1-15 March 2017 Cyber Attacks Timeline
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
IDDateAuthorTargetDescriptionAttackTarget Class
Attack Class
Country
LinkTags
2
101/03/2017?Single IndividualsMalware Must Die publishes the details of a massive credential harvesting campaign carried on via an SSH Direct TCP Forward attack orchestrated via an IoT botnet.
SSH Direct TCP Forward
Single IndividualsCC>1http://blog.malwaremustdie.org/2017/02/mmd-0062-2017-ssh-direct-tcp-forward-attack.htmlMalware Must Die, SSH Direct TCP Forward
3
201/03/2017?Association of British Travel Agents (ABTA)The UK's largest travel trade organisation, the Association of British Travel Agents (ABTA) experiences a cyberattack on its website that puts 43,000 holidaymakers and travel agents at risk of identity theft.UnknownOrg: TravelCCUK
http://www.ibtimes.co.uk/abta-cyberattack-43000-uk-holidaymakers-travel-agents-risk-identity-fraud-1611995
Association of British Travel Agents, ABTA
4
301/03/2017?Kennesaw State UniversityThe FBI is investigating an alleged hack of Kennesaw State University server.UnknownEducationCCUS
https://www.databreaches.net/ga-fbi-investigating-hack-of-kennesaw-state-university-server-including-state-voter-data/
Kennesaw State University
5
402/03/2017China?Lotte Duty Free (lottedfs.com)South Korea's Lotte Duty Free website (lottedfs.com) is taken down by a DDoS attack orchestrated from a Chinese IP.DDoSIndustry: RetailCCKRhttp://www.reuters.com/article/us-lotte-china-idUSKBN1690HRLotte Duty Free, lottedfs.com
6
502/03/2017?Radio Station WZZY-FMRadio station WZZY-FM falls victim to a prank when hackers access its computer systems and begin broadcasting fake news alerts of a zombie attack, along with a disease outbreak caused by the resulting carnage.UnknownRadio StationCCUShttps://www.scmagazine.com/zombies-attack-indiana-just-kidding/article/641540/WZZY-FM
7
602/03/2017?Daytona State CollegeDaytona State College notifies staff of potential W-2 incidentAccount HijackingEducationCCUShttps://www.databreaches.net/daytona-state-college-notifies-staff-of-potential-w-2-incident/Daytona State College
8
703/03/2017?Pennsylvania Senate DemocratsThe Pennsylvania Senate Democrats are hit by a ransomware attack that locks senators and employees out of their computer networkMalwareGovernmentCCUS
http://www.nbcnews.com/news/us-news/senate-democrats-pennsylvania-are-being-held-cyber-hostage-n728901
Pennsylvania Senate Democrats, Ransomware
9
804/03/2017?Advertisement board in Mexico CityA digital advertisement board owned by Grupo Carteleras located on a busy road in Mexico City is hacked on Friday and features a pornographic video for a few minutes.UnknownBillboardCCMXhttps://www.hackread.com/mexico-billboard-hacked-with-porn-video/Grupo Carteleras
10
906/03/2017
Cozy Bear (APT29)?
Several US progressive groupsNew reports reveal that Russian hackers are targeting U.S. progressive groups in a new wave of attacks. According to the report, at least a dozen groups have faced extortion attempts since the U.S. presidential election. The ransom demands are accompanied by samples of sensitive data in the hackers’ possession.Targeted AttackOrg: PoliticsCCUS
https://www.bloomberg.com/news/articles/2017-03-06/russian-hackers-said-to-seek-hush-money-from-liberal-u-s-groups
Cozy Bear, APT29
11
1006/03/2017?
Several organisations across Saudi Arabia and Europe
Kaspersky Lab reveals the details of a new wiper malware, dubbed StoneDrill, has been uncovered by security researchers, believed to be targeting more organisations across Saudi Arabia and Europe.Targeted Attack>1CC>1https://securelist.com/blog/research/77725/from-shamoon-to-stonedrill/Kaspersky Lab, StoneDrill
12
1106/03/2017?University of IdahoUniversity of Idaho notifies 257 employees after phishing incident.Account HijackingEducationCCUShttps://www.databreaches.net/university-of-idaho-notifies-257-employees-after-phishing-incident/University of Idaho
13
1207/03/2017?VerifoneCredit and debit card payments giant Verifone investigates a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions.MalwareIndustry: Banking and FinanceCCUShttps://krebsonsecurity.com/2017/03/payments-giant-verifone-investigating-breach/Verifone
14
1308/03/2017?Government organizations in the Middle EastMalware researchers at Palo Alto Networks spot a new strain of ransomware, dubbed RanRan, that has been used in targeted attacks against government organizations in the Middle East.Targeted AttackGovernmentCC>1http://securityaffairs.co/wordpress/57031/malware/ranran-ransomware.htmlPalo Alto Networks, Ransomware, RanRan
15
1409/03/2017?GMO Payment Gateway IncGMO Payment Gateway confirms data leakage from two client websites, due to the Apache Struts vulnerability. The victims are the Tokyo Metropolitan Government, and the Japan Housing Finance Agency. The total leaked records are more than 700,000.
Apache Struts Vulnerability
Industry: Banking and FinanceCCJPhttp://financefeeds.com/gmo-payment-gateway-confirms-data-leakage-two-client-websites/
GMO Payment Gateway, Apache Struts, Tokyo Metropolitan Government, Japan Housing Finance Agency
16
1509/03/2017?Queensland School PhotographyQueensland School Photography emails students' parents to notify that payment card information has been compromised.Malware
School photographic service provider
CCAU
http://www.abc.net.au/news/2017-03-14/fraudsters-target-queensland-school-photos-stealing-thousands/8350502
Queensland School Photography
17
1610/03/2017?
Products from surveillance technology company AVTech
Trend Micro discovers a new family of Linux malware targeting products from surveillance technology company AVTech exploiting a CGI vulnerability that was disclosed in 2016.CGI VulnerabilityIndustry: Video SurveillanceCCTWhttp://securityaffairs.co/wordpress/57067/malware/elf_imeij.htmlAVTech
18
1711/03/2017?Several Dutch WebsitesTurkish hacker groups target a large number of Dutch websites after the political fallout between the Netherlands and Turkey over the weekend.DDoS/Defacement>1HNLhttp://nltimes.nl/2017/03/14/turkish-hacker-groups-focus-cyberattacks-dutch-websites-incl-nl-timesTurkey, Netherlands
19
1811/03/2017?Single IndividualsDanish-speaking users were infected by malware spread through Dropbox.MalwareSingle IndividualsCCDKhttp://securityaffairs.co/wordpress/57056/cyber-crime/dropbox-links-spam.htmlDropbox
20
1912/03/2017Rekan Herrorfifthharmony.comA Kurdish hacker going by the online handle of “Rekan Error” defaces the official website of Fifth Harmony, an American girl group formed on the second season of The X Factor US in July 2012 and posts messages against ISIS.DefacementIndustry: EntertainmentHUShttps://www.hackread.com/celebrity-websites-hacked-isis-turkey-message/fifthharmony.com, Rekan Herror
21
2013/03/2017?Welsh NHSDetails of thousands of medical staff of Welsh NHS are stolen from a private contractor's computer server (Landauer). The breach happened in October 2016 and the total number of affected staff is 4,766.UnknownHealthcareCCUKhttp://www.bbc.co.uk/news/uk-wales-39249975Welsh NHS, Landauer
22
2113/03/2017?Single IndividualsGoogle declares to have identified and shut down a massive ad fraud Android botnet called Chamois, which may have infected multiple Android devices.Mobile MalwareSingle IndividualsCC>1https://security.googleblog.com/2017/03/detecting-and-eliminating-chamois-fraud.htmlGoogle, Chamois
23
2214/03/2017?Statistics Canada (statcan.gc.ca)The Canadian government confirms that the Statistics Canada website is hacked and taken offline for over two days. In the aftermath of the cyberattack parts of the Canada Revenue Agency's (CRA) site is also reportedly taken offline by authorities as a precaution.
Apache Struts Vulnerability
GovernmentCCCAhttp://www.ibtimes.co.uk/statistics-canada-site-hit-by-hackers-taken-offline-peak-tax-season-1611419Statistics Canada, statcan.gc.ca
24
2314/03/2017?Several targetsKaspersky Lab reveals the details of PetrWrap, a new Petya-based ransomware used in targeted attacks.Malware>1CCTR
https://securelist.com/blog/research/77762/petrwrap-the-new-petya-based-ransomware-used-in-targeted-attacks/
Kaspersky Lab, PetrWrap, Petya, Ransomware
25
2414/03/2017?Magento installationsSucuri reveals that Cybercriminals continue to target the Magento platform, abusing a payment module (Realex Payments Magento extension, SF9) to steal payment card data from online shops running on Magento e-commerce platform.
Malicious Function Injection
Industry: SoftwareCC>1http://securityaffairs.co/wordpress/57119/cyber-crime/magento-realex-payments-extension-hack.htmlRealex Payments Magento extension, SF9
26
2514/03/2017?Mountain Home Water DepartmentThe servers of Mountain Home Water Department fall victim of a ransomware attack.MalwareUtility: WaterCCUShttps://www.databreaches.net/city-erases-re-installs-server-after-ransomware-attack/Mountain Home Water Department, Ransomware
27
2615/03/2017?Dun & BradstreetA Dun & Bradstreet 52GB database containing about 33.6 million records with very specific details about each of the people involved from job title to email address is exposed.UnknownIndustry: Business ServicesCCUShttp://www.zdnet.com/article/millions-of-records-leaked-from-huge-corporate-database/Dun & Bradstreet
28
2715/03/2017?Wishbone AppHackers steal 2.2 million email addresses and 287,000 cellphone numbers from popular teen quiz App Wishbone users, many of whom are young women under the age of 18.UnknownIndustry: SoftwareCCUS
https://motherboard.vice.com/en_us/article/popular-teen-quiz-app-wishbone-has-been-hacked-exposing-tons-of-user-information
Wishbone
29
2815/03/2017?Single Individuals (via TwitterCounter)
A large number of Twitter accounts including verified big-name brands, from Justin Bieber to Forbes Magazine, are hacked to display Nazi symbols, a message written in Turkish and two hashtags that translate to "NaziGermany" and "NaziHolland." The issues appear to be linked to a service called Twitter Counter, an analytics company that was previously embroiled in a similar incident last year.
Account HijackingSingle IndividualsCC>1
http://www.ibtimes.co.uk/huge-twitter-hacking-campaign-spreads-nazi-swastikas-pro-erdogan-propaganda-1611700
Twitter, TwitterCounter, Justin Bieber, Forbes Magazine, NaziGermany, NaziHolland
30
2915/03/2017?
Several business organizations in North America
Trend Micro reveals the details of MajikPOS, a new PoS malware, targeting business in North America and Canada.PoS Malware>1CCUS
CA
http://securityaffairs.co/wordpress/57176/malware/majikpos-malware.htmlTrend Micro, MajikPOS
31
3015/03/2017Anonymousboaec.com.brThe Anonymous deface the official website of Boa Esporte, a second division football club in the state of Minas Gerais, after the team hired goalkeeper Bruno Fernandes das Dores de Souza convicted for murdering his ex-girlfriend.DefacementOrg: SportHBRhttps://www.hackread.com/anonymous-hacks-football-club-site/boaec.com.br, Boa Esporte, Bruno Fernandes das Dores de Souza
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...