Threat Intelligence / ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
February 24, 2020 | 2 Min Read

Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first – we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex. The team covers:

  1. New phishing ecosystem research we just dropped this week – check it out for some interesting new data findings: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/
  2. OurMine Hacks FC Barcelona and Olympics Twitter Handles
  3. Google AdSense Email Extortion Scam
  4. FBI IC3 Report

Listen below 👇👇👇

 

Fox Kitten campaign targets the US and Israel

A likely Iranian cyber espionage campaign named Fox Kitten has reportedly been targeting various industries in the United States and Israel since 2017. Organizations in the IT, oil and gas, aviation, telecommunication and government sectors were targeted with destructive and information-stealing malware. The campaign allegedly exploited vulnerabilities in VPN and RDP products, and aligned with current Iranian state-associated motives for targeting the United States.

 

Apollon marketplace owners scam their exit

Operators of the dark web marketplace “Apollon” have been accused of conducting DDoS attacks against the site’s vendors as well as other marketplaces, amid an exit scam. Apollon’s accusation of an exit scam is a common theme identified in cybercriminal marketplaces that are either closing or seeking to exploit its users and/or vendors before closing. Typically, these scams occur when a marketplace fails to succinctly establish itself within the cybercriminal community, and those operating on or conferring with these sites will likely be affected. Organizations previously targeted by these sites are sometimes also targeted; however, at the time of writing, the impact of any activity is unconfirmed.

 

ThemeGrill burns 200,000 WordPress sites

A vulnerability in the WordPress plug-in “ThemeGrill Demo Importer” has exposed over 200,000 sites since 2017. The vulnerability was only identified on 06 Feb 2020, which allows a threat actor to revert a database on the site back to its default settings and parse its contents. While there are no confirmed compromises due to the vulnerability at the time of writing, it highlights the risks associated with not effectively addressing the security protocols of application and website plug-ins.

 

For more details, read the full Weekly Intelligence Summary

Weekly Intelligence Summary 21 Feb 2020

And to stay up to date with the latest from Digital Shadows, subscribe below.

Let’s Talk About Intel Requirements

Let’s Talk About Intel Requirements

June 17, 2021 | 7 Min Read

Adam and Phil join Viktoria to ‘cause a...
Cyber Threats to the Online Gaming Industry

Cyber Threats to the Online Gaming Industry

June 15, 2021 | 5 Min Read

Adam and Phil join Viktoria to ‘cause a...
The Business of Extortion: How Ransomware Makes Money

The Business of Extortion: How Ransomware Makes Money

June 9, 2021 | 8 Min Read

Adam and Phil join Viktoria to ‘cause a...
On the Rise: Ransomware and the Legal Services Sector

On the Rise: Ransomware and the Legal Services Sector

June 3, 2021 | 8 Min Read

Adam and Phil join Viktoria to ‘cause a...