Various pro-ISIS hacktivists have joined up to form a nominally new group, the “United Cyber Caliphate” or “UCC.” What technical chops the UCC may have remain to be seen. So far its activities appear to be the familiar list of low-level site vandalism and death threats against named individuals and groups (this time around the groups targeted are mostly Christian).
Whatever hopes ISIS may indulge for the UCC, US cyber, financial, and kinetic operations appear to be taking a heavy toll on ISIS recruiting: jihad seems to be getting riskier for the jihadists, fighters aren’t getting paid, and prospective warriors appear to be increasingly spooked by US information and computer network attack operations. This last would explain why the US is talking as much as it is about cyber operations against ISIS: the more “extremely paranoid” ISIS becomes, the better for its opponents.
The SWIFT financial transaction network continues to mop up security issues revealed by investigations into the Bangladesh Bank hack.
The GozNym banking Trojan IBM’s X-Force is tracking has begun to show increasingly sophisticated redirect mechanisms as it spreads in Europe.
Android malware remains a matter of concern. Russian mobile users are being affected by “RuMMS,” which spreads by SMS phishing. FireEye warns that the RuMMS is after customer banking information, credentials and, of course, balances. Dogspectus also remains active against Android devices—it’s particularly dangerous, notes Blue Coat, in that it doesn’t require user action for infection.
Kaspersky is offering decryption tools for victims of CryptXXX ransomware.