State Police identified a criminal system that, exploiting a network of zombie computers, acquired confidential data and sensitive information for years
A cyberespionage center was stealing sensitive information from Italian institutions, entrepreneurs and politicians. This was discovered by the State Police, which issued two precautionary custody orders against a 49-year-old nuclear engineer and his sister.
The two subjects, residing in London but domiciled in Rome, for years have been acquiring data of administrations and important people using a vast and complex botnet. These are zombie computers that, once infected, can be used to remotely launch large-scale cyber attacks at any time. As in fact happened in this case. The investigation started from a report of a suspicious email arrived at the National Center for the Protection of Critical Infrastructures. The message contained EyePyramid malware and had been sent to a “prominent administrator.”
In the net of the two cybercriminals would have ended, among others, the former Premier Matteo Renzi and Mario Monti, ECB Governor Mario Draghi, several prominent members of the Guardia di Finanza (former Commander General Saverio Capolupo and General Paolo Poletti), Cardinal Gianfranco Ravasi, the banker Fabrizio Saccomanni and politicians such as Piero Fassino, Daniele Capezzone, Ignazio La Russa, Vincenzo Scotti, Alfonso Papa, Walter Ferrara, Paolo Bonaiuti, Michela Brambilla, Luca Sbardella, Fabrizio Cicchitto, Vincenzo Fortunato, Mario Canzio.
(video taken from Una vita da Social – Facebook)
The hacker attack exploited the EyePyramid malware
The two suspects, as we have seen, had infected the victims’ PCs with EyePyramid (from which the investigation took its name), a particular and insidious type of malware that allowed the two hackers to collect information from politicians and businessmen for years.The stolen data, now in possession of the law enforcement agencies, were contained in servers located in the United States. The Cyber Division of the FBI also participated in the operation, which brought to light this sophisticated cyber-espionage center.
The botnet used to spy on politicians and businessmen
The Postal Police took months to reconstruct the threads of the attack and to get to the bottom of the complex technological infrastructure set up by the two Roman hackers. The suspects used APT (Advanced Persistent Threat) attacks to break into the computer systems of their targets. This allowed them to build a well-structured botnet powerful enough to infect a large number of computer systems in a short time. Moreover, thanks to the EyePyramid malware, the two brothers were able to remotely acquire control of the target computer system, and allow the massive theft of the contents of the affected PCs.
The stolen data filed by category
“Among the observed by the Eye of the Pyramid – reads the press release – the members of a Masonic lodge, filed under the initials “BROS” (brothers)”. Among the folders identified, there was also the one dedicated to politicians: the confidential data stolen were in fact catalogued under the term “POBU” (Politicians Business). Le informazioni venivano archiviate in “zone franche” digitali ospitate su server esteri.
Ai due soggetti implicati nell’indagine la Procura di Roma contesta i “reati di procacciamento di notizie concernenti la sicurezza dello Stato, accesso abusivo a sistema informatico aggravato ed intercettazione illecita di comunicazioni informatiche o telematiche”.
Come difendersi da botnet e attacchi hacker
- Salvarsi dagli hacker: 5 errori da non commettere
- Cybersecurity, gli hacker colpiscono 10 milioni di italiani l’anno
- Security Intelligence Report: ecco i principali malware in Italia
- Allarme virus, trojan e ransomware, la guida per difendersi
- Cosa sono i ransomware e come si diffonde il contagio
- Pericolo ransomware: come difendersi con buone pratiche e antivirus
- Dilemma ransomware: è possibile fermare il “virus del riscatto”?
- Attacco ransomware: piccole e medie imprese in pericolo
- Cosa sono gli attacchi DDoS, come nascono e come difendersi
- Basta un attacco hacker sferrato da un PC per mettere KO Internet
- Cos’è il phishing? Una pericolosa truffa: ecco come non abboccare
- Privacy online: ecco come salvaguardare i nostri dati personali
- Come creare password sicura per proteggere l’identità online
- Password troppo semplice, ecco come gli hacker ci rubano i dati
- Addio ai furti di password, ecco la verifica in due passaggi
- Come impedire agli hacker di spiarci dalla webcam
Fonte foto: Shutterstock
Clicca sull’immagine e scopri come difendere i tuoi dispositivi informatici da virus e attacchi hacker
Alcuni video presenti in questa sezione sono stati presi da internet, quindi valutati di pubblico dominio. If the subjects present in these videos or the authors have something against the publication, just make a request for removal by sending an email to: [email protected]. We will provide to the cancellation of the video in the shortest time possible.