It’s time to publish the second timeline of February (first one here). Despite this month had only 28 business days, the number of recorded events continues to grow: I have collected 70 events (plus 4 that slipped from the previous period).
So Gnosticplayers is on a roll and he published a third dump containing an additional trove of 92 million accounts. I don’t know why but my sixth sense is telling me that it won’t stop here.
I was also surprised that no cryptocurrency had been targeted so far, and here we go… EOS suffered a $7.7 million worth loss after one of the maintainers of the blacklist failed to update it.
Ransomware also continues to be pretty devastating: Wolverine Solutions Group (WSG) discovered a ransomware infection on September 25 last year (and disclosed it only today) with more than 700 companies and 1.2 million patients are affected.
Advanced actors are still quite active: APT28, Lazarus Group, APT-C-36, Windshift and Bronze Union, are just some examples that you will find in this timeline.
And while Italy remains the last frontier of hacktivism I encourage you to read the entire timeline and share it, to raise awareness and spread the verb of security throughout the community. And obviously don’t forget to follow @paulsparrows on Twitter for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
10/02/2019
Anonymous
Five domains belonging to the Italian Region of Veneto and Trentino
In name of Operation Green Rights (#OpGreenRights) the Italian branch of the Anonymous releases a dump of data stolen from several domains belonging to the Italian regions of Veneto and Trentino.
SQLi
O Public administration and defence, compulsory social security
H
IT
Anonymous, Veneto, #OpGreenRights, Trentino
2
2
12/02/2019
?
LandMark White
Up to 100,000 customers have personal information including property valuations, phone numbers and dates of birth leaked as part of the data breach at LandMark White.
Unknown
L Real estate activities
CC
AU
LandMark White
3
3
13/02/2019
?
British Army's "influence and outreach" Twitter account (@77th_Brigade).
An attacker takes control of the British Army's "influence and outreach" Twitter account (@77th_Brigade).
Account Hijacking
O Public administration and defence, compulsory social security
CC
UK
British Army, @77th_Brigade, Twitter
4
4
13/02/2019
Scarlet Widow
Single Individuals
Researchers from Agari reveal the details of a criminal group from Nigeria dubbed "Scarlet Widow" targeting their victims with romance scams.
Romance Scams
X Individual
CC
>1
Agari, Scarlet Widow, Nigeria
5
5
16/02/2019
?
Multiple Targets
Researchers from Avast reveal the details of Rietspoof, a new malware family, spread via Skype spam, which uses a multi-stage delivery system, designed to drop multiple payloads on the systems it infects.
Malware
X Individual
CC
>1
Avast, Rietspoof
6
6
16/02/2019
Anonymous
7 agricultural corporations/organizations across Italy
In name of Operation Green Rights (#OpGreenRights), the Italian Anonymous release a joint leak from 7 agricultural corporations/organizations across Italy.
SQLi
Y Multiple Industries
H
IT
Anonymous, #OpGreenRights
7
7
16/02/2019
Team I Crew
More than 200 Pakistani websites, including the Ministry of Foreign Affairs
Just days after the attack on CRPF convoy in Pulwama, more than 200 Pakistani websites, including the Ministry of Foreign Affairs, are reportedly defaced by an Indian hacker group - 'Team I Crew', as a sign of protest.
Defacement
O Public administration and defence, compulsory social security
CW
PK
CRPF, Pulwama, Ministry of Foreign Affairs, Team I Crew, India, Pakistan
8
8
17/02/2019
Gnosticplayers
Multiple Targets
Gnosticplayers releases and puts on sale a new trove of 92 million stolen accounts. Victims include: Pizap, Jobandtalent, Gfycat, Storybird, Legendas.tv, Onebip, Classpass, Streeteasy.
Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc.
Researchers from 360 Enterprise Security Group reveal the details of Blind Eagle, AKA APT-C-36 a threat actor allegedly coming from South America active against Colombian government institutions and other sectors via the Imminent RAT.
Targeted Attack
O Public administration and defence, compulsory social security
