Monday, May 27, 2024

Tech News, analysis, updates, comments, reviews

U.S. seizes domains used in USAID hack

The Department of Justice on Tuesday announced it has seized Internet domains prosecutors say Russian hackers used as part of a recent attack involving the U.S. Agency for International Development. Photo by Kevin Dietsch/UPI

The Justice Department announced it has seized domains Russian hackers responsible for the SolarWinds attack used in a phishing scheme last month targeting governments and organizations through mimicking the United States Agency for International Development.

Prosecutors said in a statement Tuesday that they seized two domains on Friday that Russia-linked Nobelium hacker group had used as part of its wide-scale attack targeting some 3,000 individual accounts across more than 150 governments, think tanks and organizations.

The scheme, uncovered by Microsoft on Thursday, involved gaining access to the Constant Contact email service of the USAID from which the hackers sent malicious links through authentic-looking government emails to their targets.

When the links were clicked, a malicious file would download a so-called back door onto the computer offering the hackers access to its information and that of other computers on its network.

Microsoft said most of the emails distributed were blocked by email threat detention systems and marked as spam though some may have been delivered.

The Justice Department said it seized theyardservice.com and worldhomeoutlet.com through a court order with the aim to disrupt Nobelium’s activities and identify victims, though prosecutors state the hackers may have deployed other backdoors between the initial attack, which began May 25, and Friday’s seizure.

“Last week’s action is a continued demonstration of the department’s commitment to proactively disrupt hacking activity prior to the conclusion of a criminal investigation,” said Assistant Attorney General John Demers of the department’s National Security Division.

Nobelium has been blamed for the attack in November that breached at least nine U.S. federal agencies and dozens of companies through the widely used SolarWinds software.

Get notified whenever we post something new!

spot_img

Migrate to the cloud

Make yourself future-proof by migrating your infrastructure and services to the cloud. Become resilient, efficient and distributed.

Continue reading

Google I/O 2024 Unveils the Future?

Google I/O 2024 was an impressive showcase of how Google continues to push the envelope with artificial intelligence. This year's event introduced significant advancements across multiple services and platforms, demonstrating Google's commitment to an AI-first future. Below, I try...

On-Premises vs. Cloud Security

As usual, we begin by championing cybersecurity. It stands as the foremost concern for organizations striving to safeguard their sensitive data and digital assets. Among the many strategies available, two dominant paradigms have emerged: on-premises security and cloud security....

Regulation Insights from Starlink’s in Zimbabwe

In recent times, the journey of Starlink, Elon Musk's ambitious satellite internet venture under SpaceX, has been marked by regulatory challenges, particularly in Zimbabwe. Meanwhile the Posts and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) issued a directive instructing Starlink...

Enjoy exclusive discounts

Use the promo code SDBR002 to get amazing discounts to our software development services.