New York Times: Russian Criminal Group Finds New Target: Americans Working at Home. “A Russian ransomware group whose leaders were indicted by the Justice Department in December is retaliating against the U.S. government, many of America’s largest companies and a major news organization, identifying employees working from home during the pandemic and attempting to get inside their networks with malware intended to cripple their operations.”
state-sponsored actors
Twitter Blog: Disclosing networks of state-linked information operations we’ve removed
Twitter Blog: Disclosing networks of state-linked information operations we’ve removed. “Today we are disclosing 32,242 accounts to our archive of state-linked information operations — the only one of its kind in the industry. The account sets we’re publishing to the archive today include three distinct operations that we have attributed to the People’s Republic of China (PRC), Russia, and Turkey respectively. Every account and piece of content associated with these operations has been permanently removed from the service.”
Vanity Fair: Hackers Are Already Screwing With the 2020 Election
Vanity Fair: Hackers Are Already Screwing With the 2020 Election. “The vulnerabilities of online voting underscore the broader concerns about this year’s election. Observers already warned that Russia, which meddled in the 2016 election on Trump’s behalf, and other bad actors are seeking to interfere with this cycle.”
CBS News: NSA warns of new cyberattacks by Russian military hackers
CBS News: NSA warns of new cyberattacks by Russian military hackers. “A notorious hacking team backed by the Russian government has been exploiting a serious flaw in commonly used email software, the National Security Agency (NSA) warned Thursday, issuing a rare advisory that publicly attributed attempts to utilize the software flaw to a nation-state actor.”
Bleeping Computer: Russian cyberspies use Gmail to control updated ComRAT malware
Bleeping Computer: Russian cyberspies use Gmail to control updated ComRAT malware. “ESET security researchers have discovered a new version of the ComRAT backdoor controlled using the Gmail web interface and used by the state-backed Russian hacker group Turla for harvesting and stealing in attacks against governmental institutions.”
NBC: China launches new Twitter accounts, 90,000 tweets in COVID-19 info war
NBC News: China launches new Twitter accounts, 90,000 tweets in COVID-19 info war. “China has launched a Twitter offensive in the COVID-19 information war, more than doubling its number of official government tweets since January and in recent days using the platform to spread a conspiracy theory that the virus came from a U.S. government lab.”
RadioFreeEurope: EU Monitor Sees Drop In COVID-19 Disinformation, Urges Social Media To Take More Action
RadioFreeEurope: EU Monitor Sees Drop In COVID-19 Disinformation, Urges Social Media To Take More Action. “EU monitors say they have seen ‘at least a temporary decrease’ in the amount of misinformation and disinformation surrounding the coronavirus pandemic, but external actors, notably pro-Kremlin sources, are still active in spreading false information on the outbreak. In a report released on May 20, the strategic communications division of the European diplomatic corps, the European External Action Service (EEAS), said that, while social media companies continue to invest into detecting and countering misinformation and disinformation on their platforms, ‘it is clear that much more needs to be done.'”
BloombergQuint: China’s Disinformation Campaign Targets Virus, Researcher Says
BloombergQuint: China’s Disinformation Campaign Targets Virus, Researcher Says. “An army of bot accounts linked to an alleged Chinese government-backed propaganda campaign is spreading disinformation on social media about coronavirus and other topics, including an exiled businessman, according to a London-based researcher. The accounts have been used to promote content attacking critics of the Chinese government and to spread conspiracy theories blaming the U.S. for the origins of virus, according to Benjamin Strick, who specializes in analyzing information operations on social media websites.”
Exclusive: Iran-linked hackers recently targeted coronavirus drugmaker Gilead – sources (Reuters)
Reuters: Exclusive: Iran-linked hackers recently targeted coronavirus drugmaker Gilead – sources. “Hackers linked to Iran have targeted staff at U.S. drugmaker Gilead Sciences Inc in recent weeks, according to publicly-available web archives reviewed by Reuters and three cybersecurity researchers, as the company races to deploy a treatment for the COVID-19 virus.”
State report: Russian, Chinese and Iranian disinformation narratives echo one another (Politico)
Politico: State report: Russian, Chinese and Iranian disinformation narratives echo one another. “China, Iran and Russia are using the coronavirus crisis to launch a propaganda and disinformation onslaught against the United States, the State Department warns in a new report. The three governments are pushing a host of matching messages: that the novel coronavirus is an American bioweapon, that the U.S. is scoring political points off the crisis, that the virus didn’t come from China, that U.S. troops spread it, that America’s sanctions are killing Iranians, that China’s response was great while the U.S.’ was negligent, that all three governments are managing the crisis well, and that the U.S. economy can’t bear the toll of the virus.”
Exclusive: Hackers linked to Iran target WHO staff emails during coronavirus – sources (Reuters)
Reuters: Exclusive: Hackers linked to Iran target WHO staff emails during coronavirus – sources. “Hackers working in the interests of the Iranian government have attempted to break into the personal email accounts of staff at the World Health Organization during the coronavirus outbreak, four people with knowledge of the matter told Reuters.”
CNN: Hacking attempts originating in Iran nearly triple following Soleimani strike, researchers say
CNN: Hacking attempts originating in Iran nearly triple following Soleimani strike, researchers say. “Hackers looking to breach US computer networks sharply intensified their efforts following the death of Iranian military leader Qasem Soleimani, but have had limited success, according to internet security researchers and state government officials. Soon after the strike that killed Soleimani, Iran-based attempts to hack federal, state and local government websites jumped 50% — and then continued to accelerate, said network security company Cloudflare.”
The Register: Google caught a Russian state hacker crew uploading badness to the Play Store
The Register: Google caught a Russian state hacker crew uploading badness to the Play Store. “Google has said it fired off 12,000 warnings to unlucky users of its GMail, Drive and YouTube services telling them that they’re being phished by state-backed hackers.”
ProPublica: YouTube Promised to Label State-Sponsored Videos But Doesn’t Always Do So
ProPublica: YouTube Promised to Label State-Sponsored Videos But Doesn’t Always Do So. “A review by ProPublica shows that YouTube’s implementation of its policy to flag state-sponsored media channels has been haphazard, giving governments in Russia and elsewhere an opportunity to spread propaganda surreptitiously. The world’s most popular streaming service allowed 57 channels funded by the governments of Iran, Russia, China, Turkey and Qatar, among others, to play videos without labels.”
New York Times: China Sharpens Hacking to Hound Its Minorities, Far and Wide
New York Times: China Sharpens Hacking to Hound Its Minorities, Far and Wide. “China’s state-sponsored hackers have drastically changed how they operate over the last three years, substituting selectivity for what had been a scattershot approach to their targets and showing a new determination by Beijing to push its surveillance state beyond its borders.”
