PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout
An Updated Feed of All Significant Phishing Attacks
This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.
30th April 2021 | Target: Codecov | Reported Here
A few hours ago, Codecov started notifying the maintainers of the software repositories affected by the recent attack on the supply chain.
These notifications, delivered both via email and via the Codecov application interface, state that the company believes that the affected repositories were downloaded by threat agents.
The original security advisory published by Codecov lacked indicators of compromise (IOC) due to a pending investigation.
29th April 2021 | Target: Brazilian judicial | Reported Here
The Court of Justice of the State of Rio Grande do Sul in Brazil received a REvil ransomware attack yesterday that encrypted employee files and forced the courts to shut down their network.
Tribunal de Justiça do Estado do Rio Grande do Sul (TJRS) is the judicial system of the Brazilian state of Rio Grande do Sul.
26th April 2021 | Target: Reverb | Reported Here
Reverb, a popular online marketplace for musical instruments, has suffered a data breach incident and is now notifying its users. According to it, a database containing the PII of its customers was leaked online for a while and secured immediately after realizing it. Reverb suggested customers’ change their passwords for good, as they regularly do for no reason mentioned how this had happened.
26th April 2021 | Target: D.C. police department | Reported Here
Files belonging to the Washington, D.C., Metropolitan Police Department appeared Monday on a leak site affiliated with a relatively new form of ransomware.
In images posted to their site, actors associated with the Babuk malware, which was first identified earlier this year, claimed to have stolen upward of 250 gigabytes of data from D.C. police, including police reports, arrest records, internal memos and documents shared with other authorities, like the FBI.
25th April 2021 | Target: BigBasket | Reported Here
A database of about 20 million alleged BigBasket users has leaked on a well-known cybercrime forum, months after the Indian grocery delivery startup confirmed it had faced a data breach.
The database includes users’ email address, phone number, address, scrambled password, date of birth, and scores of interactions they had with the service. TechCrunch confirmed details of some customers listed in the database — including those of the author.
24th April 2021 | Target: QNAP NAS | Reported Here
A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.
Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.
20th April 2021 | Target: Eversource Energy | Reported Here
Eversource Energy suffers a data breach after customer sensitive data was disclosed on an unsecured cloud server.
Eversource Energy, a publicly traded, fortune 500 energy delivery company in New England, powering 4.3 million electric and natural gas customers throughout Connecticut, Massachusetts, and New Hampshire.
19th April 2021 | Target: GEICO Insurance company | Reported Here
Car insurance provider Geico has suffered a data breach where threat actors stole the driver’s licenses for policyholders for over a month.
Geico is the second-largest car insurance company in the United States, with over 17 million policies for more than 28 million vehicles.
16th April 2021 | Target: Various Hacking Groups | Reported Here
Hackers are distributing cryptocurrency-stealing malware over a Telegram channel to would-be hackers in a scam that has racked up $500,000, according to security researchers.
According to cyber security firm Avast, Hackers are running a Telegram channel called “Hack Boss” to distribute malicious software for other hackers to use. Unfortunately for the hackers who download it, the software won’t help them spread malware. Instead, it’ll infect their systems with cryptocurrency-stealing malware.
15th April 2021 | Target: Celsius Network | Reported Here
Crypto lending service Celsius has discovered a data breach with one of its third-party service providers has exposed the personal information of its customers, an email sent to Celsius customers and shared with CoinDesk confirms.
Hackers gained access to a “third-party email distribution system” Celsius uses, according to the email. The hackers have used this information to send fraudulent emails and text messages to Celsius to trick them into revealing the private keys to their funds.
14th April 2021 | Target: Manhunt | Reported Here
Gay dating app Manhunt has revealed that it was hacked in February, exposing the data of thousands of users.
In a statement to the Washington state attorney general’s office, Manhunt said a hacker had “gained access to a database that stored account credentials for Manhunt users.”
13th April 2021 | Target: Tasmania’s Casinos | Reported Here
Poker machines at Tasmania’s two casinos have been offline since the Easter weekend due to a ransomware cyber-attack.
Owner Federal Group was forced to shut down gaming machines at Hobart’s Wrest Point and the Country Club in Launceston following an “incident” in the early hours of 3 April.
11th April 2021 | Target: Natanz Nuclear Site | Reported Here
Israel appeared to confirm claims that it was behind a cyber-attack on Iran’s main nuclear facility on Sunday, which Tehran’s nuclear energy chief described as an act of terrorism that warranted a response against its perpetrators.
