1-15 May 2019 Cyber Attacks Timeline

After the statistics of April, and the ones of the first quarter of this troubled 2019, it’s time to publish the first timeline of May, covering the main cyber events occurred between May 1st and 15th. In this timeline I have collected a total of 73 events (including 4, that took place in April), so despite the average level remains high, the trend is slightly decreasing compared to the previous two timelines.

Let me say that this period of the year is characterized by the Magecart attacks that are now targeting every possible platform, and continue to add high-profile organizations to the unwelcome list of their victims (for example the Forbes Magazine subscription website).

Mega hacks to crypto startups are also back (let’s hope it’s just an isolated occurrence and not the beginning of a new crime spree). Unfortunately this time the criminals have decided to hit Binance and stole more than 7,000 BTC (41 million bucks worth at the time the incident occurred).

And while the identity of 275 million citizens has been compromised thanks to a misconfigured MongoDB immediately exploited by an attacker, ransomware attacks continue to spread: the city of Baltimore, the global information services firm Wolters Kluwer, and the Austrian construction company Porr are just some examples of the victims of this threat that is becoming more and more targeted.

The Cyber Espionage landscape continues to be quite active, while hacktivism seems limited mainly to Italy.

But as usual the timeline is too long to be summarized in a few lines, so feel free to spend some time to browse it, share it, and spread the verb of security awareness throughout the community (and do not forget to follow @paulsparrows on Twitter for the latest updates.

wdt_ID ID Date Author Target Description Attack Target Class Attack Class Country Link Tags
1 1 04/04/2019 ? Sylvan Union School District The Sylvan Union School District is hit by a ransomware attack whose remediation costs exceed $1 million. Malware P Education CC US Sylvan Union School District, ransomware
2 2 04/04/2019 ? Training School of the First Scout Ranger Regiment Emerging reports claim that the website of the training school of the First Scout Ranger Regiment, one of the Philippine Army’s (PA) elite units, was hacked last year. Unknown O Public administration and defence, compulsory social security CC PH Training School of the First Scout Ranger Regiment
3 3 22/04/2019 ? Potter County Potter County is hit by Ransomware. Malware O Public administration and defence, compulsory social security CC US Potter County, ransomware.
4 4 23/04/2019 ? Vulnerable Revive Adserver Installs Revive Adserver patches two vulnerabilities, one of which may have been used to distribute malware to third-party websites. Revive Adserver Vulnerability M Professional scientific and technical activities CC >1 Revive Adserver
5 5 01/05/2019 ? Telangana State Southern Power Distribution Company Ltd (TSSPDCL) The websites of Telangana State Southern Power Distribution Company Ltd (TSSPDCL) and its AP counterpart were hacked a couple of days ago, disrupting web services, including online payments. Malware D Electricity gas steam and air conditioning supply CC IN Telangana State Southern Power Distribution Company Ltd TSSPDCL, ransomware
6 6 01/05/2019 ? 57 payment gateways all over the world Sanguine Security researcher Willem de Groot discovers a novel Magecart skimmer with support for 57 payment gateways, ranging from the highly popular Stripe to local processors from Germany, Australia, Brazil, US, UK and others. Malicious Script Injection Y Multiple Industries CC >1 Sanguine Security, Willem de Groot, Magecart, Stripe
7 7 01/05/2019 ? Augustana College Augustana College is the victim of a ransomware attack. Malware P Education CC US Augustana College
8 8 01/05/2019 ? Tertiary Education Subsidy (TES) applicants Officials reveal that the Tertiary Education Subsidy (TES) applicants database, containing the private data of 1,130,899 applicants was accessed by unknown intruders on March 16. Unknown P Education CC PH Tertiary Education Subsidy, TES
9 9 02/05/2019 ? Porr Austrian construction company Porr detects a cyber attack on its communication infrastructure and its telephone lines and emails are disrupted. Malware M Professional scientific and technical activities CC AT Porr, ransomware
10 10 02/05/2019 ? GitHub, GitLab, and Bitbucket users Attackers are targeting GitHub, GitLab, and Bitbucket users, wiping code and commits from multiple repositories, and leaving behind only a ransom note and a lot of questions. Account Hijacking X Individual CC >1 GitHub, GitLab, Bitbucket
ID Date Author Target Description Attack Target Class Attack Class Country Link Tags

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: