At a glance.
- BGP attack disrupts Internet service.
- Pirated Zeppelin ransomware source code for sale in a C2C souk.
- BreachForums impresario re-arrested.
- Hacktivist personae and GRU fronts.
- LinkedIn as a dating platform? (Catphishing soon to follow.)
BGP attack disrupts Internet service.
Orange Spain sustained a widespread Internet outage on Wednesday after a hacker breached its RIPE account and triggered Border Gateway Protocol (BGP) disruptions, BleepingComputer reports. (RIPE is the regional Internet registry for Europe, the Middle East, and Central Asia.) BleepingComputer explains, “[T]he attacker modified the AS number associated with the company's IP addresses, and enabled an invalid RPKI configuration on them. Announcing the IP addresses on someone else's AS number and then enabling RPKI effectively caused these IP addresses to no longer be announced properly on the internet.”
According to SecurityWeek, the hacker claims the outage was an accident, and that he or she changed the account’s settings in order to “prevent an actual bad threat actor from finding the account and compromising it.”
The RIPE Network Coordination Centre advised users:
"We are currently investigating the compromise of a RIPE NCC Access account, which resulted in some services of the account holder being temporarily impacted.
"We have restored access to the legitimate account holder and are working closely with them to ensure the integrity of the account. Our Information Security team is continuing to investigate whether any other accounts have been affected. Account holders who might be affected will be contacted directly by us.
"We encourage account holders to please update their passwords and enable multi-factor authentication for their accounts. If you suspect that your account might be impacted, please report it to email@example.com."