Search This Blog

Showing posts with label UN. Show all posts

UNICC and Group-IB Shut Down 134 Scam Websites In a Major Crackdown

Cybersecurity agency Group-IB and UNICC carried out a joint venture where they took down 134 websites handled by hacking group "DarkPath." As per UN and Group-IB, these websites were earlier used to impersonate WHO. Hackers built a diverse network of 134 malicious domains that were pretending to be WHO on 'Health Awareness Day, ' asking people to fill a fake survey with an assurance of rewards in return. The hackers assured users €200 to take out the surveys and also share them with WhatsApp contacts. 

But, the rewards were never sent and the scam had built a massive spam campaign that gave new traffic to malicious websites. After informing UN's International Computing Centre, group IB worked with a range of service suppliers and network regulators, hosting providers, domain registrars to quash the 134 websites scam campaign. When the websites were blocked, hackers avoided using the WHO brand for their network campaign. But Dark Path still is active despite the WHO breakdown. As per Group-IB findings, the sites managed to land around 200000 users on the fake sites every day. 

Along with the multi-stage nature of the attack that makes it harder for researchers to detect, users saw personalized content that depends upon geolocation, language settings, and user agents. For instance, the reward currency for filling out the survey would vary depending upon the user's location. DarkPath controlled scam websites are still active and keep targeting millions of victims around the globe. These hackers promote their websites via paid ads, social media, and email blasts. 

According to UNICC, .during the infrastructure analysis, "Group-IB researchers examined the domains and other digital indicators and concluded that the whole network is likely to be maintained and controlled by a scammer collective codenamed DarkPath Scammers. Most of the domains with phishing and scam content are using CDN’s (Content Delivery Networks) to hide IP addresses of the real servers. The scammers are using the same infrastructure configuration with its traits and misconfigurations across all their servers. Group-IB continues to monitor the scammers’ activity. Organizations should carry out seamless online monitoring to promptly detect any cases of illicit use of their brands."

The United Nations Reports Increase in Internet Usage and Cyber Crime during the Pandemic

 

The U.N. counterterrorism chief reported a 350% increase in phishing websites in just the first quarter of the year, mostly targeting hospitals and health care systems and obstructing their work responding to the current COVID-19 pandemic. 
Vladimir Voronkov told the U.N. Security Council that the upsurge in phishing websites was a part of “a significant rise in cybercrime in recent months” revealed by speakers previous month's first Virtual Counterterrorism Week at the United Nations. 

The weeklong gathering was attended delegates from 134 nations, 88 civil society and private sector organizations, 47 international and regional organizations, and 40 United Nations bodies. 

He said the U.N. furthermore; the global experts haven't yet completely comprehended “the impact and consequences of the pandemic on global peace and security, and more specifically on organized crime and terrorism.” 

Voronkov says, “We know that terrorists are exploiting the significant disruption and economic hardships caused by COVID-19 to spread fear, hate, and division and radicalize and recruit new followers. The increase in internet usage and cybercrime during the pandemic further compounds the problem.” 

Undersecretary-General Voronkov said the discussions demonstrated a mutual understanding and worry that “terrorists are generating funds from illicit trafficking in drugs, goods, natural resources, and antiquities, as well as kidnapping for ransom, extorting and committing other heinous crimes.” 

He said U.N. member nations are rightly focused around handling the currently increasing health and human crisis brought about by COVID-19 however he urged them not to overlook the threat of terrorism. 

In many parts of the world, Voronkov stated, “terrorists are exploiting local grievances and poor governance to regroup and assert their control.” 

Ghada Waly, executive director of the Vienna-based U.N. Office on Drugs and Crime, told the council meeting on the linkage among counterterrorism and transnational organized crime that the links are "complex and multifaceted," and “the COVID-19 crisis poses a host of new challenges to national authorities.” 

“Organized criminal groups and terrorists may seek to capitalize on and exploit new vulnerabilities,” she said, “and transit patterns are shifting in view of travel restrictions and lockdown measures, adding further challenges for border security.”

Lastly, she added a rather important point which highlights the fact that during these dark times comprehensive and cooperative responses are needed more than ever.

U.N Officials not using WhatsApp over Security Reasons


"The United Nations officials are not using WhatsApp for purposes of communication as it is unsafe and vulnerable to hacking," said a UN spokesperson last Thursday. The statement came out following the Jeff Bezos incident, where experts at the UN accused Saudi Arabia of hacking the WhatsApp account of Amazon's CEO Jeff Bezos. The experts at the UN last week said that they had information suspecting the association of Prince Mohammed bin Salman, Saudi Arabia's crown prince in the so-called cyberattack on Jeff Bezos that happened in 2018.


The officials have demanded an inquiry by American and other authorities as an immediate response, saying that the claims are based on a Forensic Report prepared by FTI, a consulting firm from Washington. The forensic report claims that Bezos' phone was hacked through an ill-disposed video file that was sent by the Saudi Prince via a WhatsApp account. Responding to the question "whether the United Nations Secretly General has used WhatsApp for communication purposes with Saudi Prince or any other world leaders?" Farhan Haq spokesperson of the U.N replied that "officials at the U.N are advised not to use WhatsApp application for messaging purposes as it is not a reliable social networking platform."

"Therefore, I believe that the U.N officials do not use the WhatsApp," Haq said later. According to him, the order to not use WhatsApp as a communication tool was given in June 2018, to the security officials. In response to this controversial action taken by the U.N, the company WhatsApp affirms that it offers one of the best safety to its more than 1.5 billion users.

"Each message sent via the app is protected through end-to-end encryption to maintain the confidentiality of the messages. No 3rd party, not even WhatsApp, can view the messages sent by users through WhatsApp. The encryption mechanism developed by WhatsApp is said to be one of the most secure technology according to the cybersecurity experts, and it is the most reliable platform out in the public," says Carl Woog, Director Communications at WhatsApp.

"Every app has a few flaws that can be exploited, but unlike WhatsApp, very few can resolve them immediately," said cybersecurity expert Oded Vanunu.