Search This Blog

Showing posts with label Scammers. Show all posts

Attackers Hacked the Digital Pass System of Moscow residents


Moscow's residents are warned about scammers who offer to issue digital passes for moving around the city on social networks

Recall that on last week Moscow Mayor Sergei Sobyanin and Moscow Region Governor Andrei Vorobyov signed a decree according to which special digital passes are introduced for trips in Moscow and the Moscow Region on personal and public transport. Quarantine residents of Moscow will need to receive a QR code on the City Hall website for each exit from their homes. QR codes can begin to be issued on Monday, April 13, 2020.

A bot appeared in Telegram that offers citizens to get a digital pass through the messenger. It asks for the phone number and personal data of the citizen, including passport. Also, hackers offer to issue a pass on social networks.

Moreover, Telegram channel 4chan posted information that while the QR code issuing system was in beta testing, unknown hackers managed to hack it.

"The program for generating QR codes for quarantine from the Moscow government has not yet left the beta test, but it has already been hacked and generated universal promotional codes that will allow you to go around Moscow unlimited," the channel authors write.

The author of the microblog @A_Kapustin in the social network Twitter managed to post several electronic passes. Some of them, according to the user, allows you to walk within a kilometer from home, and others give the owner the opportunity to freely walk around Moscow. Some QR codes are already blocked, according to the author, but new generations appear in the network.

At the same time, scammers became active in another segment. Russians began to receive SMS messages notifying them of violations of their self-isolation regime and demanding to pay a fine for these offenses.

Experts believe that the situation is complicated, because the Russians do not have time to follow the rules that the authorities of a particular region introduce, which means they are afraid to make something wrong. This is used by scammers, organizing entire schemes using SMS, social networks and messengers. The goal is to get access to data for emptying Bank cards.

The scammers started to use fake video to steal money of the Russians



Fake videos appeared on the Internet with overlapping faces and voices of famous people with the help of which scammers steal funds. IT company JET warned Russians about this.

"A relatively new phenomenon deep fake has appeared on the network, it is fake videos with overlapping faces and voices of famous people on videos of various contents using Deep Learning technologies. This technology allows you to replace the movement of the lips and human speech on the video. It is difficult for an ordinary user to identify such fakes, and many take them for the truth," the company said.

Experts of the company found in the network fraudulent video using the image of the Russian showman and actor Dmitry Nagiyev, where he offers to visit a certain site and get a prize or cash reward. The company said that site visitors may lose money.

The company JET noted that the victims got to the portal with the generated domain name. Such sites only work for a couple of days, but criminals constantly open new ones.

According to Anna Oleinikova, an expert on neural networks in the company JET, deep fake is an extremely serious threat. "The range of malicious use of deep fake and similar technologies is very wide: blackmail, discrediting of media persons and politicians, unfair competition in business and politics," she said.

At the same time, the company notes that ordinary users can try to identify fakes, based on several signs. So, on fraudulent videos all the time eyes are open or half-closed, and around the head at sharp movements and change of lighting there are strange loops.

In turn, Stanislav Ashmanov, the head of the company "Neural networks of Ashmanov", said that it is very difficult to create believable deep fake. This requires a lot of different data and a complex algorithm. Now everything that appears on the Network suffers from a lack of quality and looks quite improbable.

“In my opinion, technology has not yet been completely improved to make video indistinguishable from reality, cheap and easy,” he added.

Hackers stole money from Kukuruza(Kykyryza) cards using Apple Pay


83 Kykyryza(Kukuruza) cardholders suffered from the theft of funds. The fraudsters gained access to the logins and passwords from the mobile and Internet banking, and then they connected Apple Pay and withdrew funds. Now the problem is solved, the money is returned.

The Kykyryza card is a multifunctional bonus payment card, which is offered to its customers by the United Russian company Svyaznoy/Euroset. The card works in the Mastercard payment system.

Since May 2 complaints of Kykyryza cardholders about the theft of their funds began to appear on the website Banki.ru. Victims of the attack received SMS that their card is connected to Apple Pay, immediately after that, the money was withdrawn to the Tele2* number. All victims indicate that they did not receive SMS or Push-notifications with a verification code to connect to Apple Pay.

It turned out that hackers attacked a social service, where they received data about the owners of Kykyryza cards to log into the account and then they checked if the victims used the same username and password in the mobile or Internet Bank. If the data was the same, then the attackers connected mobile application Kykyryza to the Apple Pay and proceeded to withdraw money.

The company Svyaznoy/Euroset confirmed the theft of funds from Kykyryza card owners, noting that the number of victims is small, as only 20 million cards were issued. According to Alexander Malis, the SEO of the company, only 83 cardholders suffered.

“The hackers stole about 2 million rubles ($ 31 000),— said Mr. Malis.— The stolen funds were already returned to all the victims.”

Vladimir Dryukov, the Director of the Solar JSOC Cyber Attack Monitoring and Response Center, noted that the mobile application with this method of theft showed two serious vulnerabilities — the lack of protection from the change device when you log in to the mobile Bank and the lack of protection from the selection of the numbers.

However, according to Mr. Malis, Kykyryza card showed a high level of security in the conditions of a mass attack. He also clarified that a special update has already been released, which will not allow an unauthorized user to change the mobile device.

Scammers disguise themselves as divisions of the Central Bank of Russia


Cyber Criminals performed a large-scale attack on Russian banks in late 2018, they managed to steal $ 20 million.

The attackers disguised themselves as divisions of the Central Bank FinCERT and Alfacapital. It is known that the attacks were carried out by hacker groups Silence and Cobalt, who had previously organized cybercrime. Also along with them operated a new hacker group, which had not been seen before.

The scheme of crimes was the same: the scammers on behalf of the FinCERT division of the Central Bank sent out malicious documents with macros. In addition, a compromised account of an employee of the company Alfacapital was used.

Representatives of many banks confirm the frequent attacks. The criminals tried to penetrate the infrastructure of the financial organization for the withdrawal of money.

The IT-company Positive Technologies conducted their own statistics and found that over 201 million people suffered from such attacks in 2018.

Moreover, banking infrastructure was attacked in 78% of cases, web resources - 13 %, ATMs and POS-terminals - 9 %, personal data - 39% , credential theft , card information, trade secret - 5%, personal correspondence and other information - 8%.

In addition, on February 18, Kaspersky Lab recorded an increase in attacks by Buhtrap and RTM banking Trojans in Russia. At the end of last year, experts recorded an increase in the activity of the banking Trojan RTM 50 times, compared to 2017.