Attacks/Breaches

3/7/2018
03:20 PM
50%
50%

Group-IB Helps Suspend Ukrainian DDoS Attack Group

This case marks the first successful prosecution of cybercriminals in Ukraine, the organization reports.

Group-IB, an international organization dedicated to cyberattack prevention and security product development, announced the takedown of a criminal group that had been launching distributed denial-of-service (DDoS) attacks and extorting companies for over two years.

This marks the first large-scale international case of DDoS extortion in Ukraine that ended with a court sentence, Group-IB reports. The organization worked with law enforcement, cybersecurity firms, and online companies to successfully prosecute the criminals.

The attackers were found as part of an investigation into the September 2015 DDoS attack on international online dating service AnastasiaDate. They demanded $10,000 for stopping the attack, which shut down the site for four to six hours each day of the campaign.

Specialists in Group-IB's investigation department analyzed the attack, identified the attackers, and discovered other incidents conducted by the same two people: Gayk Grishkyan and Inna Yatsenko, both from Ukraine. The duo later contacted AnastasiaDate in November 2016 to demand ransom and threaten to renew the DDoS attacks on its website.

Both attackers pleaded guilty to the crimes and were each given a five-year conditional sentence. Outside the AnastasiaDate case, Grishkyan and Yatsenko had previously targeted American leasing company Stafford Associated and the PayOnline payment service.

Read more details here.

 

 

 

Black Hat Asia returns to Singapore with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier solutions and service providers in the Business Hall. Click for information on the conference and to register.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Microsoft, Mastercard Aim to Change Identity Management
Kelly Sheridan, Staff Editor, Dark Reading,  12/3/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Starwood Breach Reaction Focuses on 4-Year Dwell
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I guess this answers the question: who's watching the watchers?
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19653
PUBLISHED: 2018-12-09
HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade.
CVE-2018-19982
PUBLISHED: 2018-12-09
An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP > Server > Controller (HUB) > Node (products which are controlled by HUB). The prerequisite is that the attacker is on the same network as the target HU...
CVE-2018-19983
PUBLISHED: 2018-12-09
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares a Z-Wave frame-transmission program (e.g., Z-Wave PC Controller, OpenZWave, CC1110, etc.). Next, the attacker conducts a DoS attack against the Z-Wave S0 Security version product by continuously sending ...
CVE-2018-19980
PUBLISHED: 2018-12-08
Anker Nebula Capsule Pro NBUI_M1_V2.1.9 devices allow attackers to cause a denial of service (reboot of the underlying Android 7.1.2 operating system) via a crafted application that sends data to WifiService.
CVE-2018-19961
PUBLISHED: 2018-12-08
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.