16-31 March 2017 Cyber Attacks Timeline

Here’s the second part of the March timeline (first part here), covering the main cyber attacks occurred between 16 and 31 March 2017.

Let’s start from the mega breaches: unfortunately, but we should be used to it, the damage report of this fortnight has confirmed the trend we have been experiencing in the last months. The list includes: some cryptocurrency forums (approximately 12 million accounts compromised), the Illinois Department of Employment Security (1.4 million records compromised), and online forum called Dueling Network (6.5 million email addresses and hashed passwords).

Despite the impact is considerably smaller, the list of the victims also includes McDonald’s Canada, whose career website has been hacked, compromising the personal data of around 95,000 restaurant job applicants.

The list of Cyber Espionage includes: El Machete, a massive cyber espionage campaign targeting high-profile international government organizations across the globe, a campaign targeting GitHub users, and a new attack against the German Parliament.

If you want to have an idea of how fragile our electronic identity is inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015 and 2016 (regularly updated). You may also want to have a look at the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Additionally, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts), and if useful, you can access the timeline in Google Sheet format.

ID Date Author Target Description Attack Target
1 16/03/2017 ? Defense Point Security, LLC The CEO of Defense Point Security, LLC tells all employees that their W-2 tax data was handed directly to fraudsters after someone inside the company got caught in a phisher’s net. Account Hijacking Industry: Security Services CC US
2 16/03/2017 ? Datapoint POS Datapoint POS appears to have been hacked. PoS Malware Industry: Financial Services CC US
3 16/03/2017 ? The Independent Electoral and Boundaries Commission (IEBC) The Independent Electoral and Boundaries Commission (IEBC) admits hackers attempted to breach its systems to steal crucial information ahead of the 2017 election. Unknown Government CC KE
4 17/03/2017 ? Lane Community College A virus-infected computer at the Lane Community College health clinic may have relayed patient information such as names, addresses, Social Security numbers and more, to an unknown third party for more than a year Malware Education CC US
5 17/03/2017 ? Arkansas Department Workforce Investigators try to determine whether personal information — including Social Security numbers — for an estimated 19,000 Arkansas job seekers was stolen after a virus was detected in a statewide database, a government spokesman said. Malware Government CC US
6 19/03/2017 ? Several Celebrities including Emma Watson, Rose McGowan, Amanda Seyfried and Jillian Murray Fappening 2.0 is here: nude pictures of several celebrities are leaked online, including Emma Watson, Rose McGowan, Amanda Seyfried and Jillian Murray. Unknown Single Individuals CC >1
7 20/03/2017 ? Alfa Bank Alfa Bank announces to have been targeted by a large-scale DNS Botnet attack. DDoS Finance CC RU
8 21/03/2017 ? Multipe targets A study by security firm Dragos reveals that malware posing as legitimate software for Siemens ICS devices has apparently infected 10 industrial equipment worldwide over the past four years. Malware >1 CE >1
9 21/03/2017 ? Chinese Mobile Users Researchers from Check Point reveal a new mechanism to spread the “Swearing Trojan”, using fake base transceiver stations (BTSs) that send phishing SMS messages masquerading as ones coming from Chinese telecom service providers China Mobile and China Unicom. Malware Single Individuals CC CN
10 21/03/2017 ? Joblink Alliance Joblink Alliance, a provider of the nationwide web-based database Joblink, which is used by the State of Vermont, notifies the State that the job seeker functionality of its website has been compromised by a malicious software. Malware Industry: Job Seeking CC US
11 22/03/2017 El Machete Multiple International Government Organizations Researchers from Cylance reveal the details of “El Machete” a massive cyber espionage campaign targeting high-profile international government organisations across the globe. Primary targets are in Latin America, but the campaign has also targeted organisations in Canada, England, Germany, Korea, Russia, the Ukraine and the United States. Targeted Attack Government CE >1
12 22/03/2017 ? UK viewers or popular porn sites Malwarebytes warns about an increase in malware attacks currently targeting UK viewers of popular pornography websites. The campaign abuses a legitimate ad network called ExoClick distributing the Ramnit malware. Malvertising Single Individuals CC UK
13 23/03/2017 @The6Clerk and @PlzNoHack Official Twitter Accounts of ABC News (@ABC) and Good Morning America (@GMA) The official Twitter accounts of mainstream US news outlet ABC News and its daily show Good Morning America, are taken over by hackers. The profiles, each with millions of followers, displayed a series of explicit messages left by the culprits. Account Hijacking News CC US
