Contact Contact Us

French Police Sold Police Data on Dark Web, Russian Hacker Group Conducts New Low-Key Espionage Operations

A French police officer who worked for a French intelligence agency had sold sensitive police files in a dark web market known as Black Hand, allowing criminals to create forged documents using the stolen files. The police officer also advertised a service to track the location of mobile devices that was designed for the French police to track criminals. The authorities had tracked down the police officer after they seized and closed the Black Hand market in June. The police officer was charged and sentenced to seven years of imprisonment in late September.

Russian APT group Fancy Bear, also known as APT28 and Swallowtail, has been carrying out new espionage operations on military and government organisations in Europe and South America. Fancy Bear had been linked to cyberattacks on the US president election and the World Anti-Doping Agency in 2016. Unlike the high-profile attacks in 2016, Fancy Bear appears to have shifted towards low-key intelligence gathering operations using spear phishing emails, Sofacy malware family, and Shunnael trojan. The APT group has also begun to use a Unified Extensible Firmware Interface (UEFI) rootkit dubbed Lojax, which allows the rootkit to stay in a computer’s flash memory and maintain a persistent presence even if the hard drive is replaced or the operating system is reinstalled.

[1] French police officer caught selling confidential police data on the dark web
[2] APT28: New Espionage Operations Target Military and Government Organizations

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883