Tag Archives: Russia

Panda Security

The US Malware Developer who Helped Russia Spy on Devices

Leave a comment

Latvian-born hacker Alexsey Belan, a Russian citizen, has been on the FBI’s list of most wanted cybercriminals for some time. His latest misdeed was the theft of 500 million Yahoo accounts in order to spy on Russian journalists and officials from both the US government and the Kremlin itself.

The Department of Justice of the United States has officially accused him of the crime. The department suspects that he have committed the crime in collaboration with another cybercriminal and with two spies from the Russian Federal Security Service. Antichat was one of the cybercrime forums which Belan frequented. It is also one of those used by the Russian spyware company OpenGSM to recruit cybercriminals and increase their sales.

According to a Forbes investigation, OpenGSM has resold a tool to spy iPhones and Android smartphones that was developed by an American. Killer Mobile, a company headed by Joshua Alner, created a surveillance software called Tracer that has made its way to Russian shores.

A dangerous deal between Americans and Russians

A researcher who preferred to remain anonymous found an OpenGSM document that redirects users to a website owned by Alner from which a spyware kit could be obtained as part of a 600 euro package.

He also found Killer Mobile malware for Android on an OpenGSM website, proof that the company bought the vendor’s surveillance tools. In fact, Alner could have pocketed between 150 and 500 thousand dollars for that sale.

Neither Alner nor OpenGSM, which sells its software to government agencies and consumers, have come forth to comment about their research. Killer Mobile, a company with only ten employees, offered its malware — which is legally defined as a “hidden listening device” — to about sixty resellers in at least ten countries, an activity requiring an export license .

The spy software that OpenGSM commercialized served to host spyware on the devices of almost 800 users in Russia, Kazakhstan and the European Union in 2015. Another tool that OpenGSM offered, which was not developed by Killer Mobile, appears to have had mobile users in the US in its crosshairs.

Tensions are on the rise between geopolitical actors, both big and small, in the cyber-sphere, and as such we are collectively entering a period of uncertainty about where we stand in terms of our own personal security on our devices. Wherever the threat may come from, be it a government agency or a malware entrepreneur, it’s always best to be protected by an advanced cybersecurity solution.

The post The US Malware Developer who Helped Russia Spy on Devices appeared first on Panda Security Mediacenter.

Panda Security

Who’s Behind the Yahoo Attack? It might be Russian Agents

Leave a comment

We’re all familiar with the massive data leaks that Yahoo suffered last year. But until recently, we had very little in the way of clues as to who was behind the attacks which started at the beginning of 2014. As more evidence comes to light, it’s becoming increasingly apparent that this is not your run-of-the-mill cybercrime. According to a recent indictment by the US Department of Justice, the folks behind that attack appear to be agents of the Russian Federal Security Service.

The theft of 500 million Yahoo accounts three years ago was allegedly used as a way for the Russian government to access information on a series of targets ranging from the White House itself to cloud computing companies. Military officials, executives of financial companies, and even an airline company were also among the targeted.

In the name of espionage, this attack gave hackers the means of stealing data such as names, email addresses, and credentials. According to information provided by Yahoo in their announcement of the breach, the culprits would not have been able to access data of a more confidential nature, such as sensitive financial information.

In a somewhat ironic turn of events, the information provided by the Justice Department indictment appears to indicate that the stolen data was also used to spy on Russian government officials.

The Yahoo Attack: A Breach to Go Down in History

While this would not be the first time that Russian cybercriminals have been accused of data theft, it is in fact the first time that charges have been filed against officials operating in the shadow of Vladimir Putin. Although the agency is supposed to help agencies of other countries track down Russian cybercriminals, in this case two of its own operatives allegedly collaborated to conceal the robbery from their superiors.

“The involvement and direction of F.S.B. officers with law enforcement responsibilities makes this conduct that much more egregious,” said acting assistant US Attorney General Mary B. McCord.

Although the Russian administration has not given an official response to the US indictment, the country’s press has called into question the US Department of Justice’s movement.

In any case, and regardless of who is responsible for these or other breaches, massive data leaks at services such as Yahoo highlight the need to use secure credentials and a protection that is suited to the needs of your company to prevent the theft of confidential information, or even considerable sums of money, in the event of a cyberattack.

The post Who’s Behind the Yahoo Attack? It might be Russian Agents appeared first on Panda Security Mediacenter.

