Cyber Security Today, March 22, 2021 – Acer faces huge ransomware demand, prison for sextortion and stay away from a fake Clubhouse app

Acer faces huge ransomware demand, prison for sextortion and stay away from a fake Clubhouse app.

Welcome to Cyber Security Today. It’s Monday, March 22nd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Computer manufacturer Acer is facing a $50 million ransomware demand, several news agencies are reporting. They are saying the gang known as REvil posted a notice last week on its web site that it has copied documents from the company and will publish them unless the ransom is paid. If the ransom isn’t paid by March 28th it will double. In a statement to media Acer said it has reported what it calls “recent abnormal situations” to the police. Last week Acer said it had net income of $263 million in 2020.

Administrators with network controllers from F5 Networks have had over a week to install the latest security patches after the discovery of serious vulnerabilities. It’s more urgent than ever to patch because threat actors are now actively trying to exploit these holes. If your firm hasn’t acted it may pay a price.

Some legal news to report:

A Russian man has been sentenced to 10 years in prison and a man from North Macedonia to five years by an American judge for their roles in a fraud and theft ring called the Infraud Organization. For eight years the gang pedaled stolen and counterfeit ID, bank accounts and credit card information. At one point it claimed to have 10,000 participants buying and selling goods. Police estimate the losses to victims was over $500 million.

A Virginia man has been sentenced to 31 years in prison for a sextortion scheme. The 36 year-old coerced at least 13 girls into sending him sexually explicit photos. He pretended to be a teenage girl on social media. When they sent photos, he’d post them to other social media sites. When the girls protested he demanded more photos if they wanted the pictures deleted.

Last August I reported that a Russian man was caught trying to bribe a Tesla employee to install malware on the company’s servers. That Russian has now pleaded guilty in a U.S. court to being part of a conspiracy to damage computers. According to court documents, the plan was to steal data from the electric car manufacturer and then demand money or the information would be published. He’ll be sentenced in May.

Meanwhile a U.S. grand jury has issued an indictment against a resident of Switzerland for allegedly being part of a group that hacked into, copied and published data from a number of unnamed companies. The indictment alleges the person operated a website that publishes stolen data. According to the Bleeping Computer news service that site has stolen data from a number of firms including Intel, AMD, Qualcomm, Nissan, Lenovo and Nintendo.

Are you eager to be invited to join a Clubhouse chat group? If so, beware of a fake Clubhouse web site. It tries to lure people into downloading a poisoned Android Clubhouse app, says security company ESET. There is no official Android Clubhouse app yet. There’s only an Apple app. The other way to know is the fake site has a button that says, ‘Get it on Google Play.’ That looks convincing. But victims who click on the button don’t go to the Google Play store. Instead the fake app gets automatically downloaded. The real Clubhouse website is called ‘joinclubhouse.com.” What the fake app does is steal login passwords for many sites.

That’s it for today. As always links to details about these stories are in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.

Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Follow this Cyber Security Today

More Cyber Security Today