1-15 August 2018 Cyber Attacks Timeline

I am trying to catch up with the delayed timelines, so I am happy to publish the first timeline of August, covering the main cyber attacks occurred in the first half of this month.

Well, it looks like the cyber criminals decided to take same days off, since the number of events collected in this fortnight is sensibly smaller than the second half of July (31 vs. 81).

And the winner is… Cosmos Bank, which had 944 million rupees ($13.5 million worth) stolen through simultaneous withdrawals across 28 countries. And if we move from fiat currency to cryptocurrency, the situation does not improve unfortunately. Well, technically the amount in Monero stolen to Livecoin is “only” equivalent to $ 1.8 million, however it might seem tiny compared to Cosmos Bank, but it’s always a decent amount of money. Nothing in comparison to the $240 million lost by an investor, Michael Terpin, who sued AT&T consequently. Livecoin wasn’t the only exchange targeted, even Altex Exchange suffered the loss of an undisclosed amount, probably for the same vulnerability.

Other Interesting events include the hack to Reddit (SMS-based authentication is not enough any longer), a massive attack to Instagram users, and I would also mention that ransomware has not mercy since it did not spare the computers of the Professional Golf Association.

But the list doesn’t end here! My advice is to read it all and realize the fragility of our identity inside the cyber space. And id you want, you may also have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 (regularly updated… Hopefully!). And do not forget the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and please notice that, starting from this month, it is possible to download the raw data directly from the tools above the table. You may always ask for the raw data, but please do not forget to include a short presentation and the purpose of the project. I am not supposed to accept requests without any details.


wdt_ID ID Date Author Target Description Attack Target Class Attack Class Country Link Tags
1 1 20/07/2018 ? MedSpring Urgent Care MedSpring Urgent Care notifies 13,000 patients after a phishing attack occurred on May 8. Account Hijacking Q Human health and social work activities CC US MedSpring Urgent Care
2 2 30/07/2018 ? Altex Exchange Altex Exchange acknowledges that a double-counting bug in Monero (XMR) cryptocurrency did result in a major undisclosed financial loss. Monero Vulnerability V Fintech CC N/A Altex Exchange, Monero, XMR, Crypto
3 3 01/08/2018 ? Reddit Reddit discloses a breach of its systems that compromised user data including some current email addresses and salted and hashed passwords from a 2007 database backup. The attacker gained access to several employee accounts via SMS intercept between June Account Hijacking J Information and communication CC US Reddit
4 4 01/08/2018 ? Companies and organizations associated with industrial production Kaspersky Lab ICS CERT identifies a new wave of phishing emails with malicious attachments targeting primarily companies and organizations associated with industrial production. The malware used in these attacks installs legitimate remote administration s Malware Y Multiple Industries CC >1 Kaspersky Lab, Teamviewer, RMS
5 5 01/08/2018 ? Amnesty International Amnesty International reveals to have been targeted by a campaign carried out via the surveillance malware developed by the Israel surveillance vendor, NSO Group. Targeted Attack U Activities of extraterritorial organizations and bodies CE N/A Amnesty International, NSO Group
6 6 01/08/2018 booloop recruitmilitary.com A user called booloop a publishes a database containing over 850,000 US military officers personal information. Unknown S Other service activities CC US booloop, recruitmilitary.com
7 7 01/08/2018 ? Hong Kong’s Department of Health Three Hong Kong’s Department of Health computers are hit by ransomware. Malware O Public administration and defence, compulsory social security CC HK Hong Kong’s Department of Health
8 8 02/08/2018 Gorgon Governmental organizations in the United Kingdom, Spain, Russia, and the United States. Researchers from Palo Alto Networks Unit 42 uncover Gorgon, a threat actor allegedly operating from Pakistan and targeting governmental organizations in the United Kingdom, Spain, Russia, and the United States leveraging spear phishing emails with Microso Targeted Attack O Public administration and defence, compulsory social security CE >1 Gorgon, Palo Alto Networks, Unit 42, CVE-2017-0199.
9 9 02/08/2018 RASPITE Entities in the US, Middle East, Europe, and East Asia Researchers from Dragos identify a new activity group targeting access operations in the electric utility sector, called RASPITE. Targeted Attack D Electricity gas steam and air conditioning supply CE >1 RASPITE, Dragos
10 10 02/08/2018 DarkCoder AKA @Th3Falcon Elbit Systems DarkCoder AKA @Th3Falcon leaks 10,000 credentials for users and administrators from Elbit Systems. SQLi C Manufacturing CC IL DarkCoder, @Th3Falcon, Elbit Systems
ID Date Author Target Description Attack Target Class Attack Class Country Link Tags

Leave a Reply

%d bloggers like this: