January Cyber-Threat Report: Hackers Think Big
This post is also available in: 
עברית (Hebrew)
Who was behind the largest credit fraud in the history of the U.S, how did hackers infiltrate Ministry of Defense computers and how were Yahoo users taken advantage of by Bitcoin miners? The new ESET January threat report goes into detail.
A 17-year-old Russian teenager is the main suspect behind one of the largest credit fraud incidents in U.S. history. According to suspicions the young hacker created the program that was used to steal credit card information from Target clients – affecting no less than 110 million victims. The youth himself isn’t charged with direct involvement in the crime, although he is still charged with creating malicious programs and aiding and abetting. If the courts find him guilty there’s a good chances he’ll find himself behind bars.
If you thought Ministry of Defense computers are impervious to cyber attacks, think again. A trojan managed to infiltrate the ministry networks after an official – or several – downloaded files attacked to e-mails they assumed were sent by the Israeli General Security Service. The trojan was hidden in a pdf file and started working in the background after the file was opened, without the users noticing. Ministry officials quickly stated that the infiltrated computers didn’t contain sensitive information and that the issue is under investigation.
IHLS – Israel Homeland Security
In early January it was made public that the Yahoo ad servers were infiltrated, spreading malicious code and infecting around 300,000 users. The hackers abused a Java vulnerability, the software used to display the ads. The Israeli cyber-security firm Light Saber claims it has identified the purpose of the attack – seeding malicious code in the victims’ computers, code that was supposed to use their system for Bitcoin mining without their knowledge or consent.
In order to avoid attacks like those mentioned above users should always update their operating system and browsers, use well known and credible protection software and never download any untrusted files attached to e-mails.
