Share this page!

Kim Zetter Profile picture
Twitter logo
14 Jan, 8 tweets, 3 min read
Sources tell me ~15 sites in Ukraine - all using October content management system - have been defaced, incl Min of Foreign Affairs, Cabinet of Ministers, Min of Ed, Emergency Services, Treasury, Environmental Protection. Attackers apparently used this: cvedetails.com/cve/CVE-2021-3…
Screenshot in my previous tweet is Ministry of Foreign Affairs site. Site is currently down, but @ChristopherJM grabbed screenshot before it went down. In addition to defacements, Min of Veterans has been hit with DDoS campaign sources tell me.
There's currently no indication that the attacks went beyond defacement and DDoS, but it's too early to say.
Here's a description of the vulnerability in the October content-management system that sources tell me the hackers used to deface the Ukrainian sites👇
Sources tell me the attacks were done manually this evening - meaning they weren't automated attacks configured prior to this evening - and the attacker or attackers changed admin credentials and defaced the main page of the sites
Sources tell me be careful about interpreting what is meant by “destructive” in Ukraine story. At least 2 gov sites still down - one for registering vehicle insurance, other egov (passports etc). Volumes wiped, but not databases. Restoring from backup

reuters.com/world/europe/e…
When general public hears a cyberattack was “destructive,” they interpret it differently from how security community interprets it. Public thinks critical infrastructure is destroyed, things are broken or exploding. Security ppl know this generally means data/servers were wiped

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kim Zetter

Kim Zetter Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @KimZetter

Kim Zetter Profile picture
20 Dec 21
Re-watching Matrix trilogy in advance of new release, noticed recurrence of steak in films. There’s famous Cypher steak scene in 1st film, but also at end of credits it says password for Matrix site is “steak,” and billboard in Matrix Reloaded says “Steak!” in giant letters.
When I Googled for info about recurring steak theme, I came across recent interview w/ Joe Pantoliano (Cypher) talking about how Keanu fought to keep steak scene in film when studio wanted it cut, and the Wachowski’s strange reaction when talking about itt italy24news.com/entertainment/…
Haven’t watched the films closely enough to see if there are other hidden references to steak.
Read 4 tweets
Kim Zetter Profile picture
9 Dec 21
Three American spies who helped the UAE's DarkMatter surveillance program spy on journalists and activists are now being sued by one of the targets of those spy operations, along with DarkMatter. The three - Marc Baier, Ryan Adams, Daniel Gericke - were recently charged by DoJ
The lawsuit says the spying the 3 Americans helped DarkMatter do led to the arrest of Saudi human rights actvist Loujain Hathloul Alhathloul by UAE security services, and to her rendition to Saudi Arabia "where she was detained, imprisoned, and tortured" eff.org/files/2021/12/…
"The acts committed by Defendants against Ms. Alhathloul are inextricably linked to the US. Defendants carried out these actions using sophisticated cyber-technology developed in the US and obtained from US companies, and used this technology...to infect Ms. Alhathloul’s phone"
Read 6 tweets
Kim Zetter Profile picture
6 Dec 21
Owner of Mitto, Swiss company that sends marketing/security codes/ads via txt, had privileged access to telecom SS7 networks and sold that access to surveillance companies to track location of mobile phones. One phone tracked was a US State Dept official
thebureauinvestigates.com/stories/2021-1…
Mitto has had partnership with Google and Twitter to txt security codes to users, and has had partnership with 100+ telecoms, incl Vodafone, Telefónica, MTN, Deutsche Telekom. Gorelik sold the service to surveillance companies which in turn contracted with government agencies
“sources who said their former company worked with Gorelik to carry out surveillance for governments added that he installed custom software at Mitto that could be used to target certain people…there was virtually no oversight of surveillance carried out using Mitto’s systems”
Read 6 tweets
Kim Zetter Profile picture
24 Nov 21
Using supposedly impregnable encrypted phones, Serbian hit men discussed plans to kill a judge. But as they texted, their messages also flashed up on the computer screens of a secret police team in Belgium that had hacked into the messenger service they were using, Sky ECC.
Sky sold phones w/ encryption software installed and GPS/camera/microphone disabled. Messages got automatically deleted after 48 hrs if contact wasn’t reachable, and devices could be wiped remotely. Sky said platform was impenetrable and offered $5 mil to anyone who could hack it
Authorities found Sky server in northern France and worked w/ officials to get access. At first they could only see metadata, not messages. Until an international team of hackers found way to decrypt about half of the 3 million daily messages, and used keyword filters to sort
Read 7 tweets
Kim Zetter Profile picture
24 Nov 21
Sebold, author of the novel Lovely Bones, was assaulted as a college freshman. She later identified Broadwater as her attacker in court, though she'd identified someone else in police lineup. Broadwater was falsely convicted from her identification of him and faulty hair analysis
Wondering how the film adaptation of Sebold's memoir "Lucky" will handle the news revealed today that the person Sebold identified as her attacker years ago was not the person who attacked her. variety.com/2021/film/news…
Interesting detail. It was due to film adaptation of Sebold's memoir that Broadwater’s conviction was overturned. Producer on film grew skeptical of Broadwater’s guilt when reading the script. He dropped out of film project and hired private investigator.
theguardian.com/us-news/2021/n…
Read 4 tweets
Kim Zetter Profile picture
26 Sep 21
Wild story that comes just as UK court set to decide if Assange should be extradited to US. Pompeo wanted CIA to assassinate Assange for role in publishing CIA’s Vault7 hacking tools & DNC emails. Actual scenarios were proposed. Great reporting @zachsdorfman @SeanDNaylor @Isikoff
Potential Assange escape set off wild scramble among US, UK and Russian spy agencies who all stationed undercover operatives around embassy. “every human being in a 3-block radius was working for one of the intel services—whether they were street sweepers or…security guards”
Obama administration, fearful of interfering w/press freedom restricted investigations into Assange/WikiLeaks. “We were stagnated for years. There was a reticence…to allow agencies to engage in” certain kinds of intel collection against WikiLeaks, including signals & cyber ops.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @KimZetter has new unrolls!

Check out other threads from @KimZetter!

Read all threads by @KimZetter

:(