I am trying to catch up with the delayed timelines, so I am happy to publish the first timeline of August, covering the main cyber attacks occurred in the first half of this month.
Well, it looks like the cyber criminals decided to take same days off, since the number of events collected in this fortnight is sensibly smaller than the second half of July (31 vs. 81).
And the winner is… Cosmos Bank, which had 944 million rupees ($13.5 million worth) stolen through simultaneous withdrawals across 28 countries. And if we move from fiat currency to cryptocurrency, the situation does not improve unfortunately. Well, technically the amount in Monero stolen to Livecoin is “only” equivalent to $ 1.8 million, however it might seem tiny compared to Cosmos Bank, but it’s always a decent amount of money. Nothing in comparison to the $240 million lost by an investor, Michael Terpin, who sued AT&T consequently. Livecoin wasn’t the only exchange targeted, even Altex Exchange suffered the loss of an undisclosed amount, probably for the same vulnerability.
Other Interesting events include the hack to Reddit (SMS-based authentication is not enough any longer), a massive attack to Instagram users, and I would also mention that ransomware has not mercy since it did not spare the computers of the Professional Golf Association.
But the list doesn’t end here! My advice is to read it all and realize the fragility of our identity inside the cyber space. And id you want, you may also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 (regularly updated… Hopefully!). And do not forget the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.
Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and please notice that, starting from this month, it is possible to download the raw data directly from the tools above the table. You may always ask for the raw data, but please do not forget to include a short presentation and the purpose of the project. I am not supposed to accept requests without any details.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
20/07/2018
?
MedSpring Urgent Care
MedSpring Urgent Care notifies 13,000 patients after a phishing attack occurred on May 8.
Account Hijacking
Q Human health and social work activities
CC
US
MedSpring Urgent Care
2
2
30/07/2018
?
Altex Exchange
Altex Exchange acknowledges that a double-counting bug in Monero (XMR) cryptocurrency did result in a major undisclosed financial loss.
Monero Vulnerability
V Fintech
CC
N/A
Altex Exchange, Monero, XMR, Crypto
3
3
01/08/2018
?
Reddit
Reddit discloses a breach of its systems that compromised user data including some current email addresses and salted and hashed passwords from a 2007 database backup. The attacker gained access to several employee accounts via SMS intercept between June
Account Hijacking
J Information and communication
CC
US
Reddit
4
4
01/08/2018
?
Companies and organizations associated with industrial production
Kaspersky Lab ICS CERT identifies a new wave of phishing emails with malicious attachments targeting primarily companies and organizations associated with industrial production. The malware used in these attacks installs legitimate remote administration s
Malware
Y Multiple Industries
CC
>1
Kaspersky Lab, Teamviewer, RMS
5
5
01/08/2018
?
Amnesty International
Amnesty International reveals to have been targeted by a campaign carried out via the surveillance malware developed by the Israel surveillance vendor, NSO Group.
Targeted Attack
U Activities of extraterritorial organizations and bodies
CE
N/A
Amnesty International, NSO Group
6
6
01/08/2018
booloop
recruitmilitary.com
A user called booloop a publishes a database containing over 850,000 US military officers personal information.
Unknown
S Other service activities
CC
US
booloop, recruitmilitary.com
7
7
01/08/2018
?
Hong Kong’s Department of Health
Three Hong Kong’s Department of Health computers are hit by ransomware.
Malware
O Public administration and defence, compulsory social security
CC
HK
Hong Kong’s Department of Health
8
8
02/08/2018
Gorgon
Governmental organizations in the United Kingdom, Spain, Russia, and the United States.
Researchers from Palo Alto Networks Unit 42 uncover Gorgon, a threat actor allegedly operating from Pakistan and targeting governmental organizations in the United Kingdom, Spain, Russia, and the United States leveraging spear phishing emails with Microso
Targeted Attack
O Public administration and defence, compulsory social security
CE
>1
Gorgon, Palo Alto Networks, Unit 42, CVE-2017-0199.
9
9
02/08/2018
RASPITE
Entities in the US, Middle East, Europe, and East Asia
Researchers from Dragos identify a new activity group targeting access operations in the electric utility sector, called RASPITE.
Targeted Attack
D Electricity gas steam and air conditioning supply
CE
>1
RASPITE, Dragos
10
10
02/08/2018
DarkCoder AKA @Th3Falcon
Elbit Systems
DarkCoder AKA @Th3Falcon leaks 10,000 credentials for users and administrators from Elbit Systems.
