At a glance.
- Sanctioned "Blender" reappears as "Sinbad."
- Tonto Team cyberespionage attempt against Group-IB thwarted.
- DarkBit claims responsibility for ransomware attack on Technion University.
- Cyber phases of Russia's hybrid war.
- ICS/OT security: an overview.
- Valentine's Day and romance scams.
Sanctioned "Blender" reappears as "Sinbad."
Blender, a cryptocurrency mixer used by North Korea's Lazarus Group as a money-laundering tool, was effectively driven out of business in May of last year by U.S. Treasury Department sanctions. It has apparently been reconstituted, researchers at Elliptic report, under the name "Sinbad," and it's again at work for the Lazarus Group. Elliptic says, "Sinbad was launched in early October 2022, and despite its relatively small size, it soon began to be used to launder the proceeds of Lazarus hacks. Tens of millions of dollars from Horizon and other North Korea-linked hacks have been passed through Sinbad to date and continue to do so, demonstrating confidence and trust in the new mixer. Like Blender, Sinbad is a custodial mixer, meaning that its operator has full control over the cryptoassets deposited within it."