17 May 2019

IRM Weekly Cybersecurity Roundup: GozNym malware and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Cyber gang that stole $100 million has been dismantled

The international cybercrime gang who infected computers with GozNym malware, has been busted in a complex investigation conducted in US, Bulgaria, Georgia, Germany, Ukraine and Moldova.

GozNym is a hybrid of two forms of malware, Nymaim and Gozi. Nymain is a software known as a ‘dropper’, designed to sneak and install other malware onto a device. Gozi is an ever-changing technical malware, aimed at stealing financial information.  Combining the two became GozNym, a ‘double-headed monster’.

The gang consisted of criminals who advertised their skills on online forums. They affected 40,000 victims, stealing $100 million by using the Malware, which captured online banking details to access victims accounts.

Ten hackers have been charged in the US with different offences, including launders and stealing money from both US and foreign accounts but 5 remain on the run.

You can read more here.

Trump declares national emergency over information technology

President of the United States, Donald Trump, has issued an executive order declaring a national emergency entitled “Securing the Information and Communications Technology and Services Supply Chain” hoping to aim to better protect US information and communication technology infrastructure and services.

The order comes in the wake of numerous stories of electronic data breaches by both hackers and foreign governments.

After the order, Trumps administration blacklisted Chinese telecoms giant Huawei, meaning Huawei will need to seek special approval and licences to use components and technology from US companies.

The administration also blacklisted 70 affiliated companies from acquiring components and technology from US firms without government approval. You can read more here.

Microsoft prompts updates for Windows after fear of a global virus

Microsoft have patched old versions of Windows software in fear of a massive global computer virus outbreak much like 2017’s WannaCry attack. One patch is for Windows XP which could be used to spread a malicious virus.

“It was “highly likely” the vulnerability would be exploited if it went un-patched” explained Simon Pope, Microsoft’s director of incident response. He said the bug could be exploited simply by connecting to a vulnerable machine over the internet.

Other patches that closed loopholes included:

  • Windows 203
  • Windows 7
  • Windows Server 2018

Microsoft said there is no evidence that cybercriminals were currently exploiting the loopholes and those using Windows 8 or 10 were not at risk.

You can read more here.

Quick Fire Updates:

Driverless cars could become a transport option in just a few years: Cities around the world are racing to develop and perfect the technologies for AV. Singapore is one of the countries charting the path forward. You can read more here.

Aftermath of the WhatsApp hack: WhatsApp’s hack left many of its 1.5 billion users wondering how safe the “simple and secure” messaging app really is. BBC have the ins and outs, you can read more here.

How fitness tracker technology could prevent cyber-attacks: Technology used in fitness trackers could hold the key to reducing cyber attacks, researchers say. You can read more here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.