Security News

U.S. offers $5 million reward for info about Russian malware masterminds

Avast Security News Team, 6 December 2019

Plus more news of the week, including a cyberattack launched by the Chinese government against protestors and malware targeting Facebook ad settings

The U.S. Department of Justice is offering a $5 million reward for information leading to the capture of two Russian hackers allegedly responsible for tens of millions of dollars in damages due to cybercrime. NBC News reported that Maksim Yakubets and Igor Turashev are accused of attacking several institutions in Pennsylvania – including a bank, a school district and various companies – as well as targets in other states. In a bulletin published by the Department of Justice, one authority stated that the hackers “led one of the most sophisticated transnational cybercrime syndicates in the world,” while another commented that one of their many schemes was among “the most outrageous cybercrimes in history.” That particular scheme, which used malware known as “Zeus,” resulted in the attempted theft of over $220 million from 21 municipalities across the U.S. The DoJ worked closely with the U.K.’s National Crime Agency to identify the two suspects. Avast Security Evangelist Luis Corrons praised law enforcement collaboration in the case, noting that this group was responsible for the creation of Dridex, which has been used to launch attacks worldwide. “Cybercrime is a global threat, and the best way to fight it is globally. Having the United States lead a collaborative campaign with law enforcement from different countries is the best approach.”

This week’s stat 

Hong Kong protesters say their website received more than 1.5 billion internet traffic requests per hour during an August DDoS attack by China’s “Great Cannon.” 

China uses ‘Great Cannon’ for cyberattack

The Chinese government has deployed the powerful cyber weapon known as the “Great Cannon” for the first time in two years to launch a cyberattack against a Hong Kong free speech website. Used to create DDoS attacks, which overwhelm and overload targeted sites with traffic, the cyber weapon attacked LIHKG, a forum where Hong Kong residents share information about police abuse and anti-Beijing protests. Previously, the Great Cannon has been aimed at U.S.-based Chinese news site Mingjingnews.com, Github (for hosting tools that could bypass China’s national firewall), and GreatFire.org (for exposing internet censorship). Read more on ZDNet

This week’s quote 

“We don’t live in a world where people can just get offline.” – Erica Olsen, director of the Safety Net program at the National Network to End Domestic Violence. Read her guidance on how victims can be empowered by the Internet Of Things.

Malware targets Facebook ad settings and more

Researchers have identified new malware that accesses Facebook and Amazon cookies, allowing attackers to collect personal data from users’ accounts and adjust the settings in their Facebook Ads Manager. Along with stealing credit card numbers and other sensitive information, the malware reprograms a user’s ad settings to receive ads from the attacker’s source of choice, a particularly relevant threat during an election year. Read more on Bleeping Computer

Patched Outlook flaw still abused

Security experts have found that a 2-year-old vulnerability that allows attackers to infect Microsoft Outlook accounts is still a threat despite being patched in 2017, Dark Reading reported. In July this year, the U.S. military discovered that Iranian cyber-espionage groups were using the bug in coordinated attacks against the U.S., Europe, and the Middle East. While Microsoft’s patch is effective against the exploit, attackers can get around it if the system has already been compromised.

Smith & Wesson’s website hacked on Black Friday

Online patrons to Smith & Wesson may have had their payment info stolen if they purchased anything from the online  shop over the Black Friday weekend, PC Mag reported. The website of the gunmaker was infected with payment card skimming malware by the infamous hacking group Magecart. Smith & Wesson did not immediately comment on the cyberattack, but the malware has been removed from their online shop.

Dutch politician faces three years for leaking photos

A newly elected councilman in the Dutch city of Almere was arrested and tried for hacking iCloud accounts and leaking photos and videos of over 100 women, ranging from celebrities to personal acquaintances of the hacker. Mitchel van der K did not deny committing the hacks, but said he was coerced by other hackers who were blackmailing him. Van der K resigned from government office and faces a possible sentence of three years in prison. Read more on ZDNet

This week’s ‘must-read’ on The Avast Blog

What’s ahead for cybersecurity in 2020? Avast foresees sophisticated email malware and new AI privacy protections in its annual Threat Landscape Report. Experts also predict more mobile subscription scams and new attempts to steal IoT data.


Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN. Get advertisers off your back and disguise your online identity for greater privacy with Avast AntiTrack.