1-15 October 2016 Cyber Attacks Timeline

It’s time to publish the first timeline of October, covering the main cyber attacks occurred between 1 and 15 October 2016.

So the good news is that the decreasing trend is confirmed since these first two weeks have shown the lowest number of cyber attacks collected so far in this 2016 (“only” 23). But unfortunately decreasing trend does not necessarily mean decreasing number of records: Modern Business Systems suffered a breach involving 58 million customer records, whereas in case of Evony Gaming the compromised records have been “only” 33 million.

And if you were waiting for more confirmations on the role of cyber security in the US presidential elections, you won’t be disappointed… The Clinton Foundation has suffered yet another leak by Guccifer 2.0 and a possible targeted campaign against its donors, in the same time Clinton campaign chairman John Podesta’s Twitter account has been hacked, posting an improbable pro-Trump tweet. In any case also Republican donors have fallen victim of an online credit card skimming campaign (oh well, they were in good company as it is believed that 5900 organizations worldwide have been targeted by the same attackers).

Last but not least, the chronicles report another attack against SWIFT (whose outcome is uncertain), and a “disruptive” attack against an unnamed German nuclear plant occurred two or three years ago. In all cases there are plenty of things to be concerned about.

As usual, if you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/10/2016North KoreaSouth KoreaThe South Korean government admits that its cyber military command was hacked last month by injecting malicious codes into one of its main routing servers.MalwareGovernmentCEKR
201/10/2016?University of Central FloridaA malware infection is to blame for a payment card data breach affecting at least 230 University of Central Florida students.MalwareEducationCCUS
302/10/2016Peace AKA Peace_Of_Mindw0rmIn what is defined a "hacker drama", Peace, of the most known BlackHats defaces the forum of w0rm, another well known blackhat.DefacementForumCCN/A
403/10/2016?Bohri Muslims around the globeA website named ‘Bohrileaks’ releases the Ashara attendance records of Bohri Muslims around the globe—including names, cell phones numbersUnknownSingle IndividualsCCIN
504/10/2016Russian intelligence or pro-government hackersstore.nrsc.govSuspected Russian hackers are believed to have been skimming credit card information of Republican donors for the past six months. The NRSC is among more than 5,900 e-commerce sites victims of the same attack.MalwareOrg: Political PartyCCUS
604/10/2016Guccifer 2.0The Clinton FoundationGuccifer 2.0 posts what the hacker claims are files stolen from the Clinton Foundation, but the foundation says the assertions are not true.UnknownOrg: Non-ProfitCCUS
705/10/2016OurMineBuzzFeedOurMine hackers take control of BuzzFeed's website and alter multiple stories published on its site.Account HijackingIndustry: Internet MediaCCUS
805/10/2016?SpotifyMultiple users report that popular music-streaming service Spotify serves malware-laden ads.MalvertisingIndustry: Music StreamingCCSE
906/10/2016?The Clinton FoundationThe Clinton Foundation warns donors about targeted hacking attempts to steal their personal information.Account HijackingOrg: Non-ProfitCCUS
1006/10/2016?Hundreds of E-Commerce SitesRiskIQ and ClearSky reveal that Popular ecommerce sites have been infected with web-based keyloggers being used to steal credit card data as it’s entered into online checkout forms. More than 100 compromised sites have been identified, but the number could be in the thousands.MalwareIndustry: E-CommerceCC>1
1106/10/2016?Pont3Pont3, an Australian event organizer, reveals that an unauthorized party had gained access to its mailing list account and downloaded data about individuals that subscribed to various events organized by the company in the past.Account HijackingIndustry: Event OrganizationCCAU
1210/10/2016?Unnamed German Nuclear Power PlantAccording to the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant became the target of a disruptive cyber attack two to three years ago.Targeted AttackNuclear PlantCCDE
1310/10/2016?University of Toyama’s Hydrogen Isotope Research CenterResearch data and personal information may have been stolen from a personal computer belonging to a researcher of Tritium, at the University of Toyama’s Hydrogen Isotope Research Center. Attackers stole data in three batches: December 2015, March 2016 and June 2016.Targeted AttackEducationCEJP
1412/10//2016Russian intelligence or pro-government hackersSeveral Russian activists and independent journalistsSeveral Russian activists and independent journalists have reportedly received warnings notifying them that "government-backed" hackers may be attempting to illegally access their email inboxes.Account HijackingSingle IndividualsCERU
1512/10//2016?SWIFTSymantec reveals that a second group of hackers are attempting to rob banks by targeting SWIFT users deploying the same methods that led to the Bangladesh Bank hacking heist. The tools used are linked to the Odinaff group, which since the beginning of the year, has targeted financial institutions worldwide.MalwareFinanceCCN/A
1612/10//2016?Blockchain.info Blockchain.comThe DNS server records for blockchain.info and blockchain.com are hijackedDNS HijackingBitcoin WalletCCLU
1713/10/20160x2TaylorModern Business Systems (MBS)Over 58 million customer records are stolen and leaked online. Data includes names, email and postal addresses, phone numbers, IP addresses and more.UnknownIndustry: Data AggregatorCCUS
1813/10/2016?John Podesta's Twitter AccountClinton campaign chairman John Podesta's Twitter account is hacked and sends out a pro-Trump tweet. Several screenshots also suggest that his phone could have been hacked.Account HijackingSingle IndividualsCCUS
1913/10/2016?Vera BradleyAmerican high-end fashion retailer Vera Bradley has revealed that hackers may have accessed customers' card data from payment processing systems at its retail stores this summer.PoS MalwareIndustry: FashionCCUS
2013/10/2016?Potter CountyPotter County officials assure users that their voter information website is safe after learning that hackers gained access to it.UnknownGovernmentCCUS
2113/10/2016The Dark Overlord?Peachthree Orthopedic ClinicPeachthree Orthopedic Clinic warns its users to have been hacked on September 22, even if several evidences suggest the hack could have happened several months earlier.UnknownHealthcareCCUS
2214/10/2016?Evony GamingLeakedSource reveals that Evony Gaming suffered a massive breach involving the usernames, email addresses, unsalted MD5 and SHA-1 passwords and IP addresses of 33 million gamers.UnknownIndustry: Video GamesCCUS
2314/10/2016?Noble House Hotels and ResortsNoble House Hotels and Resorts notifies guests of payment card breaches at Teton Mountain Lodge & Spa and Hotel Terra. The breached happened on September 5 and September 6.PoS MalwareIndustry: Hotel and HospitalityCCUS

Leave a Reply

%d bloggers like this: