Warnings about Russian compromises of the US power grid continue, as do worries about influence operations or direct manipulation of mid-term voting. Senator Shaheen (Democrat of New Hampshire) says that officeholders and political parties are often targets of phishing attacks, and that the experience reported by Senator McCaskill (Democrat of Missouri) isn't an outlier. Other Senators are interested in seeing what can be done about deep fakes—convincing but concocted video, audio, or imagery—that are thought to be the future of influence operations and black propaganda.
The US Army is undergoing one of its periodic rediscoveries of the importance of electronic warfare. This time the precipitating cause is Russian jamming of US forces operating in and around Syria.
Check Point reports that a criminal going by the nom de hack "Master134" is running a successful malvertising campaign across the HiBids advertising platform. Master134 has redirected stolen traffic from more than ten-thousand compromised WordPress sites and resold it to Adsterrra, which in turn sold the traffic to advertising resellers. The malicious advertising carries ransomware, Trojans, and so on.
Proofpoint describes a new version of AZORult it's observed in the wild. AZORult is an information stealer and downloader first noticed in 2016, where Proofpoint found it as a secondary infection of the Chthonic banking Trojan. This version retains the original functionality but seems improved in every respect. Shortly after it appeared on the black market it was seen distributing Hermes ransomware.
KickICO lost $7 million to creative-destructive hacking of its tokens.