Previous Thread
Next Thread
Print Thread
Chinese hackers trying new trick with legit websites #2833953
10/17/20 05:05 PM
10/17/20 05:05 PM
Joined: Jan 2006
Posts: 6,086
USA
3
360view Offline OP
Today's medical news brought to you by....
360view  Offline OP
Today's medical news brought to you by....
3

Joined: Jan 2006
Posts: 6,086
USA
https://www.theverge.com/2020/10/17/21520799/google-chinese-hackers-biden-campaign-mcafee-malware

Sample quote

The group, which Google refers to as APT 31 (short for Advanced Persistent Threat), would email links to users which would download malware hosted on GitHub, allowing the attacker to upload and download files and execute commands. Since the group used services like GitHub and Dropbox to carry out the attacks, it made it more difficult to track them.

“Every malicious piece of this attack was hosted on legitimate services,
making it harder for defenders to rely on network signals for detection,”
the head of Google’s Threat Analysis Group Shane Huntley wrote in the blog post.

End quote

Re: Chinese hackers trying new trick with legit websites [Re: 360view] #2833957
10/17/20 05:16 PM
10/17/20 05:16 PM
Joined: Jan 2003
Posts: 31,410
Grand Prairie,Texas
stumpy Online content
I Win
stumpy  Online Content
I Win

Joined: Jan 2003
Posts: 31,410
Grand Prairie,Texas
That's why I use AVG and not McAfee or Norton and download from the original source.

Re: Chinese hackers trying new trick with legit websites [Re: stumpy] #2833991
10/17/20 06:44 PM
10/17/20 06:44 PM
Joined: Feb 2015
Posts: 1,367
CA
C
crackedback Offline
pro stock
crackedback  Offline
pro stock
C

Joined: Feb 2015
Posts: 1,367
CA
The other nice one is they are getting into mail servers and acting as agents for sales of everything from heavy equipment to home closings. Sending wire instructions to a new account and poof.... gone... when the money is wired.

If the wiring instructions for your transaction are changed midstream, get on the phone with the bank, sales people, whoever to verify with a real person and NEVER trust any email is my suggestion.

Re: Chinese hackers trying new trick with legit websites [Re: 360view] #2834043
10/17/20 09:18 PM
10/17/20 09:18 PM
Joined: Jun 2003
Posts: 7,610
SK. Canada
Not_A_Duster Offline
master
Not_A_Duster  Offline
master

Joined: Jun 2003
Posts: 7,610
SK. Canada
Careful saying anything against China here... You might get spanked for being "political."

Might be best in the current events forum.


....evil is winning....
Re: Chinese hackers trying new trick with legit websites [Re: Not_A_Duster] #2834098
10/18/20 12:59 AM
10/18/20 12:59 AM
Joined: Mar 2003
Posts: 5,115
NEW JERSEY
AARCONV Offline
master
AARCONV  Offline
master

Joined: Mar 2003
Posts: 5,115
NEW JERSEY
might be the russians

Re: Chinese hackers trying new trick with legit websites [Re: crackedback] #2834663
10/19/20 02:58 PM
10/19/20 02:58 PM
Joined: Apr 2003
Posts: 11,015
Looking for a way out of Middl...
IMGTX Offline
I Live Here
IMGTX  Offline
I Live Here

Joined: Apr 2003
Posts: 11,015
Looking for a way out of Middl...
Originally Posted by crackedback
The other nice one is they are getting into mail servers and acting as agents for sales of everything from heavy equipment to home closings. Sending wire instructions to a new account and poof.... gone... when the money is wired.

If the wiring instructions for your transaction are changed midstream, get on the phone with the bank, sales people, whoever to verify with a real person and NEVER trust any email is my suggestion.


My wife works for a real estate attorney. They and their bank will not transfer money without a voice confirmation from the bank/lawyers in charge of the transaction for this very reason.
At least a couple of his clients have already been stung by this scam when they used other attorneys.

Re: Chinese hackers trying new trick with legit websites [Re: IMGTX] #2834686
10/19/20 03:51 PM
10/19/20 03:51 PM
Joined: Dec 2003
Posts: 19,757
Trumussia
J
jcc Offline
I Live Here
jcc  Offline
I Live Here
J

Joined: Dec 2003
Posts: 19,757
Trumussia
Originally Posted by IMGTX
Originally Posted by crackedback
The other nice one is they are getting into mail servers and acting as agents for sales of everything from heavy equipment to home closings. Sending wire instructions to a new account and poof.... gone... when the money is wired.

If the wiring instructions for your transaction are changed midstream, get on the phone with the bank, sales people, whoever to verify with a real person and NEVER trust any email is my suggestion.


My wife works for a real estate attorney. They and their bank will not transfer money without a voice confirmation from the bank/lawyers in charge of the transaction for this very reason.
At least a couple of his clients have already been stung by this scam when they used other attorneys.


How is a voice confirmation anymore valid? Being there are more Chinese that speak English, then Americans.


Discovering "good trouble" everyday
Re: Chinese hackers trying new trick with legit websites [Re: jcc] #2834692
10/19/20 04:21 PM
10/19/20 04:21 PM
Joined: Apr 2003
Posts: 11,015
Looking for a way out of Middl...
IMGTX Offline
I Live Here
IMGTX  Offline
I Live Here

Joined: Apr 2003
Posts: 11,015
Looking for a way out of Middl...
Originally Posted by jcc
Originally Posted by IMGTX
Originally Posted by crackedback
The other nice one is they are getting into mail servers and acting as agents for sales of everything from heavy equipment to home closings. Sending wire instructions to a new account and poof.... gone... when the money is wired.

If the wiring instructions for your transaction are changed midstream, get on the phone with the bank, sales people, whoever to verify with a real person and NEVER trust any email is my suggestion.


My wife works for a real estate attorney. They and their bank will not transfer money without a voice confirmation from the bank/lawyers in charge of the transaction for this very reason.
At least a couple of his clients have already been stung by this scam when they used other attorneys.


How is a voice confirmation anymore valid? Being there are more Chinese that speak English, then Americans.


The people at the bank know the lawyers and they have prearranged clerks to handle the transfers. No transfers can be done without the specific clerk that handles that account talking to specific people at the law firm. Nothings fool proof but so far so good for them. They also always have to talk to the parties involved and never go by emailed instructions alone. That is where the scams come in. Emails get sent that involve the original people with but with fake wiring instructions. How the scammers know who is involved and what person's emails are involved I don't know but it happens a lot.







Powered by UBB.threads™ PHP Forum Software 7.7.1