Ukraine Police Pull Double-Duty as RAT Catchers
Police in Ukraine arrested an as yet unnamed 42-year-old man in connection with the long-running DarkComet remote access trojan (RAT). Once installed, the RAT can be used to spy on a compromised computer, logging keystrokes, taking screenshots, stealing passwords, installing additional malware, and more.
The man is charged with infecting 2,000 users across 50 countries. According to ZDNet, the man likely used a residential ISP to host the DarkComet command-and-control server on a home computer, making him easier to apprehend.
3 Arrested for Ripping Off Retailers
Three men alleged to be high-ranking members of the FIN7 international hacking group have been arrested and charged with stealing millions of consumer credit and debit card numbers. The group targeted more than 100 retailers, focusing on companies in the restaurant, gaming, and hospitality industries.
To steal the credit card numbers, the criminals breached the companies using malware delivered through phishing and other social engineering attacks. In addition to sending phishing emails with malware-laden attachments, the group would call employees on the phone and encourage them to open the attachments, according to Jay Tabb, head of the FBI’s Seattle field office.
SIM-Swappers Stole $14 Million in Cryptocurrency
In September, two men were arrested on suspicion of stealing $14 million from a California-based cryptocurrency company. The hack is thought to have been accomplished through using a SIM swap attack to take control of an employee’s phone, then using the stolen identity to access and divert the cryptocurrency.
US Secret Service agents were able to track the stolen cellphone account to a hotel room in Oklahoma City, Okla., where they arrested Fletcher Robert Childers, 23, and Joseph Harris, 21. According to court documents, the suspect had been sending “taunting emails” to the company and laundering the cryptocurrency through a variety of exchanges.
Hotel Hacker Arrested for Selling Stolen Data
Shanghai police arrested a man in September for attempting to sell customer data stolen from a large China-based hotel chain. The data, offered for sale on the dark web in August, consisted of over 500 million records, including login credentials, credit card details, and other personally identifiable information (PII).
The hotel chain said that the hacker had failed to sell the data. According to ZDNet, the attacker also “attempted to blackmail the hotel into paying for its own data by leveraging public pressure surrounding the public disclosure of the hack.”