has requested more details from CISA on the effects of this weakness.

    It’s believed that CLoP may have stolen data from many victims and set June 14th as the last date to answer its ransom demand or have their information published online.

    But the gang didn’t leak any federal agency’s data till now. It’s also believed that though there isn’t evidence, CLoP may be connected to Kremlin, so the former didn’t leak the data as they didn’t get the go-ahead signal from their handlers.

    Federal agencies have been the victims of several cyberattacks in the last few years, including the SolarWinds breach.

    Progress Software, the parent company of MOVEit, alerted its clients about the attack on May 31. But according to cybersecurity experts, CLoP may have stolen the data of numerous companies by then.

    SecurityScorecard, a cybersecurity firm, mentioned that it noticed at least 2,500 weak MOVEit servers in about 790 companies which include 200 government organizations across the world. However, the firm hasn’t been able to separate these agencies by country.

    CLoP is said to have been looking for and stealing information since March 29, according to SecurityScorecard threat analyst Jared Smith. This gang has perpetrated similar crimes and can’t be trusted not to leak the data. Allan Liska of Recorded Future said that in the past, data of victims appeared on the internet (dark web) after six to ten months after they made the payments.

    Progress Software also said that they discovered another weak point in the software, and they have taken the MOVEit Cloud offline as they try to find a solution to the problem.

    Author DeepWeb
    Cybersocial emergency: ransomware attack knocks out Belgian government services
    Hackers with covert intentions: Why does China's Flax Typhoon only infiltrate the systems of its victims?

    Comments 0

    Add comment