Page 10 - GS180602
P. 10
NewsBriefs
Editor's Note: Following are excerpts from news stories recently posted Baratov testified he was hired by Dmitry Dokuchaev and
under Breaking Industry News on our home page. For links to these and Igor Sushchin, officers of the Russian Federal Security
other full news stories, please visit www.greensheet.com/breaking- Service, who directed him and others to hack webmail
news.php?flag=previous_breaking_news. accounts at Yahoo and other hosting services. The spear-
phishing campaign was active between January 2014 and
December 2016, according to court records. The campaign
used data stolen in the Yahoo breach to gain access to
private emails.
Visa, Mastercard settle with New Mexico
The state of New Mexico reached a $3.4 million settlement
with Visa and Mastercard. The settlement stems from a
2014 lawsuit that called into question credit and debit card
interchange fees assessed New Mexico merchants and
state agencies, alleging they were excessive in violation of
state law.
Visa and Mastercard agreed to settle "without any admis-
Router reboots halt VPNFilter sion of liability or wrongdoing whatsoever," according to
but won't ensure security the settlement document. Under terms of the agreement,
Visa paid about $2.27 million into a settlement fund and
The FBI issued an alert on May 25, 2018, after discovering a Mastercard paid about $1.13 million. The two companies
global attack on small-office and home-office routers. Bad also agreed to join and pick up the cost of a consumer fi-
actors have used VPNFilter malware, which can detect nancial education campaign to be launched by the state
and exploit data transitioning through infected devices, attorney general's office.
authorities stated. Forensic researchers noted the malware
can block network traffic, and its use of encryption and "We negotiated an agreement that will compensate the
spoofed networks as camouflage makes it difficult to find. harm to New Mexico's economy, enforce our strong con-
The bureau estimates hundreds of thousands of networked sumer protection statutes and deter companies that seek
devices may have already been compromised. to exploit our citizens and violate our consumer protection
laws," state Attorney General Hector Balderas said regard-
"The size and scope of the infrastructure impacted by ing the settlement in April. Balderas, in his complaint, al-
VPNFilter malware is significant," FBI agents stated. leged that interchange affects not only merchants in New
"The malware targets routers produced by several Mexico, but consumers in the state as well, because mer-
manufacturers and network-attached storage devices by chants pass along a portion of card costs to consumers in
at least one manufacturer. The initial infection vector for the form of higher prices.
this malware is currently unknown."
Despite being identified as injured parties, neither
The FBI asked small-business owners and civilians to merchants nor consumers in New Mexico will see any
disrupt the malware and help identify infected devices by of the settlement money. "It is the State's position that
rebooting their routers. They also recommended disabling the settlement amount and related injunctive relief are
remote management settings on connected devices and intended to remediate the harms to the State and its
using advanced encryption methods, up-to-date firmware communities resulting from the alleged unlawful conduct
and strong passwords when remote access is enabled. of the Defendants, and that the settlement amount shall
be expended, in the sole discretion of the Attorney
Russians behind Yahoo breach, Feds say General, to enhance the Office of the Attorney General's
Karim Baratov, a 23-year-old Canadian hacker, was law enforcement efforts to prevent and prosecute financial
formally sentenced in Northern California, May 29, 2018, fraud or unfair or deceptive acts or practices, including
in connection with a massive Yahoo! data security breach anti-competitive behavior, and to investigate, enforce and
first reported in September 2016. prosecute other illegal conduct related to financial services
or consumer protection and antitrust laws," the settlement
Baratov, whose aliases include Kay, Karim Taloverov document stated.
and Karim Akehmet Tokbergenov, will serve five years Big goals for Ripple's
in prison and was ordered to pay restitution of $250,000 blockchain-to-blackboard initiative
to millions of consumers whose identities and personal
information were compromised, authorities stated. His The University Blockchain Research Initiative, under-
sentencing concluded a multinational FBI investigation written by Ripple and launched June 4, 2018, will support
and led to the arrest of other offenders Baratov named as academic research and development of blockchain and
part of a plea deal.
10
