Facebook Phishing, VPN Blocks and Other Cyber Security Events

We have collected the most important news from the world of cybersecurity for the week.

Phishers attacked usersFacebook under the guise of a support service.
LockBit introduced a «bounty program» to search for vulnerabilities and an updated encryptor.
The Russian authorities are preparing to block the next batch of VPN services.

Experts have identified a phishing campaign targeting Facebook users

Trustwave has detected attempts to hack Facebook users through phishing emails purporting to be from the social network's helpdesk and chatbot.

Attackers send letters to victims about allegedly violating the rules of the social network. They are offered to solve the problem and avoid blocking through communication with the «support service» using a chatbot.

Victims are subsequently redirected to a phishing site where they are asked to enter their details, including email and phone number, as well as an account password. 

LockBit has launched a «bounty program» and introduced an updated encryptor

The operators of the LockBit ransomware virus launcheda program to detect vulnerabilities in potential targets and information about them, which was called the «first bounty program on the darknet». In addition, they introduced the updated LockBit 3.0 malware.

According to Bleeping Computer, hackers are willing to pay from $1,000 to $1 million to find various bugs. They also offered rewards for "brilliant ideas" to improve their ransomware.

In addition, the hackers will pay $1 million to dox the head of the LockBit affiliate program.

The group has also begun accepting the privacy-focused cryptocurrency Zcash as ransom, in addition to bitcoin and Monero.

Recall that at the beginning of the year, LockBit hackers made public the data of users of the BTC-Alpha cryptocurrency exchange and reported the theft of information from more than 100,000 customers of the PayBito platform.

TikTok confirms that Chinese employees can access US user data

Several US senators have accused TikTokspying on US citizens. They demanded to clarify whether employees from China have access to user data in the United States and whether representatives of the PRC authorities can get it.

The company confirmed in the letter that certain employees may be able to access certain information about TikTok users in the United States. At the same time, the service emphasized that it is not transferred to the Chinese authorities.

Media: Roskomnadzor is preparing to block a number of VPN services

Roskomnadzor intends to restrict access to a number of VPN services. This follows from a letter from the Central Bank to Russian banks, writes Frank Media.

These are VPN Proxy Master, Browsec VPN, vpn-super unlimited proxy, Melon VPN, Windscribe VPN, VPN RedCat secure unlimited and Proton VPN. A number of them have already begun to block.

The main reason for restricting the operation of various VPN services in Roskomnadzor is the ability to use them to gain access to information prohibited in the territory of the Russian Federation.

RansomHouse hackers claim over 450 GB of data stolen from AMD

The hacker group RansomHouse said that last year they stole more than 450 GB of data from one of the largest manufacturers of AMD processors. Bleeping Computer writes about it.

The publication indicates that usually RansomHouse encrypted the data and demanded a ransom. However, in this case, the hackers found it more profitable to sell the stolen information to attackers and other companies.

AMD announced the start of an investigation.

Also on ForkLog:

OpenSea has reported a user data breach.
Lazarus hackers may be behind the Horizon attack, Elliptic said.
A hacker hacked the largest NFT marketplace based on Optimism.
North Korea lost "millions of dollars" stolen by hackers due to the collapse of the cryptocurrency market, the media calculated.

What to read on the weekend?

Unimpeded access to information is one of thefundamental human rights realized via the Internet. Blocking, censorship and other restrictions on this right actually limit freedom. Today this is exactly what is happening in the Russian Federation. 

ForkLog has compiled a short guide on services, applications and messengers that will help you bypass censorship: