Spyware in the Subcontinent. Crooks auction game source code. Pandemic-driven online fraud. Emotet persists. Cybersabotage.
Lookout reports two new strains of Android spyware, "Hornbill" and "SunBird," in use by the pro-Indian Confucius APT, active in the ongoing, long-running conflict between India and Pakistan.
The criminals who claim responsibility for hacking CD Projekt Red say they’ll auction stolen source code for the Witcher and Cyberpunk 2077 “for millions” in a dark web souk, the Verge reports.
Sift’s Digital Trust and Safety Architects report more evidence that delivery services have become attractive targets for online fraud. Criminals advertise on Telegram, offering to use stolen payment information to buy food at a discount for diners whose consciences are untroubled by complicity in theft. Sift says “fraud rates among restaurant apps and food delivery services increased 14% from Q3 to Q4 2020.” Merchants are most affected—they lose the food and then must refund the bilked owners of the accounts used in the fraud.
The food delivery scam market is one aspect of pandemic-driven cybercrime. Akamai this morning released a study of the underground as it’s been shaped by COVID-19. Shopping scams came first, as people sheltered in place and bought more of their essentials online. These were soon accompanied by credential-phishing campaigns, and now, more recently, vaccination scams. The UK’s National Health Service has been warning of the vaccine-related fraud ever since methods of immunization began serious development.
As many foresaw, Emotet has proven resilient in the face of law-enforcement takedowns. Check Point says the malware held onto the top spot for crimeware in the month of January.
Gloss