CyberSecurityBoard
Sponsor Register Login

Cybercriminals Utilizing Official Remote Surveillance for Viruses

A warning has been issued by the Cybersecurity and Infrastructure Security Agency, National Security Agency, and Multi-State Information Sharing and Analysis Center to alert network defenders about the malicious use of legitimate remote monitoring and management software. In October 2022, CISA discovered a cyberattack that had been conducted using reliable RMM software such as ScreenConnect and AnyDesk. The attackers had tricked victims into downloading the software, which they then used to steal money from their bank accounts through refund fraud. They could then sell the access to other cybercriminals or advanced persistent threat actors. The attackers were able to bypass security controls and risk management assumptions by using portable executables of RMM software, which allowed them to gain local user access without needing administrative privilege or full software installation. It was found that two FCEB networks may have been targeted by malicious activity, with an executable being downloaded when a recipient visited a first-stage malicious domain. This executable then connected to a malicious domain in the second stage, from which it downloaded other RMM software. The attackers did not install the downloaded RMM clients on the compromised host, but instead used AnyDesk and ScreenConnect as self-contained, portable executables that were configured to connect to their RMM server. The attackers then used the RMM software to start a refund scam, connecting to the victim's system and then luring them into logging into their bank account while still connected. The bank account summary was then changed by the attackers, showing that the victim had been mistakenly refunded an excess amount of money, which they were instructed to refund to the scam operator. Threat actors often target authorized RMM software users, such as managed service providers and IT help desks, who use the software for network administration, endpoint monitoring, endpoint management, and remote host interaction for IT support tasks. This allows the attackers to exploit trust relationships in MSP networks and gain access to many of the victim MSPs customers.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 03 Feb 2023 08:45:03 +0000


Cyber News related to Cybercriminals Utilizing Official Remote Surveillance for Viruses

