Reduction of Microsoft business in the Russian Federation, elimination of a large botnet and other cybersecurity events

We have collected the most important news from the world of cybersecurity for the week.

• Microsoft announced cutsbusiness in the Russian Federation until "until there is nothing left." The company also presented a large report on the attacks of Russian hackers.
• Pavel Durov assured that Telegram does not share user data with Google.
• Ex-employee of Amazon stole the data of more than 100 million people.

Microsoft presented a report on the attacks of Russian hackers since the beginning of the war and announced a reduction in business in Russia

Microsoft CEO Brad Smith told the Washington Post that the company will continue to cut business in Russia "until there's nothing left."

Earlier, users from the Russian Federation began to complain about the inability to download a number of products from the Microsoft website, including utilities for installing Windows 10 and 11.

In March, the company announced the suspension of new sales of products and services in the Russian Federation due to the latter's invasion of Ukraine. 

This week, Microsoft also released a report on cyberattacks by Russian hackers since the start of the war. Main conclusions:

• Ukraine was able to successfully resist the majorityattacks by Russian hackers. Microsoft has recorded «multiple waves of cyber attacks» against 48 Ukrainian organizations and enterprises. Hackers tried to penetrate network domains by distributing malware.
• One of the steps by which the processesUkrainian authorities were practically unaffected by the attacks through the technological infrastructure - Ukraine quickly and successfully transferred data outside the country to data centers throughout Europe.
• Russian hackers attack statessupporting Ukraine. Microsoft experts identified penetration attempts on the networks of 128 organizations in 42 countries. They were successful only in 29% of cases. The company also noted that Russian hackers can coordinate their actions with the Russian military.

Data: Microsoft report.

• Microsoft claims that the day before the startwar, 19 Ukrainian government websites were attacked by the FoxBlade malware. The company believes it was developed and launched by the same group behind the 2017 NotPetya attack.

Ex-Amazon employee found guilty of hacking Capital One and stealing data from more than 100 million people

Former Amazon employee Paige Thompson used a tool she created to scan Amazon Web Services accounts to find misconfigured accounts. 

She then hacked into the accounts and stole the data of more than 30 organizations, including the bank Capital One. In addition, Thompson installed cryptocurrency mining software on compromised servers.

The Seattle District Court found her guilty and could face up to 25 years in prison.

Durov said that Telegram does not share user data with Google

Telegram founder Pavel Durov commenteduser concerns regarding the use of Google speech recognition technology to translate voice messages into text when subscribed to Telegram Premium.

Some were concerned that the feature was threateningprivacy. However, Durov announced an agreement between the messenger and Google, according to which the latter “cannot do anything with this anonymized sound data except generate text versions based on them and return them back.”

WordPress sites forced to update due to discovered vulnerability

WordPress sites using the Ninja Forms plugin have been forced to update to fix a critical vulnerability. She was discovered  Wordfence specialists.

Hackers could use the vulnerability to take full control of the site.

US authorities announced the elimination of the RSOCKS botnet

During the international operation, law enforcement officers eliminated the RSOCKS botnet. It is alleged to have been controlled by Russian hackers.

RSOCKS operators compromised millionsdevices around the world. They offered customers access to IP addresses assigned to hacked devices. The cost of access ranged from $30 per day for 2,000 proxies to $200 per day for 90,000 proxies.

The FBI began tracking RSOCKS back in 2017. Later, law enforcement officers from Germany, the Netherlands and Great Britain joined the operation to eliminate the botnet.

Also on ForkLog:

• The hacker stole about $100 million during the attack on the Horizon cross-chain bridge of the Harmony protocol.
• Unknown people attacked the DNS servers of DeFi projects from among Namecheap clients.
• The Tether website has been hit by a massive DDoS attack.
• Elliptic spoke about the use of Dogecoin by scammers and criminals.
• An attacker attacked the DNS server of the Convex Finance project.

What to read on the weekend?

Against the backdrop of questions to Telegram that arose this week, we tell you what is wrong with the messenger and what alternatives there are for maintaining privacy.

How to protect the privacy of correspondence: TOP 5 private messengers

Read ForkLog bitcoin news in our Telegram - cryptocurrency news, courses and analytics.