Last Updated on March 16, 2016

Despite my battle against CLUSIT about the origin of “their” data used to compile the statistics for the Italian Cyber Crime Report, it’s time to catch up and publish the first part of the statistics for the main cyber attacks of February.

The Cybercrime is the sector that offered the largest number of events. The list of the victims includes the University of Central Florida, the US Internal Revenue Service, the FBI, the Department of Homeland Security, and several Russian Banks particularly targeted by criminals. Moreover, a massive compromising of WordPress websites, and a brute force attack against 20 million Alibaba accounts complete the damage report.

Hacktivists were equally super active, especially against South Africa (and also other African countries) fallen under the blows of #OpAfrica.

Last but not least, Ukraine was hit by a new wave of attacks carried on through a new sample of the BlackEnergy malware family, while a local Israeli media revealed a long lastling cyber espionage campaign originating from Iran and targeting a total of 1,800 individuals, including a former chief of staff of the Israeli Army.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and, in a bit, 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Additionally, if you want, you can access the timeline in Google Sheet format: spreadsheets-32

IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountry
101/02/2016bRpsdfocusfeatures.combRpsd hacks focusfeatures.com and dumps 13,040 usernames and hashed passwords.UnknownIndustry: EntertainmentCCUS
203/02/2016?WordPress CMSA large number of websites that run on the WordPress content management system are hacked to deliver crypto ransomware and other malicious software to unwitting end users. WordPress VulnerabilitySingle IndividualsCC>1
303/02/2016?Magnolia Health CorporationMagnolia Health Corporation suffers a breach after an unknown perpetrator uses MHC CEO Kensett Moyle’s email address to request an Excel spreadsheet containing employee information.Account HijackingHealthcareCCUS
403/02/2016Blink Hacker GroupThai PrisonsThe Blink Hacker group, a known division of the Anonymous hacker collective, has leaked the databases of 100 websites belonging to Thai prisons.UnknownLaw EnforcementHTH
504/02/2016?University of Central FloridaThe University of Central Florida (UCF) admits that hackers broke into its systems and stole the personal details of more than 63,000 staff and students. The breach was discovered in early January. UnknownEducationCCUS
604/02/2016AnonymousRoosh VRoosh V, the controversial ‘neo-masculinist’, claims to have been doxxed by an online group associated with Anonymous.UnknownSingle IndividualHUS
704/02/2016?Several Russian BanksThe Cyber Crime Department of the Russian Interior Ministry reveals the details of an operation able to steal about 1.5 bln rubles ($19.8 mln) from several dozen Russian banks, during 2015 via compromised Visa and MasterCard international payment systems.UnknownFinanceCCRU
804/02/2016?mavic-mp3.comAn unknown hacker hacks mavic-mp3.com and dumps 26,934 usernames and passwords.UnknownIndustry: Cycling EquipmentCCIT
905/02/2016?Alibaba Group’s TaoBaoLocal media report that hackers in China have attempted to access over 20 million active accounts on Alibaba Group’s Taobao e-commerce website.Account HijackingIndustry: E-CommerceCCCN
1005/02/2016?Unknown RetailerA data breach at an unidentified online retailer force Tesco Bank to cancel some of its customers’ cards as a precaution. Users of cards from other companies are also likely to be affected.UnknownIndustry: RetailCCUK
1105/02/2016SonnySpooksepicbot.comSonnySpooks hacks epicbot.com and dumps 40,704 records with hashed passwords.SQLiOnline ServicesCCUS
1205/02/2016@0x1Taylorteksyndicate.com@0x1Taylor hacks teksyndicate.com and dumps more than 30,000 records with usernames and hashed passwords.SQLiOnline ServicesCCUS
1306/02/2016?LoanbasePopular international Bitcoin crowd-lending platform Loanbase suffers a security breach. Attackers are able to steal 20 BTC (8,000 USD worth).SQLiBitcoin ExchangeCCUS
1406/02/2016World Hacker TeamBroadband Systems Corporation (bsc.rw)Hacktivists kick off their #OpAfrica and breached the backend of the Broadband Systems CorporationAccount HijackingIndustry: SoftwareHRW
1506/02/2016Hanom1960Uganda’s Ministry of Finance (finance.go.ug)And #OpAfrica continues with the dump of the details of 220 government employees from Uganda’s Ministry of FinanceUnknownGovernmentHUG
1606/02/2016Team Pak Cyber AttackerIndian Revenue Service (IRS) irsofficersonline.gov.inPakistani Hackers deface the official web portal of the Indian Revenue Service (IRS).DefacementGovernmentINH
1707/02/2016Penis AKA @DotGovsDepartment of Homeland SecurityIn name of #FreePalestine, a hacker called Penis AKA @DotGovs dumps the data belonging to 9,000 DHS officials. The trove is allegedly obtained after compromising the email address of a DHS employee.Account HijackingGovernmentHUS
1808/02/2016Penis AKA @DotGovsFBIPenis AKA @DotGovs completes his job and dumps the data of 9,000 FBI Employees.Account HijackingLaw EnforcementHUS
1908/02/2016?EnergobankBloomberg reveals that hackers used malware to penetrate the defenses of Energobank, a Russian regional bank and move the ruble-dollar rate more than 15 percent in minutes, according to Group-IB, the Moscow-based cyber-security firm hired to investigate the attack. The “Metel” or “Corkow” malware was used to carry on the attack.Targeted AttackFinanceCCRU
