Cyber Attack

Earlier this week, EPCYBER has identified a large scale network of Chinese botnet as-a-service which consists of various domains, over 20 active telegram groups and other domestic communication channels using Chinese infrastructure. It is evident that the methods and botnet developed and used by the group, successfully bypasses latest DDoS …

Platform BreachForum, bad actor perell, same person who claimed to expose the data of “Bharat Sanchar Nigam Limited” BSNL for the second time. The threat actor claimed first December-3, 2023 where he wrote “India’s 4th most popular telecommunications company has suffered a substantial data breach” and he claimed to have …

A Cisco customer noticed the first confirmed activity in early January 2024, but the attacks actually began in November 2023. The researchers also found evidence that indicates this capability was being tested and developed as early as July 2023. The initial access vector in this campaign – dubbed ArcaneDoor – …

Microsoft Threat Intelligence released findings from their investigation on the Russian threat group known as Forest Blizzard (STRONTIUM). The group used a specialized tool to gain higher privileges and steal login information in compromised networks. Since June 2020, and maybe even since April 2019, Forest Blizzard has been using a …

A criminal hacking group claims to have stolen the World-Check database with millions of records. The database is used by companies to check if potential customers have connections to financial crime or sanctions. The group called GhostR stole 5.3 million records from the World-Check database in March and are threatening …

Frontier Communications, a Texas-based telecom company, reported a cyberattack to the Securities and Exchange Commission. The company offers internet services in over 25 states and had $5.75 billion in revenues in 2023. The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment …

LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus and grow tensions in the region. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country. Technical Details: Infection …

ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …

Apple warned users in 91 other countries about a possible “mercenary spyware attack”. Apple notified Reuters that the company found evidence of attackers attempting to remotely compromise iPhones. Mercenary spyware attacks are rare but much more sophisticated than regular cybercriminal activity or malware, as stated in the email. Apple also …

Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …