Last Updated on March 20, 2019

It’s time to publish the second timeline of February (first one here). Despite this month had only 28 business days, the number of recorded events continues to grow: I have collected 70 events (plus 4 that slipped from the previous period).

So Gnosticplayers is on a roll and he published a third dump containing an additional trove of 92 million accounts. I don’t know why but my sixth sense is telling me that it won’t stop here.

I was also surprised that no cryptocurrency had been targeted so far, and here we go… EOS suffered a $7.7 million worth loss after one of the maintainers of the blacklist failed to update it.

Ransomware also continues to be pretty devastating: Wolverine Solutions Group (WSG) discovered a ransomware infection on September 25 last year (and disclosed it only today) with more than 700 companies and 1.2 million patients are affected.

Advanced actors are still quite active: APT28, Lazarus Group, APT-C-36, Windshift and Bronze Union, are just some examples that you will find in this timeline.

And while Italy remains the last frontier of hacktivism I encourage you to read the entire timeline and share it, to raise awareness and spread the verb of security throughout the community. And obviously don’t forget to follow @paulsparrows on Twitter for the latest updates.

wdt_IDIDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags
1110/02/2019AnonymousFive domains belonging to the Italian Region of Veneto and TrentinoIn name of Operation Green Rights (#OpGreenRights) the Italian branch of the Anonymous releases a dump of data stolen from several domains belonging to the Italian regions of Veneto and Trentino.SQLiO Public administration and defence, compulsory social securityHITAnonymous, Veneto, #OpGreenRights, Trentino
2212/02/2019?LandMark WhiteUp to 100,000 customers have personal information including property valuations, phone numbers and dates of birth leaked as part of the data breach at LandMark White.UnknownL Real estate activitiesCCAULandMark White
3313/02/2019?British Army's "influence and outreach" Twitter account (@77th_Brigade).An attacker takes control of the British Army's "influence and outreach" Twitter account (@77th_Brigade).Account HijackingO Public administration and defence, compulsory social securityCCUKBritish Army, @77th_Brigade, Twitter
4413/02/2019Scarlet WidowSingle IndividualsResearchers from Agari reveal the details of a criminal group from Nigeria dubbed "Scarlet Widow" targeting their victims with romance scams.Romance ScamsX IndividualCC>1Agari, Scarlet Widow, Nigeria
5516/02/2019?Multiple TargetsResearchers from Avast reveal the details of Rietspoof, a new malware family, spread via Skype spam, which uses a multi-stage delivery system, designed to drop multiple payloads on the systems it infects.MalwareX IndividualCC>1Avast, Rietspoof
6616/02/2019Anonymous7 agricultural corporations/organizations across ItalyIn name of Operation Green Rights (#OpGreenRights), the Italian Anonymous release a joint leak from 7 agricultural corporations/organizations across Italy.SQLiY Multiple IndustriesHITAnonymous, #OpGreenRights
7716/02/2019Team I CrewMore than 200 Pakistani websites, including the Ministry of Foreign AffairsJust days after the attack on CRPF convoy in Pulwama, more than 200 Pakistani websites, including the Ministry of Foreign Affairs, are reportedly defaced by an Indian hacker group - 'Team I Crew', as a sign of protest.DefacementO Public administration and defence, compulsory social securityCWPKCRPF, Pulwama, Ministry of Foreign Affairs, Team I Crew, India, Pakistan
8817/02/2019GnosticplayersMultiple TargetsGnosticplayers releases and puts on sale a new trove of 92 million stolen accounts. Victims include: Pizap, Jobandtalent, Gfycat, Storybird,, Onebip, Classpass, Streeteasy.UnknownY Multiple IndustriesCC>1Gnosticplayers, Pizap, Jobandtalent, Gfycat, Storybird,, Onebip, Classpass, Streeteasy
9918/02/2019Blind Eagle, AKA APT-C-36Colombian government institutions as well as important corporations in financial sector, petroleum industry, professional manufacturing, etc.Researchers from 360 Enterprise Security Group reveal the details of Blind Eagle, AKA APT-C-36 a threat actor allegedly coming from South America active against Colombian government institutions and other sectors via the Imminent RAT.Targeted AttackO Public administration and defence, compulsory social securityCECO360 Enterprise Security Group, Blind Eagle, APT-C-36, Imminent
101018/02/2019?Users of the popular Torrent uploader CracksNowThe Popular Torrent uploader CracksNow is caught distributing GandCrab ransomware.MalwareX IndividualCC>1Torrent, CracksNow, GandCrab, ransomware
IDDateAuthorTargetDescriptionAttackTarget ClassAttack ClassCountryLinkTags

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.