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying. - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
2 years ago Schneier.com
San Francisco Police's Live Surveillance Yields Almost 200 Hours of Spying-Including of Music Festivals - A new report reveals that in just three months, from July 1 to September 30, 2023, the San Francisco Police Department racked up 193 hours and 19 minutes of live access to non-city surveillance cameras. That means for the equivalent of 8 days, police ...
1 year ago Eff.org
Schneier on Security - Spying and surveillance are different but related things. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did. Putting someone ...
2 years ago Schneier.com
The SAFE Act to Reauthorize Section 702 is Two Steps Forward, One Step Back - Section 702 of the Foreign Intelligence Surveillance Act is one of the most insidious and secretive mass surveillance authorities still in operation today. The Security and Freedom Enhancement Act would make some much-needed and long fought-for ...
1 year ago Eff.org
The Atlas of Surveillance Hits Major Milestones: 2023 in Review - That's what a New York Police Department lieutenant wrote on LinkedIn after someone sent him a link to the Atlas of Surveillance, EFF's moonshot effort to document which U.S. law enforcement agencies are using which technologies, including drones, ...
2 years ago Eff.org
Made in China: How China’s Surveillance Industry Actually Works - China's surveillance industry is a vast and complex ecosystem that integrates cutting-edge technology with state-driven objectives to monitor and control populations. This article explores the inner workings of this industry, revealing how Chinese ...
4 months ago Wired.com
The House Intelligence Committee's Surveillance 'Reform' Bill is a Farce - Earlier this week, both the House Committee on the Judiciary and the House Permanent Select Committee on Intelligence marked up two very different bills, both of which would reauthorize Section 702 of the Foreign Intelligence Surveillance Act-but in ...
2 years ago Eff.org
EFF adds surveillance hub so Americans can check spying The Register - For a country that prides itself on being free, America does seem to have an awful lot of spying going on, as the new Street Surveillance Hub from the Electronic Frontier Foundation shows. The Hub contains detailed breakdowns of the type of ...
2 years ago Go.theregister.com Meow
What is Proposition E and Why Should San Francisco Voters Oppose It? - In addition to removing certain police oversight authority from the Police Commission and expanding the circumstances under which police may conduct high-speed vehicle chases, Proposition E would also amend existing laws passed in 2019 to protect San ...
1 year ago Eff.org
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
1 year ago Darkreading.com
Welcome to Mamdani’s Surveillance State - The article "Welcome to Mamdani’s Surveillance State" explores the pervasive and intrusive nature of modern surveillance technologies, focusing on how governments and corporations increasingly monitor citizens' activities. It delves into the ...
2 months ago Wired.com
CVE-2021-38687 - A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions ...
4 years ago
Big China Spy Balloon Moving East Over US, Pentagon Says - The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China's claims that it was not being used for surveillance. Gen. Pat Ryder, Pentagon press secretary, ...
2 years ago Securityweek.com
Due to AI, "We are about to enter the era of mass spying," says Bruce Schneier - In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes ...
2 years ago Arstechnica.com
Cybercriminals Utilizing Official Remote Surveillance for Viruses - A warning has been issued by the Cybersecurity and Infrastructure Security Agency, National Security Agency, and Multi-State Information Sharing and Analysis Center to alert network defenders about the malicious use of legitimate remote monitoring ...
2 years ago Cybersecuritynews.com
Proposed US surveillance regime would enlist more businesses The Register - Many US businesses may be required to assist in government-directed surveillance - depending upon which of two reform bills before Congress is approved. Under rules being considered, any telecom service provider or business with custodial access to ...
2 years ago Go.theregister.com
The Surveillance Showdown That Fizzled - Like the weather rapidly getting colder outside, the fight over renewing, reforming, or sunsetting the mass surveillance power of Section 702 has been put on ice until spring. In the last week of legislative business before the winter break, Congress ...
2 years ago Eff.org
Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests - Ring, the Amazon-owned home surveillance company known for its long history of partnering with police, announced today that it plans to shut down a controversial tool that allows law enforcement to ask users to share their footage without first ...
2 years ago Wired.com
Flock Surveillance Technology’s Gunshot and Voice Detection Raises Privacy Concerns - Flock Safety, a company specializing in surveillance technology, has developed advanced gunshot and voice detection systems designed to enhance public safety. These technologies utilize AI and machine learning to detect and analyze sounds such as ...
3 months ago Therecord.media
San Diego City Council Breaks TRUST - In a stunning reversal against the popular Transparent & Responsible Use of Surveillance Technology ordinance, the San Diego city council voted earlier this year to cut many of the provisions that sought to ensure public transparency for law ...
1 year ago Eff.org
How to protect IP surveillance cameras from Wi-Fi jamming - Gone are the days of criminals cutting camera wires to evade detection: with the proliferation of affordable internet-connected cameras, burglars must resort to Wi-Fi jamming. Blocking the signal blinds the device and stalls home and business ...
1 year ago Helpnetsecurity.com
The Alaska Supreme Court Takes Aerial Surveillance's Threat to Privacy Seriously, Other Courts Should Too - In March, the Alaska Supreme Court held in State v. McKelvey that the Alaska Constitution required law enforcement to obtain a warrant before photographing a private backyard from an aircraft. In this case, the police took photographs of Mr. ...
1 year ago Eff.org
Protecting Students from Faulty Software and Legislation: 2023 Year in Review - Bad bills and invasive monitoring systems, though sometimes well-meaning, hurt students rather than protect them from the perceived dangers of the internet and social media. We saw many efforts to bar young people, and students, from digital spaces, ...
2 years ago Eff.org
Former Trump official named NSO Group chairman - The Record reports that a former official from the Trump administration has been appointed as the chairman of NSO Group, the controversial Israeli cyber surveillance firm known for its Pegasus spyware. This appointment has raised significant concerns ...
2 months ago Therecord.media
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
1 year ago Pandasecurity.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)