The apparent attack took place hours after officials at the Natanz reactor restarted spinning advanced centrifuges that could speed up the production of enriched uranium, in what had been billed as a pivotal moment in the country’s nuclear programme.
11th April 2021 | Target: Upstox | Reported Here
Upstox has alerted customers of a security breach that included contact data and KYC details of customers. The retail broking firm assured users that their funds and securities remain safe.
8th April 2021 | Target: Swarmshop | Reported Here
A breach of Swarmshop, an online hub for selling stolen personal and payment records, has led to the exposure of more than 600,000 payment card numbers and nearly 70,000 sets of US Social Security numbers and Canadian Social Insurance numbers, Group-IB researchers report.
7th April 2021 | Target: Carding Mafia | Reported Here
Have I been Pwned reported that the data breach exposed users’ email addresses, hashed passwords, usernames, and IP addresses. Of the 500,000 users of the hacking forum, 297,744 have been affected; however, the forum operators have not yet notified their users. The founder of Have I Been Pwned has confirmed the authenticity of the stolen data. Troy Hunt stated that the carding site recognised the leaked email addresses through the “forgot password” feature. It failed, though, when random email addresses were entered.
6th April 2021 | Target: The European Commission and European Union organizations | Reported Here
The European Commission (EC) and other EU institutions have been hit by a cyber attack.
An EC spokesperson told IT Pro that an “IT security incident” had affected a number of EU institutions, bodies, and agencies’ IT infrastructure.
Forensic analysis is still in its “initial phase” and at this stage, it is too early to provide any “conclusive information”.
6th April 2021 | Target: Michigan State Title IX | Bricker & Eckler LLP | Reported Here
Michigan State University (MSU) has been impacted by a data breach stemming from a cyber-attack on an Ohio law firm.
Bricker & Eckler LLP, which is associated with MSU Title IX contractor INCompliance Consulting, was hit with ransomware in January 2021.
6th April 2021 | Target: The National College of Ireland (NCI) and the Technological University of Dublin | Reported Here
The National College of Ireland (NCI) and the Technological University of Dublin have introduced that ransomware assaults hit their IT programs.
NCI is at the moment engaged on restoring IT companies after being hit by a ransomware assault over the weekend that pressured the school to take IT programs offline.
5th April 2021 | Target: LinkedIn User | Reported Here
Security researchers are warning LinkedIn users to beware of unsolicited job offers after revealing a new spear-phishing campaign designed to install Trojan malware on their devices.
The eSentire Threat Response Unit (TRU) yesterday claimed that individuals were being targeted with customized files named the same as their own current role.
2nd April 2021 | Target: Brown University | Reported Here
Brown University was hit by a cyberattack that has forced the school to disable systems and cut off connections to the data centre.
Brown University is a private US research university and is the seventh-oldest institution of higher education in the United States.
The university’s Computing & Information Services staff took “a number of aggressive steps to protect the University’s digital resources, including shutting down connections to our central data centre and systems within it.”
29th March 2021 | Target: Harris Federation | Reported Here
A ransomware attack has infected IT systems at schools across London, leaving tens of thousands of pupils without access to email or school-issued devices.
The Harris Federation, which runs 50 primary and secondary schools in London and Essex, fell victim to a ransomware attack on Saturday 27th March – just days after the National Cyber Security Centre (NCSC) put out an alert warning schools, colleges and universities about the “growing threat” of cyber criminals targeting education with ransomware.
25th March 2021 | Target: CNA | Reported Here
Insurance giant CNA has suffered a ransomware assault utilizing a new variant referred to as Phoenix CryptoLocker that’s presumably linked to the Evil Corp hacking group.
This week, BleepingComputer reported that CNA had suffered a cyberattack impacting their on-line providers and business operations.
22nd March 2021 | Target: MangaDex | Reported Here
Manga scanlation big MangaDex has been temporarily shut down after struggling a cyberattack and having its supply code stolen.
MangaDex is without doubt one of the largest manga scanlation (scanned translations) websites the place guests can learn manga comics on-line without spending a dime. According to SimilarWeb, MangaDex is the 179th most steadily visited site on the internet, with over 76 million guests per thirty days.
19th March 2021 | Target: Acer | Reported Here
A hacker group has demanded $50 million in ransom from Taiwanese PC maker Acer, according to Bleeping Computer. Attackers reportedly gained access to Acer’s network by exploiting a Microsoft Exchange vulnerability.
The hacker group has given Acer time until March 28 to pay the ransom else it will publish the data it claims to have accessed.