It’s time to publish the first timeline of December, covering the main cyber attacks occurred in the first half of the same month. In this fortnight have collected a total of 57 events (plus two that occurred in November that I included in this timeline), the same number of the second timeline of November, which confirms a sustained level of activity.
The Christmas atmosphere did not stop megabreaches from happening: so Quora had the information of 100 million users compromised. Regardless of the Christmas atmosphere, I also wonder if the authors of the Business Email Compromise against Save the Children (costing $1 million) had a guilty conscience for the shameful action they did. But we know that the crime has no honor, so the chronicle also reports a Hollywood-style operation, thanks to DarkVishnya: a Cyber-criminal gang believed to have stolen tens of millions of dollars from at least eight banks in Eastern Europe, leaving malicious devices connected to their victims’ networks
Moving to cyber espionage, the most important event is probably the compromise of emails of top NRCC officials. Despite it occurred back in April, it was revealed just now. Even the Czech Republic was the target of a couple of state-sponsored activities carried out by Turla and APT 28, occurred in the past months, but revealed now.
But the timeline is unfortunately quite reach, and hence impossible to summarize, so I suggest you to browse it all to have an idea of the threat landscape, and also share it, to raise the awareness across the community. The timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 are also available, and do not forget the Cyber Attack Statistics, and follow @paulsparrows on Twitter for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
02/11/2018
?
ASI Computer Systems
ASI Computer Systems notifies some of their customers after discovering that usernames and passwords on a support web site had been hacked prior to December 2016.
Account Hijacking
J Information and communication
CC
US
ASI Computer Systems
2
2
29/11/2018
?
Mind & Motion
Mind & Motion notifies 16,000 after a ransomware attack.
Malware
Q Human health and social work activities
CC
US
Mind & Motion
3
3
01/12/2018
?
Targets in China
Over 100,000 computers in China are infected in just a few days by 'WeChat Ransom' since the ransom is payable via Tencent's WeChat payment service.
Malware
X Individual
CC
CN
WeChat Ransom, Tencent, WeChat
4
4
01/12/2018
?
Palermo Calcio
The Italian Football Team Palermo Calcio reveals to have suffered an intrusion with the consequent leak of fake news about the imminent sale of the team.
Unknown
S Other service activities
CC
IT
Palermo Calcio
5
5
03/12/2018
Turla and APT28 (Sofacy or Fancy Bear)
Czech Ministry of Foreign Affairs (MFA), Ministry of Defense, and the Army of the Czech Republic
The Czech Security Intelligence Service (BIS) that two Russian-linked cyber-espionage groups have hacked into the Czech Republic's government networks during 2016 and 2017.
Targeted Attack
O Public administration and defence, compulsory social security
CE
CZ
Turla, APT28, Sofacy, Fancy Bear, Czech Ministry of Foreign Affairs, MFA, Ministry of Defense, Army of the Czech Republic
6
6
03/12/2018
?
Quora
Quora announces that one of their systems was hacked on November 30, and has led to the exposure of approximately 100 million user's data to an unauthorized third-party.
Unknown
J Information and communication
CC
US
Quora
7
7
03/12/2018
Magecart
OppoSuits
Customers of Dutch clothing company OppoSuits are warned to monitor their credit card accounts after the firm discovers the Magecart malware planted on its website could have stolen the details of 7,000 customers.
Malicious Script Injection
G Wholesale and retail trade
CC
NL
OppoSuits, Magecart
8
8
03/12/2018
?
iOS Users
Apple removes two malicious iOS apps (Fitness Balance and Calories Tracker) that tricked users into approving TouchID payments via misleading popups.
Cancer Treatment Centers of America notifies almost 42,000 patients of possible access to their protected health information after a phishing attack occurred on May 2 and discovered on September 26.