Search This Blog

Showing posts with label Germany. Show all posts

German Company Hit By Supply Chain Attack, Only Few Device Affected

Gigaset, a German device maker, was recently hit with a supply chain attack, the hackers breached a minimum of one company server to attach the malware. Earlier known as Siemens Home and Office Communication Devices, Gigaset is Germany based MNC. The company holds expertise in communication technology area, it also manufactures DECT telephones. Gigaset had around 800 employees, had operations across 70 countries and a revenue of 280 Million euros in the year 2018. 

The attack happened earlier this month, the malware was deployed in the android devices of the German company. According to experts, various users reported cases of malware infections, complaining the devices were attacked with adwares that showed unwanted and intrusive ads. Most of the users reported their complaints on Google support forums. A German website published a list of these package names (unwanted popups) which were installed on the android devices. 

Earlier complaints from the users are suggesting that data might've also been stolen from these devices. The foremost issue that these users faced was SMS texting and sending Whatsapp messages, the latter suspended few accounts on suspicion of malicious activity. The company has confirmed about the breach and said that the only the users who installed latest firmware updates from the infected devices were affected. The company is already set on providing immediate solutions to the affected customers. "It is also important to mention at this point that, according to current knowledge, the incident only affects older devices," said the company. 

The company during its routine investigation found that few of the old devices had malware problems. It was further confirmed by the customer complaints. Gigaset says it has taken the issue very seriously and is working continuously to provide short term solution to its customers. "In doing so, we are working closely with IT forensic experts and the relevant authorities. We will inform the affected users as quickly as possible and provide information on how to resolve the problem. We expect to be able to provide further information and a solution within 48 hours," said Gigaset.

Number of Cyber Attacks from Germany Increased, says Russian Foreign Minister

In the period from 2019 to 2020, Russia registered a sufficient number of cyberattacks from Germany to Russian facilities and organizations. This was stated by Russian Foreign Minister Sergey Lavrov after talks with his German counterpart Heiko Maas. 

Moscow is concerned about the situation with cooperation with Berlin on cybersecurity. "We expressed concern to the German side about the situation in our interaction on cybersecurity,” said Lavrov.

"We noted that last year and this year a significant number of cyberattacks were registered against objects and organizations in Russia, coming from the German segment of the Internet,” said the Russian Minister said.

Recall that at the end of May, the German Foreign Ministry summoned the Russian Ambassador in Berlin, Sergei Nechaev. He was informed that the Prosecutor General's Office of Germany had put on the wanted list a Russian Dmitry Badin on suspicion of participating in a hacker attack on the Bundestag in April-May 2015. 

In addition, the Department reported that Berlin plans to activate the cyber sanctions regime against Russia because of this case. The EU cyber sanctions regime came into force in May and has not yet been applied. Restrictive measures under this regime may include asset freezes, as well as travel bans to EU countries. The imposition of sanctions requires the unanimous approval of all member countries.

The Russian Foreign Ministry said that Berlin did not provide evidence of Russia's involvement in the hacker attack, and strongly rejected the charges. As Andrei Krutskikh, Director of the Department of International Information Security of the Russian Foreign Ministry, said earlier, Moscow offers Berlin to hold consultations on cybersecurity, this would help to settle many claims.

German Intelligence Warns Companies of Potential Hacking Threats from Russia


According to German intelligence agencies, a group of hackers from the Kremlin are targeting German infrastructures like energy, water, and power resources for a long time. The information came out the first time at the start of this year when investigating officers found evidence of cyberattacks on German companies. The names of the target companies are yet to be known. Still, a cyberattack has compromised them, says statements of German intelligence agencies that were sent to head of these infrastructures.


The group of hackers has been identified as "Berserk Bear." According to the investigation, the hackers are likely to be state-sponsored by the Russian FSB intelligence agency. The hackers are suspected of using the supply chain to infiltrate into German IT infrastructures, says various investigation agencies. According to the investigation, these hackers use openly available malware to permanently infiltrate the company's I.T. network and access sensitive information, along with having complete control over the company's server. The agencies didn't find any damaging evidence against the companies and have refused to offer any comment for the current situation.

The group Berserk Bear is infamous for stealing the U.S. energy companies' data in the year 2018. U.S. President Donald Trump had blamed Russia for the attack. According to cybersecurity experts, Berserk Bear is the group that Moscow is most likely to contact if there is a need to hack the industrial networks. Another hacking team called "Sandworm" was famous for the attack that shut down Ukraine's power supply in 2016 and 2018.

According to Cyberscoop, a cybersecurity website, "Sven Herpig, a cybersecurity expert with the German think tank SNV, welcomed the advisory and urged German companies to heed the warning. The memo has "concrete recommendations of how to spot and protect against an intrusion" from Berserk Bear, he said. The Russian Embassy in Washington, D.C., did not respond to a request for comment on the German agencies' report." Berserk Bear is responsible for various cyberattacks on American and German electrical utilities since 2018, say the cybersecurity experts. The group has been aggressive and attacked several companies.

World’s largest dark web marketplace shut down by authorities








In a joint operation between European and U.S. authorities servers of the major dark web marketplaces Wall Street Market and Valhalla has been seized in Germany and Finland, and its operators have been arrested from Germany, the U.S. and Brazil.

Both platforms were highly popular for peddling unlawful goods with over 1 150 000 and 5 400 vendors.  The Wall Street market was the second largest dark web marketplace that could be accessed via the Tor network.

The German authorities have arrested three suspects and have “seized over €550 000 in cash, alongside cryptocurrencies Bitcoin and Monero in 6-digit amounts, several vehicles and other evidence, such as computers and data storage.” 

“These two investigations show the importance of law enforcement cooperation at an international level and demonstrate that illegal activity on the dark web is not as anonymous as criminals may think,” said Europol’s Executive Director, Catherine De Bolle.

“Europol has established a dedicated Dark Web Team to work together with EU partners and law enforcement across the globe to reduce the size of this underground illegal economy.”


On dark web vendors could sell almost anything, from drugs to malware. You can also find out forged documents and cryptocurrencies.