On one of the forums in the Darknet, a database appeared with information about several million users of the Telegram messenger. The data file is about 900 megabytes. 

The Telegram press service confirmed the existence of the database, explaining that information is collected through the built-in contact import function even when the user registers. Representatives of the company added that not a single service that allows users to communicate with contacts from their phone book can completely exclude such a search.

Telegram also assured that most of the fused accounts are no longer relevant. In addition, the messenger has a function "Who can add me to contacts by phone number". This setting makes it difficult for regular users to communicate (they become invisible even to those who know their phone number), but it allows you to completely hide the connection between the account and the phone number.

It became known that the Telegram user contact database did not appear on the network as a result of a leak from the messenger, it was collected by parsing - collecting and analyzing publicly available information and is a compilation of other contact databases.

"This database is a compilation of various previous databases collected from different countries and different methods. The main method is collection via open systems, chatbots, authorization, and information about a person's registration by number. Even taking into account duplicates and incorrect data in the database, this is tens of millions of users," said the expert.

The expert believes that the database could somehow get all the user's public data-ID, username, first name, last name, photo, cell phone, public bio and website, in some cases, information was also included when the user was online, his approximate location – country/region, and others. Such databases are usually used for widespread non-targeted spam.

As 62% of respondents answered, when companies transferred employees to remote work at the beginning of the pandemic, the most concern was ensuring secure remote access and VPN. 47% of respondents reported that they were concerned about preventing attacks using social engineering methods, and 52% called the protection of endpoints and home Wi-Fi networks of employees one of the main challenges.

"Even before the introduction of self-isolation, many companies allowed employees to work remotely. As soon as the regime entered into force, organizations had no choice but to organize remote access for all their employees as soon as possible. Of course, these measures have led to the emergence of new opportunities for attackers to carry out attacks. Despite the fact that we are now gradually returning to the normal life, the threat of cyber attacks is not decreasing. Companies need to use comprehensive zero-day security solutions to avoid being hit by a large number of next-generation cyber attacks," explained Vasily Diaghilev, head of Check Point Software Technologies representative office in Russia and the CIS.

At the same time, 65% of information security experts noted that their companies are blocking the access of external computers to corporate VPNs. 51% of specialists said that the greatest threat comes from home devices, 33% see the main security threat in mobile devices of employees.

According to Dmitry Medvedev, Deputy Chairman of the Security Council of the Russian Federation, the number of cybercrimes in the past five months in Russia has exceeded 180 thousand, which is 85% more than in the same period of time in 2019.

He stressed the importance of taking into account that new schemes and techniques are being developed for cyber attacks.

In some situations, the use of the program could lead to leakage of personal information. The specialist gave advice on how not to become a victim of fraud

Banking apps for smartphones have significantly simplified the lives of citizens. But sometimes they can cause serious harm. The head of the company Digital platform Arseny Shcheltsin shared recommendations in this regard.

First, the specialist urged people to install an antivirus program on their phone. Also, access to accounts with a lot of money should be blocked from the phone. Shcheltsin also reminded about the trick of hackers who send SMS messages from unknown numbers: people should not follow the link in any case.

According to him, the Bank's mobile app is one of the most popular apps that people install on their phones. This is due to the fact that in the mobile app, it is usually easier and more mobile to manage the account and communicate with the Bank. Regular communication using chat is even faster than communication with the Bank's call center.

The expert warned that people can accidentally download an unofficial Bank app to phone. It may be safe, but its usefulness is questionable. Most likely, the program is configured to collect personal data of a person for subsequent sale to large firms that provide services.

Mobile banks are constantly increasing their functionality, however, there is a risk that fraudsters or hackers can gain access to the Bank's mobile app by somehow placing a malicious app on the victim's phone. In the future, this malicious software gets access to application up to the ability to transfer money. 

Now banks are more serious about this issue, but despite the fact that the number of stolen money by this method is constantly decreasing, such cases still exist.

It is interesting to note that Alexei Krichevsky, an IT expert at the Academy of Finance and Investment Management, said that the owners of devices running on Android should install an antivirus application on a smartphone first. Unlike iOS, this system is more susceptible to hacker attacks.

The Russian-based cyber platform known as DEER.IO has for quite some time been facilitating many online shops where illicit products and services were being sold.

A little while back, there happened the arrest of Kirill Victorovich Firsov as revealed by authorities, he was the supposed main operator behind Deer.io, a Shopify-like stage that has been facilitating many online shops utilized for the sale of hacked accounts and stole user data. Convicts ware paying around $12/month to open their online store on the platform.

When the 'crooks' bought shop access through the DEER.IO platform, a computerized set-up wizard permitted the proprietor to upload the products and services offered through the shop and configure the payment procedure by means of cryptocurrency wallets.

Arrested at the John F. Kennedy Airport, in New York, on Walk 7, Firsov has been arrested for running the Deer.io platform since October 2013 and furthermore publicized the platform on other hacking forums.

“A Russian-based cyber platform known as DEER.IO was shut down by the FBI today, and its suspected administrator – alleged Russian hacker Kirill Victorovich Firsov – was arrested and charged with crimes related to the hacking of U.S. companies for customers’ personal information.” - the official statement distributed by the DoJ.

While Feds looked into around 250 DEER.IO stores utilized by hackers to offer for sales thousands of compromised accounts, including gamer accounts and PII documents containing user names, passwords, U.S. Social Security Numbers, dates of birth, and victim addresses.

A large portion of the casualties is in Europe and the US. The FBI agents effectively bought hacked information from certain stores facilitated on the Deer.io platform, offered data were authentic as indicated by the feds.

When asked to comment for the same FBI Special Agent in Charge Omer Meisel states, “Deer.io was the largest centralized platform, which promoted and facilitated the sale of compromised social media and financial accounts, personally identifiable information (PII) and hacked computers on the Internet. The seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad.”

The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.