Articles
New hacking group targeting healthcare equipment in Europe, the US and Asia
Published
5 years agoon

Online security firm Symantec has warned that hackers are attacking the healthcare sector, targeting devices including X-ray and MRI scanners.
The company claims to have discovered a previously-unknown collective calling itself Orangeworm, which it has observed installing a custom backdoor dubbed Trojan.Kwampirs in the systems of large international firms that operate in the healthcare sector in Europe, the US and Asia.
Symantec claims around 40% of group’s victims have interests in the healthcare sector, including healthcare providers, pharmaceutical firms and IT solution providers that service healthcare equipment.
Trojan.Kwampirs provides hackers with remote access to compromised devices.
In an entry on its threat intelligence blog, Symantec said: “We believe that these industries have also been targeted as part of a larger supply-chain attack in order for Orangeworm to get access to their intended victims related to healthcare.
“Orangeworm’s secondary targets include manufacturing, information technology, agriculture, and logistics.
“While these industries may appear to be unrelated, we found them to have multiple links to healthcare, such as large manufacturers that produce medical imaging devices sold directly into healthcare firms, IT organisations that provide support services to medical clinics, and logistical organisations that deliver healthcare products.”
While the company has no information that indicates who is behind the attacks or from which country they originate, it believes the campaign, which has been active since January 2015, is the work of an individual or small group rather than a state-backed actor.
Hackers often target government and healthcare companies on account of the fact they typically use older operating systems and less secure software than private sector organisations, making it easier to launch ransomware attacks and steal patient information that can be used for identity fraud.
Last May, the UK’s NHS was severely compromised by the WannaCry ransomware virus, which crippled computers across the organisation’s network.
Government security experts in both the UK and the US have said they believe the attack, which affected computers in more than 150 countries across the globe, was launched by a Pyongyang-linked North Korean hacking group.
In an opinion piece for the Wall Street Journal last December, Homeland Security adviser Tom Bossert told readers: “The attack was widespread and cost billions, and North Korea is directly responsible.
“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious. WannaCry was indiscriminately reckless.”
North Korea’s state-sponsored Lazarus Group, which is widely thought to have been behind WannaCry, is said to have become more focused on raising money for Kim Jong-un’s sanctions-crippled regime than cyber espionage over the past few years.
Related posts:
- Cyber crime economy now rivals GDP of major countries with annual revenues of $1.5 trillion
- Netflix steps up efforts to thwart content pirates
- Russian head of massive cybercrime marketplace arrested in Thailand
- Hackers are pulling in executive-grade annual pay packets, new study finds
- Security cameras capture images of drone dropping drugs in Australian prison yard

Des oligarques russes et vénézuéliens sont accusés de blanchiment d’argent, de trafic de pétrole et de corruption
Le Tribunal fédéral de New York accuse sept personnes d’êtres responsables de contrebande d’essence et du blanchiment de dizaines de millions de dollars. Ces personnes sont aussi accusées d’avoir tenté d’acheter des technologies militaires états-uniennes sensibles. Parmi ce groupe, on trouve notamment des oligarques russes et vénézuéliens. Ces derniers s’organisaient notamment pour contourner les sanctions mises en place par les États-Unis. Ils passaient par des entreprises-écrans hongkongaises, des livraisons d’argent liquide massives, des pétroliers fantômes et l’utilisation de cryptomonnaies pour obscurcir leurs activités.
Le blanchiment d’argent des oligarques russes et vénézuéliens
Cette affaire vient souligner également l’importance des liens entre oligarques russes et leurs alliés vénézuéliens. Les deux pays étant interdit de participer au système financier occidental, les riches des deux pays s’entendent pour protéger leurs fortunes. Au cœur de cette conspiration, on trouve deux Russes : Yury Orekhov et Artem Uss. Le premier travaillait pour une grande entreprise d’aluminium approuvée par les États-Unis. Le deuxième est le fils d’un riche gouverneur allié du Kremlin. Ces derniers sont partenaires dans une entreprise d’équipements industriels allemande basée à Hambourg. Cette entreprise est accusée d’avoir joué un rôle important dans le contournement des sanctions imposées après l’invasion de la Crimée dès 2014. Les deux hommes ont été arrêtés, l’un en Italie et l’autre en Allemagne.
De l’autre côté, on trouve Juan Fernando Serrano, le PDG de la start-up Treseus, basée à Dubaï, en Italie et en Espagne. Les communications des trois hommes, interceptées par la police, illustrent leurs connexions avec des partenaires puissants. Serrano serait le contact pour des oligarques vénézuéliens, dont un proche du vice-président. Cette personne est aussi recherchée par les États-Unis pour corruption et blanchiment d’argent. Aucun des partenaires des trois hommes n’a pourtant été inquiété, leurs liens n’ayant pu être prouvés.
Argent liquide et sociétés-écrans
Le pétrole vénézuélien est ici au cœur de l’affaire. Ce dernier se vend en moyenne 40 % en dessous du prix du marché et doit suivre des circonvolutions compliquées pour être exporté. Il est par exemple impossible d’effectuer un simple transfert bancaire et l’argent doit donc trouver d’autres chemins. Les trois personnes sont par exemple accusées d’avoir acheté un pétrolier plein de pétrole vénézuélien pour la somme de 33 millions de dollars. Le paiement est passé par une entreprise de Dubaï, puis par des comptes-écrans à Hong Kong, en Australie et en Angleterre. Des documents ont aussi été falsifiés et la cargaison était censée être des petits pois et du riz. Cependant, l’essentiel des transactions semble être fait en liquide.
