Group-IB reports that a new and inexperienced group of hackers from Iran are using Dharma ransomware against easily attacked businesses in Russia, India, China, and Japan. They’re “greeners,” in Group-IB’s description, and BleepingComputer calls them “low-skilled,” using commodity tools and well-worn approaches, but they’ve been successful nonetheless. They use Masscan to look for organizations with “Internet-facing RDP and weak credentials.” The group’s emergence is noteworthy, Group-IB thinks, because it suggests that Iran, like other aggressive cyber powers, now harbors an underworld of financially motivated cyber criminals.
Snyk has identified malicious code in the Mintegral software development kit widely used by applications in Apple’s App Store. The “SourMint” malware is adapted to ad fraud and data collection.
A former US Army officer, Peter Rafael Dzibinski Debbins, has been charged with conspiracy to gather or deliver defense information to aid a foreign government. The indictment alleges that Mr. Debbins worked for Russia’s GRU between 1997 and 2011. After leaving the Army in 2011 Mr. Debbins worked for several Government contractors, the Washington Post reports, but the indictment is confined to his period of military service.
TikTok intends to file a lawsuit challenging the US Executive Order on Addressing the Threat Posed by TikTok. CNBC says the suit could be filed as early as this week.
In the meantime, a group of TikTok users have gone ahead with their own suit. The Wall Street Journal says the plaintiffs allege the Executive Order’s unconstitutional, harming free speech and imposing a disparate impact on Chinese-Americans.