Cyber Bites

The GandCrab ransomware TOR site allows shady data recovery companies to hide the actual ransom cost from victims and it is currently being disseminated through a large assortment of distribution channels according to a Codeware report. Partnering with recovery firms who frequently access GandCrab's TOR site is an https://www.coveware.com/blog/2018/10/10/gandcrab-ransomware-decryption-payment, with "discount" codes being provided to the most active ones, usable when processing future settlements. Source: Bleeping Computer

Two hacker groups are behind 60% of all publicly reported cryptocurrency exchange hacks and are believed to have stolen around $1 billion worth of cryptocurrency, according to a report published last week by blockchain analysis firm Chainalysis. "On average, the hacks we traced from the two prominent hacking groups stole $90 million per hack," said Chainalysis. Source: ZDNet

More than 59,000 data breaches have been reported across Europe since data protection laws were brought in last year, new figures have revealed. The Netherlands, Germany and the UK topped the list of the most reported breaches in the eight months since new GDPR laws came into force, according to law firm DLA Piper. The breaches, which range from minor errors such as missent emails to major cyber hacks, were reported by public and private...

Godaddy.com, the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal. Source: Krebs on Security

Researchers say they have identified the threat actor behind the massive “Collection #1” data dump which exposed hundreds of millions of credentials on a hacking forum in January. Recorded Future researchers said this weekend that an individual using the moniker “C0rpz” has claimed as early as Jan. 7 to be the original creator and seller of the Collection #1 data. The original database of breached emails – totalling 773 million unique email addresses –was discovered...

US-based casual dining and fast food restaurant chain Huddle House announced late Friday last week a security breach that impacted its point of sale (POS) system. "Criminals compromised a third-party point of sale (POS) vendor's data system and utilized the vendor's assistance tools to gain remote access-and the ability to deploy malware-to some Huddle House corporate and franchisee POS systems," Huddle House said in a security alert listed on its front page. Source: ZDNet

A 20-year-old college student who stole cryptocurrency worth more than $5 million by hijacking victims' phone numbers has pleaded guilty and accepted a sentence of 10 years in prison. Ortiz was arrested last year on charges of siphoning millions of dollars in cryptocurrency from around 40 victims using a method commonly known as "SIM swapping," which typically involves fraudulently porting of the same number to a new SIM card belonging to the attacker. Source: The...

Social Media research shows British MP Jacob Ree-Mogg’s #Moggmentum campaign is being pushed by accounts linked to a powerful Kremlin disinformation operation. Analysis of social media traffic between January and February 2018 reveals a pattern of disinformation being fronted by social media users connected to Russia’s Brexit interference campaign – known to have been more influential that Vote Leave and Leave.EU combined. Source: Byline Times

CookieMiner is a new malware strain capable of stealing and exfiltrating web browser cookies related to online wallet services and cryptocurrency exchange websites, as well as passwords, text messages, and credit card credentials. The newly identified malware targets Mac devices and shares at least some of its code with the OSX.DarthMiner and OSX.LamePyre strains discovered by Malwarebytes during December 2018. Source: Bleeping Computer

Home improvement site Houzz has suffered a data breach, with an unknown amount of user information stolen. The hack, discovered in late December but only revealed on Friday, involved the theft of profile information, including name, city, state, country and profile description, along with internal identifiers such as the region and location of the user and whether each has a profile image. Source: Silicon Angle