Feed aggregator

Chinese Hackers Infiltrate Firms Using Malware-Laden Handheld Scanners

Slashdot -

wiredmikey (1824622) writes "China-based threat actors are using sophisticated malware installed on handheld scanners to target shipping and logistics organizations from all over the world. According to security firm TrapX, the attack begins at a Chinese company that provides hardware and software for handheld scanners used by shipping and logistics firms worldwide to inventory the items they're handling. The Chinese manufacturer installs the malware on the Windows XP operating systems embedded in the devices. Experts determined that the threat group targets servers storing corporate financial data, customer data and other sensitive information. A second payload downloaded by the malware then establishes a sophisticated C&C on the company's finance servers, enabling the attackers to exfiltrate the information they're after. The malware used by the Zombie Zero attackers is highly sophisticated and polymorphic, the researchers said. In one attack they observed, 16 of the 48 scanners used by the victim were infected, and the malware managed to penetrate the targeted organization's defenses and gain access to servers on the corporate network. Interestingly, the C&C is located at the Lanxiang Vocational School, an educational institution said to be involved in the Operation Aurora attacks against Google, and which is physically located only one block away from the scanner manufacturer, TrapX said."

Read more of this story at Slashdot.

Russia’s Foreign Ministry urges US ‘to stop harassing kidnapped Russian MP’s son’

RT -

"We continue to demand Washington to immediately release Roman Seleznyov, who was forcibly flown out the Republic of Maldives to the US island of Guam on July 5,” the Russian Foreign Ministry said in a statement on Friday.

One of the biggest concerns raised by the ministry is the lack of medical attention for Seleznyov.

“Roman Seleznyov was seriously injured in a terrorist attack in 2011 [in Marrakech, Morocco],” and he is being denied necessary medicine. “As a result his health and even his life are in danger.”

Roman’s father, prominent Russian MP Valery Seleznyov, told a news conference on Friday that his son will die without his medicine.

"There are no medical services there at all, treatment is not available," Seleznyov said. "He will die."

Don Hall, a US Marshals Service spokesman in Saipan, Northern Mariana Islands, said Guam authorities have staff to handle medical issues, AP reported. "The U.S. Marshals Service is adamant about ensuring that detainees receive all necessary medical care and prescribed medication," he said.

The ministry said new “shocking” details came to light about Seleznyov’s kidnapping, after a telephone conversation with the arrested Russian citizen.

Seleznyov, 30, was detained earlier this week at Male international airport, as he was about to board a flight to Moscow.

As Seleznyov was going through airport security, he was approached and escorted to another room for further verification, the ministry’s statement said. Three US intelligence officers immediately confronted him, arrested him roughly, handcuffed him and spirited him away on a private plane.

“No legal procedures involving local authorities required for extradition were observed,” the ministry stated.

“The Russian citizen was literally kidnapped, which is a flagrant violation of the laws of any civilized state as well as international law,” the ministry said.

Earlier this week, the Russian ministry slammed his detention as “a de-facto kidnapping.”

Moscow considers the kidnapping "a new hostile move by Washington,” and accused the US of ignoring proper procedure in dealing with foreign nationals suspected of crimes.

“The same happened to Viktor Bout and Konstantin Yaroshenko, who were forced to go to the US from third countries and convicted on dubious charges.”

The US Department of Justice and US Secret Service announced on Monday that Roman Seleznyov was indicted on charges including identity theft, bank fraud, illegally accessing information on protected computers and trafficking in unauthorized access devices.

He is charged with stealing and selling US citizens’ credit card data between 2009 and 2011 and may face up to 30 years in prison if found guilty.

Seleznyov appeared in court on Monday, and will be held in custody until his next hearing.


Subscribe to debianHELP aggregator