A U.S. district court has charged two Romanians with hacking 65 percent of the computers that control Washington DC’s surveillance camera network.
An affidavit (PDF) filed with the United States District Court for the District of Columbia on 11 December alleges that the two suspects, Mihai Alexandru Isvanca and Eveline Cismaru, did “knowingly and with intent to defraud, access protected computers without authorization and by means of such conduct to further their intended fraud and to obtain something of value.” It also accuses them of maintaining an “intent to extort from persons money and other things of value.”
Forensic evidence gather by the United States Secret Service (USSS) indicates that the two Romanians are most likely responsible for compromising the computers that help control 123 of the 187 surveillance cameras operated by the Metropolitan Police Department of the District of Columbia (MPDC) around 9 January 2017. USSS learned of the compromise from the MPDC and via Remote Desktop Protocol (RDP) connected to one of the compromised computers. On that unit, agents discovered opened desktop windows, including one window opened to SendGrid showing an activity feed for multiple email addresses, that the MPDC had not initiated.
Further investigation revealed that those responsible for compromising the surveillance camera computers were abusing those units in tandem with SendGrid to send out spam email laden with two types of crypto-ransomware: Cerber and Dharma. A txt file found on the compromised computer contained 179,616 email addresses of potential victims alone.
Ultimately, USSS analysts determined that multiple email accounts had accessed the compromised computer between 9 January and 12 January. They traced those accounts back to Gmail accounts operated by Isvanca and Cismaru. Both of those accounts had sent and/or received information pertaining to more than 1,500 credit cards.
This isn’t (Read more...)
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security