Indigo is the latest victim of a string of cyber attacks on Canadian companies

A cybersecurity incident has knocked Indigo Books & Music Inc.’s website and electronic payment systems offline, and the company is working with third-party experts to resolve the situation. Customers who recently purchased items online may experience delays with part or all of their order.

The attack is the latest in a string of cyberattacks experts say are increasingly targeting Canadian businesses.

“We’re going to be seeing more of these more frequently and the damage will be longer as organizations continue to struggle with the adoption of cloud technology and the explosion of artificial intelligence. Just about anybody can be a junior hacker and start creating malware.” said Robert Falzon, head of engineering at Check Point Canada.

As customers asked on Twitter about the outage, the company said it was working to restore its systems and determine if any customer data had been compromised.

The Office of the Privacy Commissioner of Canada is investigating the matter “to get more information, including a formal breach report, and to determine next steps,” spokesman Vito Pilieci said.

Read: https://www.cp24.com/news/indigo-latest-target-in-string-of-cyberattacks-on-canadian-businesses-1.6267274


Financial Sanctions Implemented Against Trickbot Operators by US and UK Governments

The United States and the United Kingdom have imposed financial sanctions on seven men who operate “Trickbot,” a cybercrime-as-a-service platform based in Russia that has been responsible for countless ransomware attacks and bank account takeovers since its creation in 2016. The US Treasury says that Trickbot is associated with Russian intelligence services and that the alliance led to the targeting of many US companies and government entities.

Trickbot was initially a Trojan horse program sent through email to steal passwords, but it has evolved into a highly modular malware suite that enables the Trickbot group to carry out various illegal cyber activities, including ransomware attacks. During the COVID-19 pandemic, Trickbot targeted hospitals and healthcare centers, launching a wave of ransomware attacks that disrupted the computer networks and telephones of multiple facilities and even caused a diversion of ambulances.

One of the sanctioned men, Vitaly “Bentley” Kovalev, is a 34-year-old Russian national and the alleged senior leader of the Trickbot group. Kovalev was indicted by a New Jersey grand jury in 2012 for running a massive money mule scheme that used fake job offers to trick people into laundering stolen funds from hacked small to mid-sized businesses in the US. Trickbot was heavily used by two of Russia’s most successful ransomware groups, Conti and Ryuk. In 2021, Conti extorted over $100 million from its victims, while Ryuk extorted over $150 million from its ransomware victims. Despite being sanctioned, Trickbot is still a threat to organizations and individuals around the world.

Read: https://krebsonsecurity.com/2023/02/u-s-u-k-sanction-7-men-tied-to-trickbot-hacking-group/

Bing Gains a ChatGPT Boost in Reignited Battle of the Search Engines

Microsoft is planning to integrate OpenAI’s latest ChatGPT software into its Bing search engine. In a bid to re-ignite the long-standing battle of the search engines between Microsoft and Google, there is renewed hope that ChatGPT’s current popularity will help pull in a new set of users for Bing. Microsoft has stated that there will be an event on Tuesday to announce the official upgrades to its search engine.

“The Bing upgrade will enable a new kind of search in which people will pose questions to the search engine in natural language and it will generate direct answers,” the report says.

Read: https://watcher.guru/news/microsoft-integrates-chatgpt-into-bing-search-engine

Russian National Linked to Ryuk Money-Laundering and Ransomware Pleads Guilty in US Court

On February 7, Russian national, Denis Mihaqlovic Dubnikov, 30, pleaded guilty in the US to money laundering charges connected to Ryuk ransomware attacks. Dubnikov was arrested in Amsterdam in November 2021 before being extradited from the Netherlands in August 2022. The US Department of Justice (DoJ) said of the case: “Between at least August 2018 and August 2021, Dubnikov and his co-conspirators laundered the proceeds of Ryuk ransomware attacks on individuals and organizations throughout the United States and abroad.”

According to the DoJ, a large amount of the 250 Bitcoin ransom a U.S. company paid up in July 2019 after a Ryuk attack was sent to Dubnikov at the value of $400,000. Dubnikov’s criminal enterprise is estimated to have stolen at least $150m in ransom payments in total.

Dubnikov is also the co-founder of Coyote Crypto and Eggchange, with the latter situated in a skyscraper known to harbor money-laundering and ransomware cryptocurrency businesses. The latter, Eggchange, has received cryptocurrency valued at up to $34m from various darknet markets, fraud shops, and ransomware operators between 2019 and 2021 according to Chainalysis.

Read: https://thehackernews.com/2023/02/russian-hacker-pleads-guilty-to-money.html

New House Subcommittee to Hold First FBI Hearing Next Week

Tyler Durden from ZeroHedge reports that a new House subcommittee will be holding its first hearing next week on the role of the FBI in the alleged “weaponization” of the federal US government. Durden believes that this could be one of the most significant investigations into the status of free speech in the United States to be held in decades. The FBI’s collaborations with social media agencies like Twitter to target “disinformation” online have placed it squarely in the hot seat for its alleged crimes of “censorship by surrogate,” he says.

In a damning report from the recent “Twitter files”, the true extent of the FBI’s role in censorship and monitoring social media online was revealed. According to these reports, several ex-FBI agents were revealed to be part of Twitter’s staff. Another email from August 2022, says that “long lists of newspapers, tweets, or YouTube videos” with anti-Ukrainian narratives were pegged by this system of monitoring, as were multiple satirical and comedy sites.

Although some may defend this as a genuine attempt from the government to fight rampant disinformation online, Durden writes that such a viewpoint is naïve. The US government was reported to have used several back channels to flag statements that it deemed unacceptable.

With the exposure of the Twitter Files, the social media giant seems to now admit to acting as an agent of the FBI and its interests. Though the full scale of this operation is still unknown, Durden supposes that this effort could well be the largest surveillance program the US government has ever run.

Read: https://www.zerohedge.com/political/congress-set-expose-what-may-be-largest-censorship-system-us-history

Elsewhere Online:

iPhone users were not affected by Apple’s Maps privacy bug, and iPhone apps were not used without permission to access location data
Read: https://9to5mac.com/2023/02/10/apple-maps-privacy-location-bug-details/

An APT with advanced information-stealing capabilities has been discovered in the Russian Federation
Read: https://cyware.com/news/russian-nodaria-apt-adds-advanced-information-stealing-functionality-63d5fbe6/

A North Korean hacker is attacking hospitals in the United States
Read: https://www.wired.com/story/north-korea-hacking-us-hospitals/

A new variant of the ESXiArgs ransomware has emerged since CISA released a decryptor tool for the malware
Read: https://thehackernews.com/2023/02/new-esxiargs-ransomware-variant-emerges.html

DDoS attacks impacted Tor and I2P networks
Read: https://latesthackingnews.com/2023/02/11/tor-and-i2p-networks-embraced-multiple-ddos-attacks/

Previously on #AxisOfEasy