Data Theft | Business Upturn

Operation Texonto exposes broader cybersecurity concerns in Ukraine conflict

Eesha Chakraborty — Wed, 21 Feb 2024 16:48:36 +0000

A disturbing campaign of disinformation and psychological manipulation has emerged, targeting Ukrainian citizens to erode their morale and stoke anxieties. Dubbed “Operation Texonto” by cybersecurity firm ESET, this Russia-aligned effort leverages a potent mix of fabricated narratives and manipulative tactics to sow discord and doubt within Ukrainian society. The campaign operates across multiple waves designed to exploit specific vulnerabilities and anxieties.

In the initial phase, emails masquerading as official communications from Ukrainian government agencies spread misinformation about impending shortages of food, medicine, and heating. These fabricated warnings, complete with forged logos and seemingly credible sources, aim to create panic and distrust toward the Ukrainian government’s ability to provide essential resources.

Beyond essential supplies, the campaign delves into even more disturbing territory. One email template, targeting potential conscripts, suggests self-harm as a means to avoid military service, advocating for the amputation of limbs to escape deployment. This tactic, exploiting the fear of war and the potential for forced conscription, represents a deeply cynical attempt to exploit individual anxieties for broader strategic goals.

The campaign’s reach extends beyond Ukraine’s borders. Emails targeting an Italian shoe manufacturer suggest a broader attempt to sow discord and manipulate public opinion internationally. Additionally, emails referencing jailed Russian opposition leader Alexei Navalny hint at potential efforts to target his supporters and further fracture the Russian political landscape.

Operation Texonto’s activities extend beyond mere disinformation. The same infrastructure used for the propaganda campaign was later repurposed to distribute spam emails promoting fake Canadian pharmacies. This shift suggests a potential attempt to monetize the campaign’s infrastructure, highlighting the opportunistic nature of the operation and its potential financial motivations.

ESET’s findings reveal a concerning development in the ongoing conflict between Russia and Ukraine. This campaign underscores the increasingly sophisticated use of information warfare as a tool to undermine morale, sow discord, and manipulate public opinion.

Microsoft Azure breach exposes critical user data in large-scale cyberattack

Eesha Chakraborty — Sun, 18 Feb 2024 07:48:42 +0000

Microsoft’s cloud service, Microsoft Azure, suffered a significant security breach exposing sensitive user data of hundreds of accounts, including those belonging to high-level executives. This attack, described as the largest in Azure’s history, highlights the evolving sophistication of cybercriminals and the ever-present threat to online security.

Proofpoint, a cybersecurity company, identified the attack as utilizing a campaign previously detected in November 2023. This campaign employed a potent combination of phishing emails and cloud account takeover (CTO) techniques. Phishing emails, often disguised with seemingly innocuous anchor text like “View document,” contained malicious links redirecting users to fraudulent websites designed to harvest login credentials. Once obtained, these credentials were used to access sensitive data within OfficeHome and Microsoft 365 applications.

The meticulous planning behind the attack is evident in the targeted selection of victims. While both mid-level and senior employees were compromised, positions like sales directors, account managers, and CEOs were prioritized. This strategic approach allowed attackers to infiltrate various organizational levels, potentially granting access to a wider range of confidential information.

Furthermore, the attackers employed sophisticated tactics to maintain control after compromising accounts. By deploying their own multifactor authentication (MFA) methods, such as adding alternate mobile numbers or setting up fraudulent authentication apps, they effectively prevented legitimate users from regaining access. Additionally, attackers meticulously removed any trace of their activity, further complicating detection and mitigation efforts.

The primary motives behind this cyberattack are suspected to be data theft and financial fraud. While the exact perpetrators remain unidentified, initial investigations suggest potential involvement from actors based in Russia and Nigeria, based on the utilization of local fixed-line ISPs within those regions.

Microsoft, currently conducting a thorough investigation into the incident, is actively notifying affected customers and taking steps to address vulnerabilities exploited in the attack.

Is zoom a Chinese App? Here’s the Truth you’ve been waiting for!!!

Shreejit Shelar — Sun, 21 Mar 2021 10:48:09 +0000

The rising tensions between India and China have also strained the socio-economic relations between the two nations. The app has come under scrutiny for its alleged association with the Chinese market and continues to go unfazed despite the suppression of Chinese goods or products by the government of India.

Last year, the Indian government banned 59 Chinese apps, however, the debate for its origin prolongs.

The Genesis of Zoom App

The popular video calling app was founded by Eric Yuan, a Chinese-American billionaire businessman, engineer, and the CEO of the Zoom App. As the reports suggest, Yuan possesses 22 percent shares of the video calling app that holds its roots in the American economy as well.

Zoom Video Communications, Inc. is a global MNC (Multinational Corporation/Company) that was founded and headquartered in California.

Now, the application being a multi-national company, it is obvious that the MNC also has employees in China. It has 17 co-located data centers and naturally, it also has one in China.

The user interface of the app is easy due to which every person uses it. The app also offers one-to-one meetings and 40-minute group calling. The app is designed in such a way that it ensures meeting data of the users outside of China doesn’t enter the country.

It has been found that the video conferencing in zoom is not encrypted end to end which can cause a leak of the data in between and can hinder one’s privacy.

Interestingly, the application was reportedly accused of ‘Data Theft’ in 2020!

But, is Zoom a Chinese app? Well, Here’s an interesting update for you!

The answer is – NO. Zoom or Zoom Communications, Inc. is not a Chinese company at all but in fact, it is an American company.

Indians Cry for Boycott of Zoom

Following the rise of Indo-China border tension in Ladakh, a chorus of demands, both on and off social and legacy media called for a ban on Chinese imports including products and apps. Amid the volley of boycott calls, the Indian government banned 59 Chinese apps. Yet, numerous remained unsatisfied as they called for a further ban on apps like Zoom. Not just Zoom, Twitter users also called for a ban on gaming app PUBG, and messaging app WhatsApp.