Major Dark Web Marketplaces Brought Down by Joint Law Enforcement Efforts
A coordinated International operation was confirmed to be behind the disappearance of two major dark web marketplaces. Last week the confirmation – AlphaBay and HANSA have been seized after a cooperative effort by Europol, FBI, DEA and the Dutch National Police.
Europol states that both criminal markets were “responsible for the trading of over 350,000 illicit commodities including drugs, firearms and cybercrime malware.“
Interestingly, the authorities first seized AlphaBay but also took over the HANSA market. That way they forced a “cybercrime exodus” from AlphaBay towards HANSA. Then they proceeded to monitor illegal activities for over a month – until the recent bust.
AlphaBay operator, Alexandre Cazes, was discovered thanks to a rookie mistake – he used his personal email address to send welcome messages. Upon arrest, Cazes committed suicide in jail.
Microsoft’s Office 365 Revenue Overtakes On-Premise Sales
According to their quarterly revenue report, Microsoft has reached a turning point with its cloud Office 365 offerings sales passing traditional on-premise licensing for the first time in the company’s history.
With a 13% YoY growth in revenue, the tech giant saw its quarterly revenue up to $23.3 billion. The huge growth is mainly due to a 43% YoY growth of Office 365 sales which is now bringing in more money than traditional on-premise Office license sales.
$32 Million Worth of Ethereum Stolen in 3rd Heist in 20 Days
Unidentified hackers managed to steal almost $32 million worth of Ethereum, the second most notable and increasingly valuable cryptocurrency after Bitcoin.
At least three company accounts have been hacked (Swarm City, æternity blockchain and Edgeless Casino), resulting in a drainage of their funds to hackers’ wallets.
The heist comes as a third in a row in only 20 days, after $7.4 million worth of Ether were stolen from CoinDash and more than $1 million from South Korean crypto-exchange Bithumb, earlier this month.
Upon the first attacks last Tuesday, coding company Parity warned of a critical vulnerability in their Ethereum Wallet software urging its users to immediately transfer their Ether from in-browser wallets to more secure accounts.
In the meantime, a white hat hacker group drained $75 million of Ether using the same vulnerability. They placed the crypto-assets into a rescue fund, to protect it until the risk is fully mitigated.
G Suite Will Warn Users of Potential Phishing
Google’s latest security updates will make it easier for G-Suite and Apps Script user to detect dangerous web app activities.
Although the company didn’t confirm it, it’s supposedly a response to the recent Docs email phishing scam that affected millions of users back in May. To further improve their security, G Suite users will now see an updated security prompt for unverified web apps and Apps Scripts. The warning will be displayed prior to the app’s request for permission to access user data.
Even though these updates are designed for new applications, Google said it plans to extend them to existing apps as well. For that matter, it encourages developers to verify their contact info is up-to date.
Google G-Suite Blog, Cloud Pro
Microsoft vs “Fancy Bear” Hacking Group – The Clever Win
The hacking group Fancy Bear, a.k.a. APT28, Sofacy, Sednit, and Pawn Storm, was cleverly beaten in court by the tech giant. The group has been active since 2007 and has been linked with hacking the Democratic National Committee (DNC) and Clinton Campaign.
In order to fight the hackers that leveraged Microsoft look-alike domains for cyber criminal activities, Microsoft has taken a different approach. The company hijacked some of Fancy Bear’s servers with the help of law.
It did not gain full ownership (yet), but it managed to get a court order to domain registrars to redirect the DNS of at least 70 Fancy Bear-owned domains to Microsoft-controlled servers.