Cybersecurity roundup: February 25 to March 3, 2018
It's been a busy week. Aside from a new threat to Android devices, there's also the looming threat from a cyberattack against Germany.
Moreover, US credit monitoring firm Equifax is in the news again, after it disclosed even more affected individuals in a massive hack against it.
Learn more about this week's cybersecurity happenings in our roundup!
Ukraine arrests 'Avalanche' cybercrime organizer
Ukraine detained one of the organizers of the Avalanche cybercrime network on Monday, February 26. The arrested man was Gennadiy Kapkanov, a Ukrainian citizen who was using a passport with a different identity.
Avalanche was a criminal network providing infrastructure for malware and DDoS (distributed denial of service) spam attacks across the world before it was busted in an unprecedented global sting operation.
RedDrop malware targets Android phones
Security firm Wandera reported a new type of malware, dubbed RedDrop, was being distributed online via third-party Android application stores.
RedDrop, once inside your device, downloads new software quietly. The suite of malicious tools is able to "harvest sensitive data, including passively recording the device’s audio, photos, contacts, files and more." The collected information is used for blackmail and extortion.
Cyberattack hits German government
An ongoing cyberattack targeted Germany's government IT network, the country's parliamentary committee on intelligence issues said on Thursday, March 1.
"It is a real cyberattack on part of the government system. It's an ongoing process, an ongoing attack," said Armin Schuster, chairman of the committee, adding that no further details would be given to avoid passing crucial information on to the attackers.
Equifax identifies 2.4 million more hit by hack from last year
US credit bureau Equifax said on Thursday, March 1, it identified an additional 2.4 million American consumers affected by last year's massive data breach.
The company's forensic investigation revealed the new identities on top of the now 146 million affected in the attack that exposed victims' personal details, including names, birth dates and social security numbers.
Github survives massive DDoS attack mostly unscathed
Software developer platform Github revealed this week that it had been hit by what is being called the world's largest distributed denial of service (DDoS) attack – up to 1.35 terabits per second of traffic assaulted the platform at its peak.
While this would normally take down most sorts of sites or services, Github was basically down for less than 10 minutes following the assault after it enlisted the help of Akamai Prolexic, which helped mitigate the attack by removing and blocking malicious traffic. – Rappler.com