14 23/03/2017 ? Saudi Arabia Governmental Organizations Malwarebytes reveal the details of a new spear phishing campaign targeting Saudi Arabia governmental organizations. Targeted Attack Government CE SA
15 23/03/2017 ? Payment Processors on websites A new bot targeting card payment processes on websites is spotted in the wild. Called GiftGhostBot, the bot tries to defraud consumers of the money loaded on gift cards from a wide range of retailers around the globe, with attacks being noticed on almost 1,000 customer websites. Malware Single Individuals CC >1
16 23/03/2017 ? Idaho Department of Labor A hacking incident that occurred on March 12 and March 13 compromised more than 170,000 job-seeker accounts of the Idaho Department of Labor. Unknown Government CC US
17 23/03/2017 ? FIRST Forum (forums.usfirst.org) and FIRST Tech Challenge Forum (ftcforum.usfirst.org) FIRST Forum (forums.usfirst.org) and FIRST Tech Challenge Forum (ftcforum.usfirst.org) notify a data breach. Unknown Online Forum CC US
18 24/03/2017 ? Illinois Department of Employment Security (Ides) The Illinois Department of Employment Security (Ides) revealed on Friday (24 March) that one of its vendors was hacked, potentially compromising personal information of approximately 1.4 million job seekers in the state. Unknown Government CC US
19 24/03/2017 ? Android Forums Android Forums announces that its servers were accessed by a third-party resulting in a data breach affecting the 2.5% of the active users. Unknown Online Forum CC US
20 24/03/2017 ? Washington University School of Medicine Washington University School of Medicine notifies to have been targeted by a Phishing Attack. Account Hijacking Education CC US
21 25/03/2017 Cfnt 25 Vulnerable Forums A hacker going by the handle of “Cfnt” compromises 25 web forums using an outdated version of vBulletin and put the data on sell on a popular Dark Web marketplace. Unknown Online Forum CC >1
22 26/03/2017 ? 12 million accounts from at least 11 separate cryptocurrency forum Roughly 12 million accounts pilfered from at least 11 separate cryptocurrency forums over the past six years are being sold on the Dark Web, with a vendor under the pseudonym ‘doubleflag’ marketing the trove of stolen credentials as a “package” deal. Unknown Online Forum CC >1
23 27/03/2017 ? World of Warcraft users Malwarebytes reveals the details of a phishing campaign attempting to bait World of Warcraft users with the promise of free in-game pets Account Hijacking Single Individuals CC >1
24 28/03/2017 ? GitHub Users Researchers from Palo Alto Networks reveal the details of a new campaign targeting developers sharing code on GitHub with a malicious with a stealth malware called Dimnie. Targeted Attack Single Individuals CE >1
25 28/03/2017 ? Tweede Kamer (Lower House of Dutch Parliament) Ransomware is found on the computer systems of the Tweede Kamer, the lower house of Dutch parliament, Malware Government CC NL
26 28/03/2017 ? Forsyth Public Schools Forsyth Public Schools are hit with computer malware causing problems for teachers, students, parents and district administrators. Malware Education CC US
27 29/03/2017 ? German Parliament Berlin’s cyber security watchdog reveals that the German parliament was the target of fresh cyber attacks in January that attempted to piggy-back on an Israeli newspaper site to target politicians in Germany. Targeted Attack Government CE DE
28 29/03/2017 ? Dueling Network A hacker makes off with at least 6.5 million email addresses and poorly hashed passwords from a Yu-Gi-Oh fan project called “Dueling Network.” SQLi Online Forum CC US
29 29/03/2017 ? Undisclosed US College Research from Incapsula discover a new Mirai variant used to launch a 54-hour DDoS attack against a US college. DDoS Education CC US
30 30/03/2017 ? Skype users Several users complain that ads served through Microsoft’s Skype app are serving malicious downloads, which if opened, can trigger ransomware. Malvertising Single Individuals CC >1
31 30/03/2017 ? Amaq Media Amaq media, the news outlet associated with ISIS, claims its website was hacked by perpetrators who were spreading malware on the site. Malware News CE N/A
32 30/03/2017 ? ShowTix4U ShowTix4U notifies that an unauthorized actor was able to gain access to a third-party vendor’s server and install malicious software on their website. Malware Industry: Online Ticket Sales CC US
33 31/03/2017 ? McDonald’s Canada McDonald’s Canada says that its career website has been hacked, compromising the personal data of around 95,000 restaurant job applicants. The accessed information includes names, addresses, email addresses, phone numbers, employment background and other standard job application information of people who applied online for a job at McDonald’s Canada restaurants between March 2014 and March 2017. Unknown Industry: Restaurant CC CA
34 31/03/2017 ? Major US Universities Researchers find nearly 14M email addresses and passwords belonging to faculty, staff, students and alumni of major universities across the country on the dark web. Unknown Education CC US


Source: Hackmageddon.com @ May 3, 2017 at 06:55AM