A group of hackers called Vendetta recently posed as Taiwan's CDC in a data-theft campaign. According to Cyberscoop's latest report, Taiwan's top-infection disease department was tricked by the group in an attempt to steal sensitive data from its Taiwanese users, as reported by security researchers on Monday, June 15.
Also Read: ['Lamphone' Hacking Method] Hacker's Are Spying on Vicitms by Observing a Light Bulb's Vibrations in New Scheme
Meticulously written spearphishing emails were sent to select groups of targets by the hackers, which may have included Taiwan's Centers for Disease Control (CDC) employees. The incident was reported by ElevenPaths, the cybersecurity unit of the Spanish telecommunications firm Telefonica Group.
Also Read: [BREAKING] Over 90,000 Fans Experience Data Breach by Just Sitting and Watching in Sports Arena
The report claimed that the incident serves as a reminder that hackers are focusing on impersonating public health authorities and breaking into computer networks during the novel coronavirus pandemic. Certain Taiwanese users received emails over the course of a week in early May persuading them to take novel coronavirus tests. The users were not aware that a remote hacking tool, capable of hijacking webcams and stealing login credentials, was attached to the malicious email.
"The type of tools and the targets selected indicate that they are looking for intelligence, mainly governmental," said Miguel Angel de Castro, a threat intelligent analyst at Elevenpaths. He said that it is still unclear how the phishing campaign became successful.
Hacking incidents increase; Dark web selling Australian websites
Vendetta has only surfaced in the last two months. The researchers said that the hackers are adept at impersonating multiple languages of authorities. In attempts to install remote hacking tools on their victim's machines, the hackers posed as agency officials in Austria, Australia, and Romania as reported in May by Chinese cybersecurity company Qihoo 360.
Qihoo stated that some of Vendetta's hacking attempts have been to steal targeted business intelligence.
"This type of group does not carry out massive attacks, but [are] very selective, so the number [of victims] should not be too high," said de Castro Simon after he was asked how many Taiwanese users may have been compromised.
Meanwhile, it was reported that Australian websites are being sold on the dark web. According to Financial Review's latest report, hundreds of Australian websites are on sale on the dark web, including those from financial service firms, ASX-listed companies, an adult entertainment store, and an insurance company.
The list of 43,000 hacked servers, where the Australian websites are included, are available for sale on the online marketplace, Magbo. This is where hackers and cybercriminals sell access to websites for a small amount ranging from $1 up to $10.
"It's an important message to get out to Australian businesses," said Andrew Murray, the Curve Securities chief executive. The Curve, which offers income advisory services, was one of the websites identified by The Australian Financial Review as having been compromised.