CyberSecurityBoard
Sponsor Register Login

Cybercriminals Utilizing Official Remote Surveillance for Viruses

A warning has been issued by the Cybersecurity and Infrastructure Security Agency, National Security Agency, and Multi-State Information Sharing and Analysis Center to alert network defenders about the malicious use of legitimate remote monitoring and management software. In October 2022, CISA discovered a cyberattack that had been conducted using reliable RMM software such as ScreenConnect and AnyDesk. The attackers had tricked victims into downloading the software, which they then used to steal money from their bank accounts through refund fraud. They could then sell the access to other cybercriminals or advanced persistent threat actors. The attackers were able to bypass security controls and risk management assumptions by using portable executables of RMM software, which allowed them to gain local user access without needing administrative privilege or full software installation. It was found that two FCEB networks may have been targeted by malicious activity, with an executable being downloaded when a recipient visited a first-stage malicious domain. This executable then connected to a malicious domain in the second stage, from which it downloaded other RMM software. The attackers did not install the downloaded RMM clients on the compromised host, but instead used AnyDesk and ScreenConnect as self-contained, portable executables that were configured to connect to their RMM server. The attackers then used the RMM software to start a refund scam, connecting to the victim's system and then luring them into logging into their bank account while still connected. The bank account summary was then changed by the attackers, showing that the victim had been mistakenly refunded an excess amount of money, which they were instructed to refund to the scam operator. Threat actors often target authorized RMM software users, such as managed service providers and IT help desks, who use the software for network administration, endpoint monitoring, endpoint management, and remote host interaction for IT support tasks. This allows the attackers to exploit trust relationships in MSP networks and gain access to many of the victim MSPs customers.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 03 Feb 2023 08:45:03 +0000


Cyber News related to Cybercriminals Utilizing Official Remote Surveillance for Viruses

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying. - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
1 year ago Schneier.com
San Francisco Police's Live Surveillance Yields Almost 200 Hours of Spying-Including of Music Festivals - A new report reveals that in just three months, from July 1 to September 30, 2023, the San Francisco Police Department racked up 193 hours and 19 minutes of live access to non-city surveillance cameras. That means for the equivalent of 8 days, police ...
10 months ago Eff.org
Schneier on Security - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
1 year ago Schneier.com
The SAFE Act to Reauthorize Section 702 is Two Steps Forward, One Step Back - Section 702 of the Foreign Intelligence Surveillance Act is one of the most insidious and secretive mass surveillance authorities still in operation today. The Security and Freedom Enhancement Act would make some much-needed and long fought-for ...
9 months ago Eff.org
The Atlas of Surveillance Hits Major Milestones: 2023 in Review - That's what a New York Police Department lieutenant wrote on LinkedIn after someone sent him a link to the Atlas of Surveillance, EFF's moonshot effort to document which U.S. law enforcement agencies are using which technologies, including drones, ...
11 months ago Eff.org
The House Intelligence Committee's Surveillance 'Reform' Bill is a Farce - Earlier this week, both the House Committee on the Judiciary and the House Permanent Select Committee on Intelligence marked up two very different bills, both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act-but in ...
1 year ago Eff.org
EFF adds surveillance hub so Americans can check spying The Register - For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows. The Hub contains detailed breakdowns of the type of ...
10 months ago Go.theregister.com
What is Proposition E and Why Should San Francisco Voters Oppose It? - In addition to removing certain police oversight authority from the Police Commission and expanding the circumstances under which police may conduct high-speed vehicle chases, Proposition E would also amend existing laws passed in 2019 to protect San ...
10 months ago Eff.org
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
10 months ago Darkreading.com
CVE-2021-38687 - A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions ...
2 years ago
Big China Spy Balloon Moving East Over US, Pentagon Says - The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China's claims that it was not being used for surveillance. Gen. Pat Ryder, Pentagon press secretary, ...
1 year ago Securityweek.com
Cybercriminals Utilizing Official Remote Surveillance for Viruses - A warning has been issued by the Cybersecurity and Infrastructure Security Agency, National Security Agency, and Multi-State Information Sharing and Analysis Center to alert network defenders about the malicious use of legitimate remote monitoring ...
1 year ago Cybersecuritynews.com
Due to AI, "We are about to enter the era of mass spying," says Bruce Schneier - In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes ...
1 year ago Arstechnica.com
Proposed US surveillance regime would enlist more businesses The Register - Many US businesses may be required to assist in government-directed surveillance - depending upon which of two reform bills before Congress is approved. Under rules being considered, any telecom service provider or business with custodial access to ...
1 year ago Go.theregister.com
The Surveillance Showdown That Fizzled - Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring. In the last week of legislative business before the winter break, Congress ...
1 year ago Eff.org
Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests - Ring, the Amazon-owned home surveillance company known for its long history of partnering with police, announced today that it plans to shut down a controversial tool that allows law enforcement to ask users to share their footage without first ...
10 months ago Wired.com
San Diego City Council Breaks TRUST - In a stunning reversal against the popular Transparent & Responsible Use of Surveillance Technology ordinance, the San Diego city council voted earlier this year to cut many of the provisions that sought to ensure public transparency for law ...
9 months ago Eff.org
How to protect IP surveillance cameras from Wi-Fi jamming - Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must resort to Wi-Fi jamming. Blocking the signal blinds the device and stalls home and business ...
8 months ago Helpnetsecurity.com
The Alaska Supreme Court Takes Aerial Surveillance's Threat to Privacy Seriously, Other Courts Should Too - In March, the Alaska Supreme Court held in State v. McKelvey that the Alaska Constitution required law enforcement to obtain a warrant before photographing a private backyard from an aircraft. In this case, the police took photographs of Mr. ...
6 months ago Eff.org
Protecting Students from Faulty Software and Legislation: 2023 Year in Review - Bad bills and invasive monitoring systems, though sometimes well-meaning, hurt students rather than protect them from the perceived dangers of the internet and social media. We saw many efforts to bar young people, and students, from digital spaces, ...
11 months ago Eff.org
Cybersecurity Tips to Stay Safe this Holiday Season - Cybercriminals take advantage of this hectic time to target holiday shoppers and travelers. Their goal is to catch you off guard when or where you least expect it. If you're like me you might be doing some last-minute shopping and looking for the ...
1 year ago Cybersecurity-insiders.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
9 months ago Helpnetsecurity.com
The Impact of Artificial Intelligence on the Evolution of Cybercrime - The role of artificial intelligence in the realm of cybercrime has become increasingly prominent, with cybercriminals leveraging AI tools to execute successful attacks. Defenders in the cybersecurity field are actively combating these threats. As ...
11 months ago Cysecurity.news
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
5 months ago Pandasecurity.com
Security Concerns Arise Over Chinese-Manufactured Surveillance Cameras Deployed at Romanian Military Locations - A routine procurement made by the Romanian military on January 16 for surveillance equipment manufactured in China has sparked concerns regarding national security implications. Valued at under $1,000, an employee of the Romanian Defense Ministry ...
9 months ago Cysecurity.news

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)