Search This Blog

Showing posts with label Moscow. Show all posts

Criminals sending malicious emails claiming to be from the rector of Moscow State University

A malicious program that steals passwords was sent out in mid-September by scammers in letters claiming to be from the rector of Moscow State University. The recipients were financial, industrial, and government organizations in Russia.

The mailing, as noted in the company Group-IB, was held in the period from 9 to 16 September.

"In the letter, the attackers, on behalf of rector Viktor Sadovnichy, ask recipients to read the attached document “ A description of the budget for 2020” and promptly send their commercial offer,” reported the company's press service.

The texts of the letters are illiterate and contain stylistic errors. In addition, the order of words and sentences indicates that fraudsters use an automatic translation program. The authors of the letter were too lazy to change or check all the links in the template before sending them out. Probably, similar attacks have already been carried out on behalf of other universities, most likely foreign ones.

The addresses of Moscow State University were indicated as the sender in the letters. In fact, the correspondence was sent from the hacked mail server of the Hotel Alfonso V in the Portuguese city of Aveiro. The hotel has already been notified of the break-in.

All the scammers’ emails contained an archive called "Request for a commercial offer" with an executable .exe file inside. After it was launched, a malicious program was installed on the user's device that could steal usernames and passwords.

"In the future, hackers can use them to gain access to email accounts or crypto wallets, for financial fraud, espionage, or sell stolen data on hacker forums,” said Group — IB.

According to Vasily Kuzmin, Deputy head of the information technology department of Moscow State University, neither the rector nor the University administration ever send letters with such content.

Personal data of one million Moscow car owners were put up for sale on the Internet


On July 24, an archive with a database of motorists was put up for sale on one of the forums specializing in selling databases and organizing information leaks. It contains Excel files of about 1 million lines with personal data of drivers in Moscow and the Moscow region, relevant at the end of 2019. The starting price is $1.5 thousand. The seller also attached a screenshot of the table. So, the file contains the following lines: date of registration of the car, state registration plate, brand, model, year of manufacture, last name, first name and patronymic of the owner, his phone number and date of birth, registration region, VIN-code, series and number of the registration certificate and passport numbers of the vehicle.

This is not the first time a car owner database has been leaked.  In the Darknet, you can find similar databases with information for 2017 and 2018 on specialized forums and online exchanges.
DeviceLock founder Ashot Hovhannisyan suggests that this time the base is being sold by an insider in a major insurance company or union.

According to Pavel Myasoedov, partner and Director of the Intellectual Reserve company, one line in a similar archive is sold at a price of 6-300 rubles ($4), depending on the amount of data contained.
The entire leak can cost about 1 bitcoin ($11.1 thousand).Information security experts believe that the base could be of interest to car theft and social engineering scammers.

According to Alexey Kubarev, DLP Solar Dozor development Manager, knowing the VIN number allows hackers to get information about the alarm system installed on the car, and the owner's data helps to determine the parking place: "There may be various types of fraud involving the accident, the payment of fines, with the registration of fake license plates on the vehicle, fake rights to cars, and so on."

Against the background of frequent scandals with large-scale leaks of citizens data, the State Duma of the Russian Federation has already thought about tightening responsibility for the dissemination of such information. "Leaks from the Ministry of Internal Affairs occur regularly. This indicates, on the one hand, a low degree of information security, and on the other — a high level of corruption,” said Alexander Khinshtein, chairman of the State Duma Committee on Information Policy.

Moscow is turning into a "digital concentration camp", say locals


The Moscow authorities refused to issue 900 thousand digital passes per day due to incorrect information submitted by the applicants. Those who try to get a pass using incorrect information will face punishment, warned the head of the Department of information technology, Eduard Lysenko.
It should be noted that walking, according to the authorities, will still be possible without a QR code from the city hall, but no further than 100 meters from the house. And the police, by the way, has already begun to issue fines to everyone who was caught further than 100 meters from the place of residence.

Experts believe that the coronavirus will pass sooner or later, but the amendment introduced on March 31 to the Moscow Code of Administrative Offenses, which allows to fine with CCTV and geolocation, will remain. This is a fundamentally new norm, which allows to fine residents of Moscow on the basis of only video recording from cameras in almost automatic mode, similar to how fines are now issued to drivers.

In fact, the city authorities began to monitor residents of Moscow a long time ago, but until now they have not dared to use this system openly.

It is worth noting that the Chairman of the Moscow City Court Olga Egorova recently misspoke: "People do not know, but the courts already have a system for recognizing citizens. When the courts heard cases on the rallies last year, six people who were wanted were detained in the courthouse. They came just to listen and support the defendants, and the police detained them."
In other words, the system of electronic tracking of people has already been established and tested.

This system is being introduced into mass use in Moscow right now. And the epidemic is a good reason for such actions.

It is worth adding that in the Russian pharmacies it is still impossible to buy masks and sanitizers, even ordinary paracetamol was not easy to find. Remedies are not enough to even for doctors.
It is interesting to note, according to Russian scientist Olga Chetverikova, the danger of digitalization is that society turns into a totalitarian sect. And the most effective way to manage people is to provoke a sense of fear. In a state of depression, despair and hopelessness, a person is ready to accept any apocalyptic scenario. For example, the "digitization of schools" is designed to create human robots that will be controlled by the world's non-digital elite.

Earlier, E Hacking News reported that on the eve of the city hall website was subject to hacker attacks.

Dozens of cyberattacks on the website of the Mayor of Moscow have been recorded since the beginning of February


Group-IB specialists recorded several DDoS attacks on Moscow electronic services, including the mos.ru portal. This was announced by the CEO of the company Ilya Sachkov.

As the head of the Moscow Government’s IT department, Eduard Lysenko, reported, the site experienced as many attacks in three hours as it has not experienced in the last two quarters.
At the moment, the cyber defense company Group-IB is figuring out who needed to carry out massive attacks on government resources and is looking for perpetrators.

"The investigation has begun, our task is to understand the reasons for cyberattacks and find the perpetrators. At the moment, we can not provide details, this will interfere with the tasks of investigators", said the head of Group-IB, Ilya Sachkov.

According to him, the huge load on the website mos.ru it also caused many requests for passes from citizens. In addition, the interruptions were affected by the interest of Moscow residents, as there were numerous attempts by users to go to the portal just to explore and understand how it works.

At the same time, Sachkov added, it is possible to ensure stable operation of mos.ru, even despite increased loads. “The portal experiences problems that are standard when launching large-scale services of this kind. Such services are tested for fault tolerance, security, and implementation quality in order to ensure stability and continuity of service.”

Recall that from March 30, Moscow introduced a regime of complete self-isolation. Residents of Moscow are allowed to leave the apartment only as a last resort. Starting April 15, they will need to have a special pass to travel around the city by public or private transport. Such measures are designed to stop the spread of coronavirus infection.

Earlier, E Hacking News reported that hackers hacked the digital Pass System of Moscow residents.

Attackers Hacked the Digital Pass System of Moscow residents


Moscow's residents are warned about scammers who offer to issue digital passes for moving around the city on social networks

Recall that on last week Moscow Mayor Sergei Sobyanin and Moscow Region Governor Andrei Vorobyov signed a decree according to which special digital passes are introduced for trips in Moscow and the Moscow Region on personal and public transport. Quarantine residents of Moscow will need to receive a QR code on the City Hall website for each exit from their homes. QR codes can begin to be issued on Monday, April 13, 2020.

A bot appeared in Telegram that offers citizens to get a digital pass through the messenger. It asks for the phone number and personal data of the citizen, including passport. Also, hackers offer to issue a pass on social networks.

Moreover, Telegram channel 4chan posted information that while the QR code issuing system was in beta testing, unknown hackers managed to hack it.

"The program for generating QR codes for quarantine from the Moscow government has not yet left the beta test, but it has already been hacked and generated universal promotional codes that will allow you to go around Moscow unlimited," the channel authors write.

The author of the microblog @A_Kapustin in the social network Twitter managed to post several electronic passes. Some of them, according to the user, allows you to walk within a kilometer from home, and others give the owner the opportunity to freely walk around Moscow. Some QR codes are already blocked, according to the author, but new generations appear in the network.

At the same time, scammers became active in another segment. Russians began to receive SMS messages notifying them of violations of their self-isolation regime and demanding to pay a fine for these offenses.

Experts believe that the situation is complicated, because the Russians do not have time to follow the rules that the authorities of a particular region introduce, which means they are afraid to make something wrong. This is used by scammers, organizing entire schemes using SMS, social networks and messengers. The goal is to get access to data for emptying Bank cards.