CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

International police operation takes down iSpoof

admin by admin
December 6, 2022
in Information Security


As part of the takedown, 142 suspects were arrested.

Last week, an international group of law enforcement agencies took down one of the biggest criminal operators of a spoofing–as-a-service enterprise. Called iSpoof, it collected more than $120M from victims across Europe, Australia, Ukraine, Canada, and the United States. During the 16 months of the site’s operation, the group took in more than $3.8M in fees from its victims. 

The site’s principal administrator was arrested in the UK in early November and the site taken down shortly thereafter, according to a Europol announcement. As part of the takedown, 142 suspects were arrested. London’s Metropolitan Police Commissioner Sir Mark Rowley stated, “By taking away the tools and systems that have enabled fraudsters to cheat innocent people at scale, this operation shows how we are determined to target corrupt individuals intent on exploiting often vulnerable people.” 

Spoofing has a long tradition. Perhaps the earliest and most infamous case was involving Paris Hilton, who allegedly used caller ID spoofing to hack into the phone and voicemail of Lindsay Lohan decades ago. 

More recently, reporters for Rupert Murdoch’s News Corp. hacked into the cell phone voice mail accounts of prominent Britons back in 2011, which resulted in shuttering the paper a few years later. And Robert Mueller’s Russian GRU indictment a few years ago shows the lengths that Russian spies went to penetrate the DNC and the Clinton campaign, including using spoofed emails purported to originate from Hillary Clinton’s staff.

Spoofing has seen a lot of sophisticated development over the years. Two years ago, Microsoft Office365 users were targets of a spearphishing attack that relied on spoofing email addresses. More recently, Microsoft wrote about another vulnerability discovered in 2021 called Local Security Authority spoofing where an attacker can accomplish man-in-the-middle attacks and force Windows domain controllers to allow for remote access. The company issued patches for this in May 2022.

What’s most troubling about the iSpoof group is their rise to prominence and the fact that they made so much money by servicing so many criminals. This is due to the fact that the iSpoof site was used to help these others to set up various spoofing processes as part of their attack workflows. 

How does spoofing work?

Spoofing refers to a hacker impersonating a trusted brand to obtain your authentication credentials so they can steal your funds, identity, or both. The impersonation happens either through a phishing email, phone call, or text message. 

We wrote about ways you can defend yourself from these sorts of spoofing attacks earlier this year, such as being “politely paranoid” and using multi-factor authentication to secure your accounts. 

However, these methods can still fall short within the ever-evolving digital threat landscape: As an example, I recently wrote about how AI technologies can create pretty close replicas of an intended voice with deepfake audio generators. This attack vector means that victims can be fooled into thinking that they are talking to a real person that they know.

Spoofing attacks can happen to anyone. Avast One includes multiple advanced features that work together to provide real-time spoofing protection as well as robust defense against malware and other online threats.



Source link

Previous Post

Innovativelogic ~ Future of CIO

Next Post

Renewal of AWS CyberGRX assessment to enhance customers’ third-party due diligence process

Related Posts

Information Security

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

by admin
February 2, 2023
Information Security

AWS achieves ISO 20000-1:2018 certification for 109 services

by admin
February 2, 2023
Information Security

Everything you need to know

by admin
February 2, 2023
Information Security

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

by admin
February 1, 2023
Information Security

How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager

by admin
February 1, 2023
Next Post

Renewal of AWS CyberGRX assessment to enhance customers’ third-party due diligence process

Recommended

Initiatetogoapproach

February 2, 2023

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

February 2, 2023

AWS achieves ISO 20000-1:2018 certification for 109 services

February 2, 2023

Everything you need to know

February 2, 2023

Influentialleadership ~ Future of CIO

February 1, 2023

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

February 1, 2023

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.