Skip Navigation

ITMG Insider Threat Cases – July 20, 2020

Hackers Convinced Twitter Employee to Help Them Hijack Accounts

After a wave of account takeovers, screenshots of an internal Twitter user administration tool are being shared in the hacking underground. A Twitter insider was responsible for a wave of high profile account takeovers on Wednesday, according to leaked screenshots obtained by Motherboard and two sources who took over accounts. On Wednesday, a spike of high profile accounts including those of Joe Biden, Elon Musk, Bill Gates, Barack Obama, Uber, and Apple tweeted cryptocurrency scams in an apparent hack. “We used a rep that literally done all the work for us,” one of the sources told Motherboard. The second source added they paid the Twitter insider. Motherboard granted the sources anonymity to speak candidly about a security incident. A Twitter spokesperson told Motherboard that the company is still investigating whether the employee hijacked the accounts themselves or gave hackers access to the tool.

Twitter Hack is a Reminder of The Dangers of Unfettered Employee Access

Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools. The hacking incident — which promoted a cryptocurrency scam and victimized the accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos, Apple, Uber and more — also raises concerns that a future attack could have even more serious ramifications, and perhaps even cause a national security scare, as social media evolves into a core component of U.S. communications infrastructure.

Second IT Contractor Charged Over Landmark White Data Breach

A second IT contractor has been charged in relation to two data breach incidents that wiped $50 million from the property valuation company formerly known as LandMark White last year. Detectives from the cybercrime squad arrested a 39-year-old Arncliffe man on Friday as part of an ongoing investigation into the alleged breaches against the company now known as Acumentis. The man, who is a software contractor, has been charged with unauthorised impairment of electronic communication, which carries a maximum sentence of 10 years imprisonment.

Sky Betting IT boss carried out £220,000 fraud in laptops scam at the company’s office in Leeds

The head of IT at Sky Betting in Leeds carried out a fraud worth almost a quarter of a million pounds by selling company laptops on eBay. Matt Richmond was jailed for two years over the scam committed while he was a senior manager at the firm’s office on Wellington Place in Leeds city centre. Leeds Crown Court heard Richmond abused his trusted position by ordering Apple MacBook Pros from suppliers and then selling them online. Richmond, 44, carried out the deception for almost a year before his offending came to light. James Lake, prosecuting, said an investigation was launched at the company after it was reported that he had been ordering laptops through the company account then selling them for his own gain. Richmond, who had worked at the company for more than three years, was responsible for ordering in IT equipment.

Instacart Sues Rival Cornershop, Alleging ‘Brazen’ Intellectual Property Theft

Instacart is suing Uber-backed online grocery rival Cornershop, claiming it stole significant portions of its product catalog and is using that information on Cornershop’s app and website. In the suit, which was filed in the U.S. District Court in the Eastern District of Texas, Instacart alleges Cornershop “scraped” product photos, descriptions, pricing data and other information from Instacart and used that information on its own platform as it launched delivery in Dallas and Miami earlier this year. Cornershop workers modified the names of the files that stored the information in order to conceal their ownership, Instacart claims.

Man who lived luxury lifestyle after hacking LinkedIn and Dropbox is found guilty

A US District court in California has found a Russian hacker guilty of breaking into the networks of LinkedIn, Dropbox, and the now defunct social network Formspring, and selling their user databases on the computer underground. In October 2016, Yevgeniy Nikulin was arrested at a hotel restaurant in central Prague – an event caught on video camera. It had been four years since Nikulin had compromised the PC of a LinkedIn employee, and planted malware to steal their access credentials to the professional networking services internal systems. With his privileged access, Nikulin was able to access LinkedIn’s user database – which included email addresses, usernames, and passwords stored as notoriously weak non-salted SHA1 hashes.

Rhode Island Man Pleads Guilty to Conspiracy to Launder Funds of Email Compromise Fraud Targeting Massachusetts Lawyer

Sayon Balogun a/k/a “Oshine,” 32, a dual citizen of the United States and Nigeria, pleaded guilty to one count of money laundering conspiracy before U.S. Senior District Court Judge Douglas P. Woodlock, who scheduled sentencing for Nov. 10, 2020. Balogun was initially charged by criminal complaint on May 31, 2019, and arrested in Florida on June 10, 2019. In January 2018, Balogun’s co-conspirators gained access to email accounts belonging to a Massachusetts attorney engaged in real estate closings. The co-conspirators then mimicked (spoofed) the real estate attorney’s email account and sent emails to a Massachusetts resident who was the purchaser in a legitimate real estate transaction. The spoofed emails directed the Massachusetts real-estate purchaser to wire transfer $531,981 (which the purchaser believed was for a legitimate real estate transaction) to the Wells Fargo account of a California woman, who in turn sent $60,000 to an account in the name of “David Tecum,” a fraudulent identity used by one of Balogun’s co-conspirators, Oghenetchouwe Adegor Ederaine, Jr. This account, and others, were opened by Ederaine to receive fraudulent proceeds at Balogun’s direction.

Retailers are facing a $62 billion problem that has nothing to do with the pandemic

Retailers’ losses due to theft, fraud, and other causes totaled nearly $62 billion in 2019, up from nearly $51 billion the previous year, said the survey, which was conducted by the National Retail Federation and the retail consulting firm Appriss Retail.

Iran Executes Defense Ministry Staffer as Alleged CIA Spy

Iran has executed a former employee of the defense ministry who was convicted of spying on behalf of the Central Intelligence Agency, the country’s judiciary said Tuesday. It was the second such execution in the past month. The report said Reza Asgari was executed last week. Judiciary spokesman Gholamhossein Esmaili said Asgari had worked in the airspace department of the ministry and retired in 2016. “In the last years of his service, he joined the CIA, he sold information about our missiles … to the CIA and took money from them,” Esmaili said. “He was identified, tried and sentenced to death.”

This entry was posted on Monday, July 20th, 2020 at 3:12 pm. Both comments and pings are currently closed.