Reuters reports that the U.S. Department of the Treasury was able to avert distributed denial-of-service attacks deployed by Russian hacktivist group Killnet last month.
Killnet, which admitted to having launched DDoS attacks against various U.S. states' and airports' websites last month, attempted to compromise the Treasury Department's critical infrastructure nodes days before it attacked U.S. financial services firms, according to Todd Conklin, who serves as Deputy Treasury Secretary Wally Adeyemo's cybersecurity adviser.
JPMorgan Chase & Co has been claimed by Killnet to be among its victims although the bank noted that its operations have not been affected.
"[The attack] confirmed that we're on the right track with how we're trying to actually share tactical information with the sector in real time with the mind that we are interconnected and face the same threat actors," said Conklin, who noted that IP addresses leveraged in the Killnet attack have been immediately shared with financial services entities.
This week in the Security News: When you just wanna hurl, malicious containers, FCC bans stuff, these are not the CVE's you're looking for, Linux password mining, mind the gap, hacking smart watches, & more!
Threat actors were able to steal at least $15 million in cryptocurrency from separate but connected attacks against Web3 infrastructure provider Ankr and cryptocurrency platform Helio, reports The Record, a news site by cybersecurity firm Recorded Future.
Jscrambler researchers say while this latest reported Magecart attack dates back to December 2021, the attackers launched the attack by taking over a defunct internet domain that was decommissioned in December 2014.