(C) Daily Kos
This story was originally published by Daily Kos and is unaltered.
. . . . . . . . . .



F'in' Crackers [1]

['This Content Is Not Subject To Review Daily Kos Staff Prior To Publication.']

Date: 2023-06-17

No, that’s not a pejorative for Caucasians. It’s a pejorative for cybercriminals.

I actually had plans for this weekend. I was going to try to tackle a new operating system on an unfamiliar device. Or maybe just relax in the 112 degree heat indexed air. And write an obit (more on that later).

But, thanks to some Russian ----s who call themselves “Clop,” I’m spending my day changing passwords. And you probably should, too.

Clop is a Russian cracking crew specializing in exploiting flaws in large-scale file transfer software. Until this month, they’d staged large third-party data lifts in 2020 and 2023.

Last week, the group used a flaw in the MOVEit Transfer software to hoover up payroll data from the BBC, British Airways and the University of Rochester. The vulnerability must not have been patched, because this week the group staged another cyberattack, using the same hole to infiltrate numerous government systems in the United States, including at least two entities in the Department of Energy.

But wait, as Ron Popeil would say, there’s more.

However, Clop has added another batch of victims that it claims to have compromised via the MOVEit vulnerability, including the Boston Globe, California-based East Western Bank, New York-based biotechnology company Enzo Biochem and Microsoft-owned AI firm Nuance. Lynn Granito, an agency spokesperson representing Enzo, told TechCrunch the company would not be commenting. None of the other newly listed companies have responded to TechCrunch’s questions. The Russia-linked ransomware group posted the first batch of impacted organizations – a list that includes U.S.-based financial services organizations 1st Source and First National Bankers Bank and U.K. energy giant Shell – just one day earlier.

Clop’s victims this week include Louisiana’s Office of Motor Vehicles, meaning that the eight million people in my state who have a drivers license or other state-issued ID have had their personal info sucked up (including SS #). Now millions of us are frantically freezing our credit accounts and changing passwords.

We Bayou State motorists are not likely the only non-governmental victims. Riam Kim-McLeod of Reliaquest has been posting updates on the attack. TechCrunch has a partial list of targets. Keep posted and consider upping your security whether you think you’re on a list or not.

This is why we can’t have nice internets.

Update: Thanks to BMScott for a link to a more comprehensive list of victims.

[END]
---
[1] Url: https://www.dailykos.com/stories/2023/6/17/2175999/-F-in-Crackers

Published and (C) by Daily Kos
Content appears here under this condition or license: Site content may be used for any purpose without permission unless otherwise specified.

via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/dailykos/

You are viewing proxied material from magical.fish. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.