DDoS Attempts Hit Russia as Ukraine Conflict Intensifies

Credit to Author: Brian Barrett| Date: Sat, 26 Feb 2022 14:00:00 +0000

To revist this article, visit My Profile, then View saved stories.

To revist this article, visit My Profile, then View saved stories.

When Russian president Vladimir Putin launched an unprovoked war against Ukraine this week, he did so with a warning that any interference from the West would be met with a response “never seen” in history. The implied nuclear threat has little if any precedent over the last several decades, and while the Kremlin is far more likely to unleash cyberattacks, it was a chilling indication of how far Putin may be willing to escalate.

Russia’s notorious Sandworm hackers, meanwhile, did not sit idly by when researchers exposed their VPNFilter malware in 2018. Intelligence agencies in the US and UK this week detailed Cyclops Blink, a hacking tool that Sandworm developed soon after VPNFilter was no longer useful. Cyclops Blink targets network devices, conscripting them into a botnet and exposing them to further infection. While UK officials said that the revelation was not directly related to the situation in Ukraine, it did come at a time of increasingly serious cyberattacks against the country.

We also took a look inside Intel’s iStare lab, where the company’s researchers work to hack chips in an effort to head off the next Spectre and Meltdown or Rowhammer attack. And we talked to security researchers who figured out how to eavesdrop on any room that has a shiny object in it within view.

If you’re looking to lock down your Chrome browsing experience, you might want to give Enhanced Safe Browsing a try; we talked you through how to set it up. And we picked the best personal safety devices, apps, and alarms for when you need a little extra protection in the real world as well.

And there's more! We’ve rounded up all the news here that we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.

Leading up to and in the early days of Russia’s invasion of Ukraine, the Kremlin’s cyberspace strategy has included a combination of denial-of-service attacks and data wipers. This week saw several efforts to DDoS Russia in return, with mixed results. Russian government, military, and bank websites have all been hit with traffic tsunamis, though for the most part they appear to be holding steady. Mil.ru, the country’s military domain, appears to have put geofencing measures in place as part of an effort to stave off the attack, blocking access to any devices that aren’t in Russia. A more successful DDoS took Russian state news site RT offline Thursday and well into Friday; the hacktivist collective Anonymous appears to have claimed responsibility.

Reuters reports exclusively this week that Ukraine has taken to underground forums in search of a few good hackers. While the country has no standing cyber force, its Defense Ministry has moved to recruit people to spy on Russian forces and help defend critical infrastructure from cyberattacks. Applicants are submitting their information to a Google Docs form—including professional references—and will be vetted before being asked to officially join.

The NFT space is rife with hacks and scams, but the scale of this one is noteworthy. It appears that a phishing campaign parted 17 NFT collectors from their digital tchotchkes. The victims all received emails that appeared to come from the OpenSea marketplace, when in fact it was a scammer who soon flipped their ill-gotten tokens for nearly $3 million. In an unrelated incident, a Texas man is suing OpenSea for $1 million because someone stole his Bored Ape NFT, and he is unable to retrieve it. 

Security researchers from Pangu Labs say they’ve pieced together the origins of a nearly decade-old hacking tool, and that it traces back to the Equation Group, which is widely thought to be the US National Security Agency. They say they were able to make the link thanks in part to a leak by the Shadow Brokers, a mysterious group that released a trove of apparent NSA secrets in 2016. More interesting than the tool itself, though, is the public attribution to the NSA—which, while not unprecedented, is extremely rare. Or at least, it has been. 

https://www.wired.com/category/security/feed/

Leave a Reply