Panda Security

The Russian Government Uses Known Black Hat for Cyberespionage

Leave a comment

Evgeniy M. Bogachev is in his early thirties and lives a comfortable life among his collection of luxury cars in a small resort city on the shores of the Black Sea. He is the most-wanted cybercriminal in the world, and the FBI is offering 3 million dollars for his capture.

The US accuses Bogachev of having created a global botnet composed of infected computers with the attention of winnowing millions of dollars from bank accounts all over the world. According to reporting from The New York Times, the cybercriminal’s victims included everyone from private users to public organizations such as, for example, a pest control company in North Carolina or a police precinct in Massachusetts.

However, Bogachev is seemingly much more than your common cybercrook. The FBI suspects that although he probably got into the business for the same reason as most cybercriminals (money), his activities have grown more complex with time. In fact, he is also suspected of controlling more than a million computers around the world, with access to photographs, documents, and all kinds of confidential personal and corporate information. So what began as a way of draining bank accounts all over the world for huge financial gain has become a unique window of opportunity for Russian intelligence agencies to carry out wide-reaching espionage.

While Bogachev perpetrated his cyber-heists, the Russian authorities appear to have not only turned a blind eye, but also shown their appreciation of his work. Given the extent of Bogachev’s access to computers from all over the globe, the Russian agency allegedly obtained, among other things, information from military services with ties to the conflicts in Ukraine and Syria. According to the Times, they also appear to have accessed information from US intelligence agencies.

At the moment, the attacks carried out by Bogachev under pseudonyms like slavik, lucky12345 or pollingsoon are going unpunished. Russia has no extradition treaty with the United States, and Russian officials have stated that as long as Bogachev does not commit any crime in Russian territory, there would be no reason to stop him.

The logical conclusion of this stance toward international cybercrime is troubling. It implies that the sale of malware by Russian cybercriminals in the dark corners of the internet, or even the theft of money, could be given a pass by Russian agencies.

If confirmed, the situation would prove that black hats could be recruited as mercenaries in cyber-conflicts between the world’s major powers. In such a scenario, the victims (i.e., individuals and businesses) are mere pawns in a game of cyberwar. The loss of things that are of great value to you, such as your privacy, confidential data, even the money in your bank accounts, is seen as mere collateral damage caught up in the forces of conflict between rival nations. It is now more indispensable than ever to have the necessary security tools to protect yourself and guarantee the safety of your digital assets.

The post The Russian Government Uses Known Black Hat for Cyberespionage appeared first on Panda Security Mediacenter.

Hackers News

Russian Court bans LinkedIn in Russia; Facebook and Twitter Could be Next

Leave a comment

As reported late October, the world’s largest online professional network LinkedIn is going to ban in Russia beginning Monday following a Moscow court decision this week that found Microsoft-owned LinkedIn to be in violation of the country’s data protection laws.

Here’s why LinkedIn is facing ban in Russia:

In July 2014, Russia approved amendments to the Russian Personal Data Law that came

Hackers News

LinkedIn to get Banned in Russia for not Complying with Data Localization Law

Leave a comment

The world’s largest online professional network LinkedIn could face a ban in Russia after the company has failed to comply with a Russian data localization law that compels companies to keep data on Russian users in their country.

If you are not aware, LinkedIn is the only major social network which is not banned in China, because the company agreed to cooperate with the Chinese government

Hackers News

Breaking — Russian Hacker Responsible for LinkedIn Data Breach Arrested by FBI

Leave a comment

The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn, which affected nearly 117 Million user accounts.

Yevgeniy N, 29-year-old Russian hacker was arrested in Prague on October 5 suspected of participating in conducting cyber-attacks against the United States,

Hackers News

Russian Hacker who was wanted by FBI arrested in Prague

Leave a comment

Czech police, in cooperation with the FBI, has arrested a Russian citizen in Prague suspected of participating in conducting cyber-attacks against the United States.

Czech police announced the arrest on its official website Tuesday evening, without giving any further details about the man and for what he is wanted for.

Alleged Russian Hacker, whose name has not yet been disclosed, was

Hackers News

Russia Wants to Kick Foreign Tech Companies Out Of The Nation

Leave a comment

Someone wants to kick Microsoft, Google and Apple off from his land, but himself uses Gmail and Mac.

The newly appointed Internet Tsar German Klemenko, who is the first internet advisor of Vladimir Putin, wants to kick off American Giants from Russia.

In a 90-minute interview conducted by Bloomberg, Klemenko expressed his interest to vanish the presence of tech biggies of foreign