ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research

ShadowTalk Update – OurMine hacks FC Barcelona & Olympics twitter handles, Adsense email extortion, & phishing research
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
February 24, 2020 | 2 Min Read

Adam and Phil join Viktoria to ‘cause a storm’ on this week’s episode. But first – we get a rundown of the brand new Photon research blog this week around phishing from Harrison and Alex. The team covers:

  1. New phishing ecosystem research we just dropped this week – check it out for some interesting new data findings: https://www.digitalshadows.com/blog-and-research/the-ecosystem-of-phishing/
  2. OurMine Hacks FC Barcelona and Olympics Twitter Handles
  3. Google AdSense Email Extortion Scam
  4. FBI IC3 Report

Listen below 👇👇👇

 

Fox Kitten campaign targets the US and Israel

A likely Iranian cyber espionage campaign named Fox Kitten has reportedly been targeting various industries in the United States and Israel since 2017. Organizations in the IT, oil and gas, aviation, telecommunication and government sectors were targeted with destructive and information-stealing malware. The campaign allegedly exploited vulnerabilities in VPN and RDP products, and aligned with current Iranian state-associated motives for targeting the United States.

 

Apollon marketplace owners scam their exit

Operators of the dark web marketplace “Apollon” have been accused of conducting DDoS attacks against the site’s vendors as well as other marketplaces, amid an exit scam. Apollon’s accusation of an exit scam is a common theme identified in cybercriminal marketplaces that are either closing or seeking to exploit its users and/or vendors before closing. Typically, these scams occur when a marketplace fails to succinctly establish itself within the cybercriminal community, and those operating on or conferring with these sites will likely be affected. Organizations previously targeted by these sites are sometimes also targeted; however, at the time of writing, the impact of any activity is unconfirmed.

 

ThemeGrill burns 200,000 WordPress sites

A vulnerability in the WordPress plug-in “ThemeGrill Demo Importer” has exposed over 200,000 sites since 2017. The vulnerability was only identified on 06 Feb 2020, which allows a threat actor to revert a database on the site back to its default settings and parse its contents. While there are no confirmed compromises due to the vulnerability at the time of writing, it highlights the risks associated with not effectively addressing the security protocols of application and website plug-ins.

 

For more details, read the full Weekly Intelligence Summary

Weekly Intelligence Summary 21 Feb 2020

And to stay up to date with the latest from Digital Shadows, subscribe below.

Access Our Threat Intel In Test Drive

Test Drive SearchLight Free for 7 Days
Try It Now

Connect with us

Related Posts

It’s even easier to initiate takedowns in SearchLight

It’s even easier to initiate takedowns in SearchLight

August 12, 2020 | 3 Min Read

When faced with infringing content, phishing...
Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

Escrow systems on cybercriminal forums: The Good, the Bad and the Ugly

August 11, 2020 | 15 Min Read

Just a few short months ago, the...
Saving the SOC from overload by operationalizing digital risk protection

Saving the SOC from overload by operationalizing digital risk protection

August 5, 2020 | 4 Min Read

As you may have seen last week, the latest...