fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ukrainian Police Arrest DDoS Operator Controlling 100,000 Bots

Ukrainian Police Arrest DDoS Operator Controlling 100,000 Bots

Ukrainian police have arrested a hacker who controlled a 100,000 device botnet used to perform DDoS attacks on behalf of paid customers.

DDoS for hire

The threat actor was arrested at his home in Prykarpattia where he was allegedly using the botnet to perform DDoS attacks or to support other malicious activity for his clients.

This activity included brute-forcing login credentials at web sites, performing spamming operations, and to penetration testing on remote devices to identify and exploit vulnerabilities. 

According to the SSU announcement, the hacker wasn’t simply using the sheer power of his botnet to take down sites. Instead, he also performed reconnaissance and penetration testing to identify and exploit vulnerabilities in the target websites. 

Also Read: The 5 Important Things To Know In Security Pen Testing

Opsec mistake

press release by the Ukrainian SSU states the hackers found his customers on private forums and Telegram channels, where he was paid through electronic platforms such as ‘Webmoney’ for his illicit activity. This payment platform is subject to sanctions in the Ukraine.

The actor registered an account on Webmoney with his real address, allowing the Ukrainian police to find where he lives. In the home, law enforcement seized computer equipment that controlled the botnet, effectively shutting down the malicious operation. 

From the SKU operation
From the police operation – SSU

The Ukrainian hacker is now facing charges for the violation of Part 2 of Art. 361-1 of the Criminal Code of the country, relevant to the distribution and sale of malicious software, and the interference with the work of computers and networks. 

These charges could incur severe penalties like several years of imprisonment, but the police will first have to fully evaluate the evidence that is stored in the seized systems to determine the full scope of the hacker’s acts. 

Also Read: New Licensing Requirements For Cyber-Security Service Providers in 2022

This arrest continues worldwide law enforcement operations to disrupt DDoS attacks that can cause wide-reaching impact against businesses and infrastructure.

Last month, the US Department of Justice charged an operator of the WireX Android botnet for a distributed denial-of-service attack on a multinational hotel chain.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us