Reduction of Microsoft business in the Russian Federation, elimination of a large botnet and other cybersecurity events

Reduction of Microsoft business in the Russian Federation, elimination of a large botnet and other cybersecurity events

Microsoft business downsizing in Russia, major botnet shutdown and other cybersecurity events

We've rounded up the week's most important cybersecurity news.

  • Microsoft announced the reduction of business in the Russian Federation until “until there is nothing left.” The company also presented a large report on the attacks of Russian hackers.
  • Pavel Durov assured that Telegram does not share user data with Google.
  • The ex-employee of Amazon stole the data of more than 100 million people.
  • li>

Microsoft presented a report on the attacks of Russian hackers since the beginning of the war and announced the reduction of business in the Russian Federation will remain.”

Earlier, users from the Russian Federation began to complain about the inability to download a number of products from the Microsoft website, including utilities for installing Windows 10 and 11.

In March, the company announced the suspension of new sales of products and the provision of services in the Russian Federation due to the latter's invasion of Ukraine. 

This week, Microsoft also released a report on cyberattacks by Russian hackers since the start of the war. Main conclusions:

  • Ukraine was able to successfully resist most attacks by Russian hackers. Microsoft recorded «many waves of cyberattacks» against 48 Ukrainian organizations and enterprises. Hackers tried to break into network domains by spreading malware.
  • One of the steps, as a result of which the processes of the Ukrainian authorities through the technological infrastructure practically did not affect the attacks, was that Ukraine quickly and successfully transferred data outside the country to data centers throughout Europe.
  • Russian hackers attack states that support Ukraine. Microsoft experts identified penetration attempts on the networks of 128 organizations in 42 countries. They were successful only in 29% of cases. The company also noted that Russian hackers can coordinate their actions with the Russian military.

Microsoft business downsizing in Russia, major botnet shutdown and other cybersecurity events

Data: Microsoft report.

  • Microsoft claims that the day before the start of the war, 19 Ukrainian government websites were attacked by FoxBlade malware. The company believes it was developed and launched by the same gang behind the 2017 NotPetya attack.

Former Amazon employee convicted of hacking Capital One and stealing data from over 100 million people

Former Amazon employee Paige Thompson used her Amazon Web Services account scanning tool to find misconfigured accounts . 

Then she hacked the accounts and stole the data of more than 30 organizations, including the bank Capital One. In addition, Thompson installed cryptocurrency mining software on compromised servers.

The Seattle District Court found her guilty, she could face up to 25 years in prison.

Durov said that Telegram does not share user data with Google

Telegram founder Pavel Durov commented on the concerns of users in connection with the use of Google speech recognition technology to translate voice messages into text when subscribing to Telegram Premium.

Some have worried that the feature threatens privacy. However, Durov announced an agreement between the messenger and Google, according to which the latter «cannot do anything with these impersonal sound data, except to generate text versions based on them and return them».

< strong>WordPress Sites Forced to Update Due to Exploited Vulnerability

WordPress sites using the Ninja Forms plugin were forced to update due to a critical vulnerability fix. She was discovered  Wordfence specialists.

Hackers could have exploited the vulnerability to take full control of the site.

The US authorities announced the elimination of the RSOCKS botnet

During an international operation, law enforcement officers eliminated the RSOCKS botnet. It is alleged to have been controlled by Russian hackers.

RSOCKS operators have compromised millions of devices around the world. They offered customers access to IP addresses assigned to hacked devices. The cost of access ranged from $30 per day for 2,000 proxies to $200 per day for 90,000 proxies.

The FBI started tracking RSOCKS back in 2017. Later, law enforcement officers from Germany, the Netherlands and the UK joined the operation to eliminate the botnet.

Also on ForkLog:

  • A hacker stole about $100 million during an attack on the Horizon cross-chain bridge of the Harmony protocol .
  • Unidentified persons attacked the DNS servers of Namecheap's DeFi projects.
  • Tether was hit by a massive DDoS attack.
  • Elliptic spoke about the use of Dogecoin by scammers and criminals.
  • An attacker attacked the DNS server of the Convex Finance project.

What to read on the weekend?

In the background of this week's questions to Telegram, we tell you what is wrong with the messenger and what are the alternatives for maintaining privacy.

How to protect the secrecy of correspondence: Top 5 private messengers