We picked six stories for you this week. For next week, we will be back with an RSAC 2022 Recap Report. Have a great weekend!
1. Korea Builds Secure Message System with Europol
South Korean police are one step closer to exchanging operational information securely with their European counterpart. The Korean National Police Agency announced on Wednesday that they have signed a memorandum of understanding (MOU) with Europol in the Hague, Europol’s headquarters. The MOU will allow South Korean police to establish the Secure Information Exchange Network Application (SIENA) managed by Europol. According to Europol’s official website, SIENA is a platform which enables law enforcement authorities to securely share strategic crime-related information and intelligence. In the written statement released to the press, South Korean police are expecting to complete the installation by the end of this year. South Korea joined Europol in December 2021. South Korea was the tenth country outside of Europe to join the European law enforcement cooperation agency.
2. Korean Authorities to Join Forces to Tackle Phone Scams
Roughly thirty thousand South Koreans have lost money to phone scams over the past year. 774 billion won, approximately 596 million dollars, was lost. The Office for Government Policy Coordination, Prime Minister’s Secretariat, announced on Thursday that South Korean government agencies are banding together to tackle phone scams. According to a written statement released to the press, South Korean authorities are planning to establish an organization that specifically handles both complaints and responsive measures related to phone scams. Currently, the victim has to call multiple organization to get the help they need. Moreover, South Korean authorities are forming a joint investigation team to crackdown on phone scammers.
3. Korea Arrests 409 Accused of Drug Trafficking on the Dark Web
The Korean National Police Agency announced on Monday that they had conducted a crackdown on drug-related crime from March to May. In a statement released to the press, over 3,000 people were captured. Among them, 409 individuals used cryptocurrency and the dark web to carry out the crime. From January to May 2022, the number of criminals increased to 493. According to the police, 43 suspects are currently under arrest. “The criminals are not just Koreans, they have different nationalities,” said the narcotics and organized crime investigation division official. The number of drug trafficking activities on the dark web is on the rise in South Korea. South Korean authorities have captured 832 suspects in 2021. In 2019, the number was 82.
4. Korea Imposed an Exit Ban on Terraform Labs Staff
South Korea has restricted Terraform Labs staff from leaving the country, multiple local media outlets reported. According to Yonhap News, about 15 ex-employees of the company are included on the ban list. The South Korean investigation of TerraUSD (UST), the high profile stablecoin which wiped out around $40 billion in market value, was followed by a probe into the firm by the U.S. Securities and Exchange Commission (SEC). On Monday, Daniel Hong, a former employee of Terraform, mentioned the travel ban on Twitter. In his tweet, Hong said, “the Korean government imposed an exit ban for all ex-@terra_money employees today.” In addition, South Korean prosecutors are considering invalidating Terraform Labs founder Do Kwon’s passport as a way to bring him to the country, YTN reported.
5. [Intelligence] 7.9 Million Cards’ Information Is Disclosed
Carding market “BidenCash” disclosed 7.9 million cards’ information on underground forums. According to analysis by S2W, the BidenCash operator posted a link to carding information on underground forums on June 15. The operator has been displaying the information for 7,948,828 cards in total on its market, which is freely accessible by other users. The information includes the cardholder’s name, city, country, bank, address, phone number, etc. Some information also includes the card number and CVV information. S2W determined that a total of 6,487 card numbers were found on the market. Excluding invalid card numbers, 1,427 valid numbers were found. As for the carding data which is disclosed, the United States ranked at the top, consisting of 81% of the total volume.
6. [Intelligence] Kaspersky Reveals Details About ToddyCat
Kaspersky published a new report on a relatively new advanced persistent threat (APT) group, dubbed ToddyCat, on Friday. The cybersecurity firm reported that ToddyCat has been carrying out an ongoing campaign, which focuses on compromising multiple Microsoft Exchange servers using two malicious programs: Samurai backdoor and Ninja Trojan. According to analysis by Kaspersky, the two cyber espionage tools are designed to penetrate deeply into targeted networks while persistently maintaining stealth. Kaspersky also pointed out that the campaign primarily targeted government and military sectors in Europe and Asia. In a press release, the company mentioned that the activity of ToddyCat was first detected by Kaspersky in December 2020 and since then, the APT group has been consistently escalating its attacks. “ToddyCat is a sophisticated threat actor with elevated technical skills, which is able to fly under-the-radar and make its way into top-level organizations. The best way to face this kind of threat is to use multi-layer defenses, which provide information on internal assets, and to stay up to date with the latest threat intelligence,” commented Giampaolo Dedola, security expert at Kaspersky.