2008/02/2016?Several Banks WorldwideKaspersky researchers reveal to have discovered and tracked a new variant of the Carbanak Trojan (Carbanak 2.0) with new features.Malware (Carbanak 2.0)FinanceCC>1
2108/02/2016CGMANRussian BanksKaspersky researchers shed some light on a new cyber-crime group, called GCMAN, targeting Russian banks.MalwareFinanceCCCY
2209/02/2016?US Internal Revenue ServiceThe US Internal Revenue Service is the target of an attack able to steal the electronic tax-return credentials for 101,000 social security numbers. The attack is performed using credentials stolen from an external source.Brute ForceGovernmentCCUS
2309/02/2016Iran’s Revolutionary GuardEx-Israeli Army Chief of StaffChannel 10 reveals that hackers affiliated to the Iran’s Revolutionary Guard breached the computers of 1,800 individuals including a former Israeli Army Chief of Staff. Targeted AttackSingle IndividualsCEIL
2409/02/2016?South Wales Fire and Rescue ServiceSouth Wales Fire and Rescue Service discloses a security breach relating to employees’ personal data.UnknownFire and RescueCCUK
2510/02/2016?SkypeMalvertising Campaigns achieve a new level, using Skype to distribute the Angler Exploit Kit, as discovered by F-Secure.MalvertisingSingle IndividualsCC>1
2610/02/2016Chilean HackersCONADI (for Corporación Nacional de Desarrollo Indígena) conadi.gob.clA group of Chilean hacktivists that goes by the name of Chilean Hackers break into the database of CONADI and steal the personal details of 304,189 Chilean citizens looking for state benefits from the country’s government.UnknownGovernmentHCL
2710/02/2016Hanom1960, Chilean Hackers, HazzardBolivian Army (ejercito.mil.bo)A group of hackers breach the official email servers belonging to the Bolivian Army, download emails, and dump some of the data online.Zimbra VulnerabilityMilitaryHBO
2810/02/2016?AlphaBayAn example of a phishing campaign against Criminals: an ongoing phishing campaign targets users of the AlphaBay Darknet black market.Account HijackingDarkNet Web MarketCCN/A
2911/02/2016?Ukrainian Mining Company and Railway OperatorResearchers from Trend Micro unveil further details on the attacks targeting Ukraine in December. Samples of the same BlackEnergy family have been used to target also a mining company and a railway operator in Ukraine.Targeted AttackIndustry: Mining Railway OperatorCWUA
3011/02/2016AnonymousV-Report (v-report.co.za)In name of #OpAfrica, the Anonymous hack V-Report, a local Job portal. They claim to have stolen the details of 33,000+ individuals, but only leak the details of 54 Government Employees.UnknownIndustry: Job SeekingHZA
3111/02/2016?digitalnintendo.comAn unknown hackers hacks digitalnintendo.com and dumps 23,000+ usernames and hashed passwords.UnknownOnline ServicesCCUS
3212/02/2016AnonymousSouth Africa Government Communications and Information Systems (GCIS)In name of #OpAfrica, the Anonymous dump names, phone numbers, email addresses and hashed passwords of more than 1,000 government employees.SQLiGovernmentHZA
3312/02/2016TobitowWebafricaIn name of #OpAfrica, Tobitow, a member of Team Hack Argentino and Anonymous Argentina, exploit a vulnerability in the Web hosting service of Webafrica and defaced 2,532 South African websites.DefacementIndustry: ISPHZA
3412/02/2016?British Association for Counselling and Psychotherapy BACP.co.ukThe first example of a ransomware targeting a website: the website of the British Association for Counselling and Psychotherapy is replaced with instructions on how to pay off the extortionists: $150 (£100) in Bitcoin.MalwareOrg: HealthCCUK
3512/02/2016@Smitt3nz AKA Rubberoursportscentral.com@Smitt3nz AKA Rubber hacks oursportscentral.com and dumps 12,8806 usernames and hashed passwords.SQLiOnline ServicesCCUS
3615/02/2016ROR[RG]Turkish National Police (EMG)A hacker known as ROR[RG] dump 17.8GB of information data from the Turkish National Police (EMG) servers. The leak allegedly happened two years ago.UnknownLaw EnforcementCCTR
3715/02/2016?Bitcoin AccountsA research reveals that hackers have siphoned about $103,000 out of Bitcoin accounts that were protected with an alternative security measure called “brain wallets” in which funds are stored in users’ minds through memorization of a password rather than a 64-character private key. Brute ForceCryptocoin ExchangeCC>1
3815/02/2016?Wajam Browser Add-OnResearchers from Malwarebytes identify a new malvertising campaign using the Wajam Browser Add-on.MalvertisingSingle IndividualsCC>1
3915/02/2016af,Ringo Starr’s Twitter AccountAn unknown hacker under the name “af,” hijacks the Twitter account of the ex Beatles’ drummer Ringo Starr Account HijackingSingle IndividualCCUK
4015/02/2016World Hacker TeamSouth Africa’s Department of Water Affairs (DWA)In name of #OpAfrica and #OpMonsanto hackers from World Hacker Team hack the South Africa’s Department of Water Affairs (DWA) and leak the data of 5,800 government employees.UnknownGovernmentHZA
4115/02/2016World Hacker TeamTanzania Telecommunications Company LimitedHackers from World Hacker Team hack Tanzania Telecommunications Company Limited, a state-owned company that provides fixed basic telephone services and dump the details of around 2,000 employees. UnknownIndustry: TelcoHTZ
4215/02/2016New World Hackers (NWH)Xbox LiveThe New World Hackers crew takes down the Xbox Live ServiceDDoSIndustry: SoftwareCCUS

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.