Two of the four Romanian hackers charged with the 2011 remote hijacking of credit card processing systems of more than 150 Subway restaurants, as well as other retailers in the United States, have pleaded guilty to the crimes. According to documents filed on Monday in the U.S. District Court in New Hampshire, Iulian Dolan, 28, pleaded guilty to one count of conspiracy to commit computer fraud and two counts of conspiracy to commit credit card fraud, and Cezar Iulian Butu, 27, pleaded guilty to one count of conspiracy to commit credit card fraud. The defendants were both arrested in August 2011 upon entering the Untied States. According to federal prosecutors, the sting resulted in more than $10 million in losses.
As part of its latest attacks discovered in June, Tropic Tropper exploited several known Microsoft Exchange Server and Adobe ColdFusion vulnerabilities to distribute an updated China Chopper web shell on a server hosting the Umbraco open-source content management system.
More than 50 Alibaba-hosted command-and-control servers have been leveraged to facilitate the distribution of the backdoor, which impersonates the Java, bash, sshd, SQLite, and edr-agent utilities.
Angola and the Democratic Republic of Congo, which is a new Intellexa client, may have leveraged new Predator infrastructure to enable spyware staging and exploitation, according to an analysis from Recorded Future's Insikt Group.