Cyber Weekly Digest - 2022 Week #47

Take a look at this week's Cyber Weekly Digest for a round up of the latest cyber security news. In this week's digest, we dive into the DDoS attack which took down the European Parliament's website as well as how Google is arming you with the resources to detect Cobalt Strike. Keep reading to stay up to date on the biggest cyber security news.

1. Hackers breach energy organisations via bugs in discontinued web server.

Microsoft stated that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organisations in the energy sector. A report published in April claims state-backed Chinese hacking groups (including one traced as RedEcho) targeted multiple Indian electrical grid operators, compromising an Indian national emergency response system and the subsidiary of multinational logistics company. The attackers gained access to the internal networks of the hacked entities via Internet-exposed cameras on their networks as command-and-control servers. It was reported that the hacking group likely used FastReverseProxy as a foothold into the exploited IP cameras that were used to enumerate Boa web servers. Boa is a discontinued web server that has a wide array of vulnerabilities including arbitrary file access (CVE-2017-9833), Microsoft researchers said. Another adversary that has abused this vulnerability is the Hive ransomware gang who hacked India’s largest integrated power company, Tata power, last month.

2. Two Estonians arrested for running $575M crypto Ponzi scheme.

Two individuals were arrested in Estonia, on Sunday, after being indicted by the US for running a massive cryptocurrency Ponzi scheme that led to more than $575 million in losses. The defendants, 37-year-olds Sergei Potapenko and Ivan Turõgin, are accused of defrauding hundreds of thousands of victims together with four other co-conspirators residing in Estonia, Belarus, and Switzerland between December 2013 and August 2019. Allegedly the victims have their funds funneled through a complex network of shell companies, bank accounts, virtual asset services, and cryptocurrency wallets designed to help them launder money. The company that they ran was called HashCoins OÜ which imported and assembled other companies’ cryptocurrency mining hardware instead of manufacturing its own, as advertised. The Ponzi scheme elements appeared when customers were not able to withdraw their funds from crypto mining pools that they were in. The two were charged with 16 counts of wire fraud, one count of conspiracy to commit money laundering, and conspiracy to commit wire fraud.