La discussion entre les trois hommes montre que des millions de dollars en liquide ont été déposés en personne à une banque de Moscou. Cette même banque était possédée par l’industrie pétrolière vénézuélienne. Elle a longtemps servi de lien principal pour les échanges entre les deux pays. Certains paiements discutés parlaient aussi d’effectuer des paiements simultanés en liquide à une banque du Panama puis un virement à Caracas. Enfin, les criminels semblent avoir une prédilection pour la cryptomonnaie Tethers. Celle-ci base sa valeur sur des monnaies stables comme le dollar. La complexité de ces transactions et les efforts mis en œuvre par ces criminels en col blanc rendent difficile de stopper les responsables, sans compter que ces derniers opèrent dans des pays qui les soutiennent.
Articles
Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
Published
3 years agoon
13 March 2020
Buyers on eBay are being duped into purchasing substandard and counterfeit products due to a flaw in the online auction platform’s seller feedback system, according to an investigation conducted by UK consumer group Which?
The watchdog found that dishonest vendors can take advantage of these flaws by linking positive reviews of genuine products manufactured by companies such as Apple and Samsung to fake and low-quality items.
Which? found that crooked sellers are able to link thousands of positive reviews to eBay listings they have nothing to do with.
The organisation discovered that real reviews can be associated with fake products that are potentially dangerous, such as counterfeit mobile phone chargers that can pose a fire risk.
Sellers are able to do this by using “product IDs” associated with genuine items when adding their products to eBay, subsequently benefitting from the positive reviews those items have attracted.
The system is intended to make the process of listing products on eBay quicker and easier by allowing sellers to pull information from similar items that have a linked product ID.
As part of its investigation, Which? purchased 20 bogus Apple and Samsung accessories such as chargers and USB cables that were supposed to be official and shared the same reviews as products manufactured by the two technology firms
Calling for online ecommerce platforms to be held accountable for flaws in their seller feedback systems that allow dishonest vendors to pull the wool over buyers’ eyes, Head of Home Products and Services at Which? Natalie Hitchins said: “Our investigation has uncovered yet another example of online reviews being manipulated to mislead people.
“eBay’s product review system is confusing for consumers and could even direct them towards counterfeit or dangerous products sold by unscrupulous sellers.
“Online reviews influence billions of pounds of consumer spending each year.
“The [UK Competition and Markets Authority] must now investigate how fake and misleading reviews are duping online shoppers, taking the strongest possible action against sites that fail to tackle the problem.”
Responding to the findings of Which?’s investigation eBay said in a statement: “The research does not fully consider that there are distinctions between product reviews (which provide buyers with a holistic review of the same product), and seller feedback (which can be used to see specific reviews of a seller’s performance and may reflect the item’s condition).”
Earlier this month, Bloomberg reported that US politicians had called on lawmakers to hold ecommerce companies such as eBay and Amazon to account if they fail to prevent third-party vendors selling counterfeit or substandard products on their platforms.
Articles
Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
Published
3 years agoon
12 March 2020
A Romanian human trafficking and prostitution network that used the “lover boy” method to entrap young women before forcing them into sex work has been broken up a coalition of European law enforcement agencies.
The lover boy method, also known as the “Romeo pimp” method, involves young men seducing victims with the objective of coercing them into prostitution.
Lover boy traffickers groom their victims to believe they have entered into a serious romantic relationship before using emotional, psychological and sometimes physical abuse to intimidate them into working in the sex services industry.
Investigators from Spain, Romania, the Czech Republic and several other European nations were involved in the operation that resulted in the dismantling of the gang, which is said to have groomed and exploited at least 10 young women by forcing them to work as prostitutes.
The operation resulted in the arrest of 14 people in Romania and Spain, the safeguarding of 10 trafficking victims, and the confiscation of a number of items, including a quantity of cash, jewellery, expensive vehicles and several electronic devices.
In total, the agencies taking part in the effort raided 16 properties in the Czech Republic, Romania and Spain.
Having groomed their victims, Romanian members of the network would develop manipulative dependent relationships with the young women they targeted before forcing them into sex work.
Once under the traffickers’ control, victims would be abused and drugged before being sold onto other members of the network for as much as €6,000 ($6,632) each.
The women would then be moved between locations and countries on a regular basis as part of the gang’s efforts to avoid the attention of police.
Profits made by the network were laundered through the purchase of property, expensive jewellery and high-value cars.
Ongoing investigations into the network’s activities are focussed on the theory that it was working in cooperation with another gang.
Enquires have already resulted in the identification of more than 40 additional women who fell victim to the two criminal organisations.
In a statement, Europol said: “Europol facilitated the information exchange between the participating countries, provided coordination support and analysed operational information against Europol’s databases to give leads to investigators.
“Europol conducted a financial analysis based on the information provided which highlighted the extension of the criminal activity of the group and the presence and flow of illicit profits to other jurisdictions.”
Latest articles
- Oligarques russes et pétrole vénézuélien
- Crooked vendors exploiting flaw in eBay’s feedback system to con buyers into purchasing bogus and dangerous items
- Major ‘lover boy’ prostitution gang broken up by coalition of European law enforcement agencies
- Taking cocaine will not cure people struck down with the coronavirus, French government warns public
- US politicians call for state action against Pornhub over allegations it hosted rape and child abuse videos
Social Widget