ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
February 24, 2020 | 2 Min Read

Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first – we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex. The team covers:

  1. New phishing ecosystem research we just dropped this week – check it out for some interesting new data findings: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/
  2. OurMine Hacks FC Barcelona and Olympics Twitter Handles
  3. Google AdSense Email Extortion Scam
  4. FBI IC3 Report

Listen below 👇👇👇

 

Fox Kitten campaign targets the US and Israel

A likely Iranian cyber espionage campaign named Fox Kitten has reportedly been targeting various industries in the United States and Israel since 2017. Organizations in the IT, oil and gas, aviation, telecommunication and government sectors were targeted with destructive and information-stealing malware. The campaign allegedly exploited vulnerabilities in VPN and RDP products, and aligned with current Iranian state-associated motives for targeting the United States.

 

Apollon marketplace owners scam their exit

Operators of the dark web marketplace “Apollon” have been accused of conducting DDoS attacks against the site’s vendors as well as other marketplaces, amid an exit scam. Apollon’s accusation of an exit scam is a common theme identified in cybercriminal marketplaces that are either closing or seeking to exploit its users and/or vendors before closing. Typically, these scams occur when a marketplace fails to succinctly establish itself within the cybercriminal community, and those operating on or conferring with these sites will likely be affected. Organizations previously targeted by these sites are sometimes also targeted; however, at the time of writing, the impact of any activity is unconfirmed.

 

ThemeGrill burns 200,000 WordPress sites

A vulnerability in the WordPress plug-in “ThemeGrill Demo Importer” has exposed over 200,000 sites since 2017. The vulnerability was only identified on 06 Feb 2020, which allows a threat actor to revert a database on the site back to its default settings and parse its contents. While there are no confirmed compromises due to the vulnerability at the time of writing, it highlights the risks associated with not effectively addressing the security protocols of application and website plug-ins.

 

For more details, read the full Weekly Intelligence Summary

Weekly Intelligence Summary 21 Feb 2020

And to stay up to date with the latest from Digital Shadows, subscribe below.

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

Targets and Predictions for the COVID-19 Threat Landscape

Targets and Predictions for the COVID-19 Threat Landscape

January 14, 2021 | 7 Min Read

Note: This blog is part of our ongoing...
Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

Tracing the Rise and Fall of Dark Web Marketplaces and Cybercriminal Forums

January 13, 2021 | 9 Min Read

It’s often the case that a sequel to a...
ShadowTalk Update: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!

ShadowTalk Update: SolarWinds Updates, TicketMaster Fraud, Apex Cyber Attack, and More!

January 11, 2021 | 2 Min Read

ShadowTalk hosts Stefano, Adam and Dylan...
ICYMI: SolarWinds Compromise Update

ICYMI: SolarWinds Compromise Update

January 8, 2021 | 7 Min Read

Note: This blog is a follow-up of our...