1-15 July 2019 Cyber Attacks Timeline

Welcome to this new timeline covering the main cyber attacks occurred in the first fortnight of July, where I have collected a total of 64 events.

Once again a reach timeline unfortunately, and I really do not know where to start from… Maybe from ransomware, where the list of the victims continues to grow.

In fact ransomware is the real plague of this 2019: just the time to celebrate the shutdown of the GandCrab operations, and here we are with new attacks against US municipalities. In this fortnight it has happened to Georgia Court System, La Porte County, Gila County, Onondaga County Library, and also some school like Syracuse City School, Northwest Indian College. But the US Municipalities were not the only victims, even the Chilean Ministry of Agricolture had the same destiny.

Of course the list of the events related to Cyber Crime, is quite long as usual, but should I mention some events in particular, I would undoubtedly quote the attack against the Bitpoint cryptocurrency exchange, about 3.5 billion yen ($32 million) worth stolen in cryptocurrency, and the attack against MyDashWallet.org.

And obviously the campaign of the Silence group against Banks in India, Sri Lanka, and Kyrgyzstan. There are also some interesting events in terms of Cyber Espionage (APT32, APT33 and Turla), but I would say at this point that the summary ends here, so you have no choice than to browse the timeline. Of course, feel free to share it and spread the verb of security awareness throughout the community.

Most importantly, do not forget to follow @paulsparrows on Twitter for the latest updates.

wdt_ID ID Date Author Target Description Attack Target Class Attack Class Country Link Tags
1 1 01/07/2019 ? Single Individuals Security researchers from Netlab discover Godlua, the first ever malware abusing the DNS over HTTPS (DoH) protocol. Malware X Individual CC >1 Godlua, Netlab, DoH
2 2 01/07/2019 ? Targets in Libya Facebook shuts down more than 30 accounts associated with 'Operation Tripoli' an ongoing campaign discovered by Check Point researchers, found to be spreading Remote Access Trojans (RATs) through malicious links. Targeted Attack X Individual CE LY Facebook, Operation Tripoli, Check Point
3 3 01/07/2019 ? Georgia Court System The Georgia Court System is hit by a ransomware attack. The attackers demand around $2 million in Bitcoin to restore access. Malware O Public administration and defence, compulsory social security CC US Georgia Court System, System
4 4 01/07/2019 ? US Virgin Islands Water and Power Authority The Water and Power Authority of the US Virgin Islands is the victim of a Business Email Compromise scam, costing $2.3 million. Account Hijacking E Water supply, sewerage waste management, and remediation activities CC US US Virgin Islands Water and Power Authority
5 5 01/07/2019 ? Linux Servers A new form of malware, called Golang, is spotted in the wild by cybersecurity companies which say the code's main focus is the fraudulent mining of the Monero (XMR) cryptocurrency. Malware Y Multiple Industries CC >1 Golang, Monero, Crypto
6 6 01/07/2019 ? Chilean Ministry of Agriculture The Chilean Ministry of Agriculture is hit by the DoppelPaymer ransomware. Malware O Public administration and defence, compulsory social security CC CL Chilean Ministry of Agriculture, DoppelPaymer, Ransomware
7 7 01/07/2019 ? Single Individuals An extortion scam is being distributed that claims a Remote Access Trojan, or RAT, was installed on the victim's computer via EternalBlue. Spam X Individual CC >1 Remote Access Trojan, RAT, EternalBlue
8 8 01/07/2019 ? Android Users Researchers from AVAST discover WannaHydra, a new version of WannaLocker, enhanced with spyware, remote access trojan and banking trojan capabilities. Malware X Individual CC >1 AVAST, WannaHydra, WannaLocker
9 9 01/07/2019 OceanLotus (aka APT32, CobaltKitty) Multiple Targets Researchers from Cylance detect a new wave of attacks carried out by the OceanLotus APT group, involving the new Ratsnif Trojan. Targeted Attack Y Multiple Industries CE >1 OceanLotus, APT32, CobaltKitty, Cylance, Ratsnif
10 10 02/07/2019 TA505 Bank and financial services employees in the US, the United Arab Emirates and Singapore Researchers from ProofPoint discover a new campaign carried out by TA505 targeting bank and financial services employees in the US, the United Arab Emirates and Singapore. Targeted Attack K Financial and insurance activities CC >1 ProofPoint, TA505, US, United Arab Emirates, Singapore
ID Date Author Target Description Attack Target Class Attack Class Country Link Tags

2 thoughts on “1-15 July 2019 Cyber Attacks Timeline

  • August 14, 2019 at 7:05 pm

    Looks like the table is from back end of June

    • August 14, 2019 at 7:56 pm

      Looks like you are right and I posted the wrong article. I fixed it. Apologies for any inconvenience.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: