Skip to main content

Hacking group nicknamed SparklingGoblin is accused of stealing usernames and IP addresses from US computer retailer and Canadian schools

A hacking group has targeted the networks of US media and retail companies to gather usernames and IP addresses, according to research from an antivirus company.

Slovakia-based cybersecurity company Eset has identified a 'backdoor' used by a group it calls SparklingGoblin to enter firm's supposedly secure servers, according to a post on the company's blog on Tuesday.

The group mostly targets the academic sectors in East and Southeast Asia, but it's also shown interest in the education sector in Canada, media companies in the US, and at least one unnamed computer retail company in the US.

It is not clear what companies were attacked or when the breaches happened. It's also not known where the group is from, though Eset notes that some of its procedures were described on a Chinese language blog, suggesting it may be based in eastern Asia. 

The group uses similar tools to the Winnti Group, which has targeted universities in Hong Kong and supply chains in the video game and software industries

The group uses similar tools to the Winnti Group, which has targeted universities in Hong Kong and supply chains in the video game and software industries

The group's backdoor, called Sidewalk, uses Google Docs to pass on IP configurations and usernames, along with other bits of sensitive information like file names, operating system versions, and computer names.

Eset classifies the group as an 'advanced persistent threat,' groups that use  'continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period of time, with potentially destructive consequences,' according to Russian antivirus company Kaspersky.

Earlier this month, T-Mobile revealed that 50 million of its customers had their data , including their names and social security numbers, stolen by a 'bad actor'

Earlier this month, T-Mobile revealed that 50 million of its customers had their data , including their names and social security numbers, stolen by a 'bad actor'

A similar toolset used by SparklingGoblin was used in a series of attacks against universities in Hong Kong by the Winnti Group, which has been active since at least 2012, according to Eset.

That group is responsible for for high-profile supply-chain attacks against the video game and software industries.

Last week, US cell phone carrier T-Mobile announced that 50 million current, former and prospective customers had their names and social security numbers stolen by a 'bad actor.' 

The personal information of 30 million people, including SSNs, was later found to be for sale on an underground forum for $270,000.

Microsoft Power Apps has been affected by a breach that saw the data of 38M people exposed

Microsoft Power Apps has been affected by a breach that saw the data of 38M people exposed 

In May, researchers at cybersecurity firm UpGuard found that the personal data of 38 million people, including social security and phone numbers and COVID vaccination status, was exposed after a breach of Microsoft Power Apps.

Companies that use the service include American Airlines, New York City public schools, Ford, the Maryland Department of Health, and the New York City Municipal Transportation Authority.

The Biden administration has made protecting the country from cyberattacks a 'top priority.'

'All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,' said Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, in an open letter to the private sector on June 2.

'Ransomware attacks have disrupted organizations around the world, from hospitals across Ireland, Germany and France, to pipelines in the United States and banks in the UK. The threats are serious and they are increasing.'

Popular posts from this blog

Study Abroad USA, College of Charleston, Popular Courses, Alumni

Thinking for Study Abroad USA. School of Charleston, the wonderful grounds is situated in the actual middle of a verifiable city - Charleston. Get snatched up by the wonderful and customary engineering, beautiful pathways, or look at the advanced steel and glass building which houses the School of Business. The grounds additionally gives students simple admittance to a few major tech organizations like Amazon's CreateSpace, Google, TwitPic, and so on. The school offers students nearby as well as off-grounds convenience going from completely outfitted home lobbies to memorable homes. It is prepared to offer different types of assistance and facilities like clubs, associations, sporting exercises, support administrations, etc. To put it plainly, the school grounds is rising with energy and there will never be a dull second for students at the College of Charleston. Concentrate on Abroad USA is improving and remunerating for your future. The energetic grounds likewise houses various
Read more

Best MBA Online Colleges in the USA

“Opportunities never open, instead we create them for us”. Beginning with this amazing saying, let’s unbox today’s knowledge. Love Business and marketing? Want to make a high-paid career in business administration? Well, if yes, then mate, we have got you something amazing to do!   We all imagine an effortless future with a cozy house and a laptop. Well, well! You can make this happen. Today, with this guide, we will be exploring some of the top-notch online MBA universities and institutes in the USA. Let’s get started! Why learn Online MBA from the USA? Access to More Options This online era has given a second chance to children who want to reflect on their careers while managing their hectic schedules. In this, the internet has played a very crucial in rejuvenating schools, institutes, and colleges to give the best education to students across the globe. Graduating with Less Debt Regular classes from high reputed institutes often charge heavy tuition fees. However onl
Read more

Sickening moment maskless 'Karen' COUGHS in the face of grocery store customer, then claims she doesn't have to wear a mask because she 'isn't sick'

A woman was captured on camera following a customer through a supermarket as she coughs on her after claiming she does not need a mask because she is not sick.  Video of the incident, which has garnered hundreds of thousands of views on Twitter alone, allegedly took place in a Su per Saver in Lincoln, Nebraska according to Twitter user @davenewworld_2. In it, an unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of the customer recording her. Scroll down for video An unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of a woman recording her A woman was captured on camera following a customer as she coughs on her in a supermarket without a mask on claiming she does not need one because she is not sick @chaiteabugz #karen #covid #karens #karensgonewild #karensalert #masks we were just wearing a mask at the store. ¿ o
Read more