BlogNews22ND SEP 2023
AuthorSamir Yawar
3 min read
News

ICC Cyberattack, PILOPUOTI Dark Web Marketplace Make Headlines

Twitter
Facebook
WhatsApp
Email
LinkedIn
Our news roundup looks at the HTTPSnoop backdoor exploit,  the ICC cyberattack, and the PILOPUOTI dark web marketplace.

This week was punctuated by cyber-attacks in various countries in the Middle East, the Netherlands, and Finland. We take a look at these developments that have got cybersecurity researchers talking.

Cybersecurity News Roundup


The ICC gets breached

The International Criminal Court (ICC) revealed it was hit by a cyberattack on Tuesday. The attack happened after its systems had been breached.

The Dutch authorities and ICC are investigating the incident. No information has been disclosed regarding the nature and extent of the cyber attacks faced by the international tribunal.

ICC spokesperson released the following statement regarding the attack:

The International Court of Justice is an international tribunal that deals with the gravest crimes that impact the larger international community. It investigates and prosecutes offenses like genocide and war crimes.

PILOPUOTI dark web marketplace gets shut down

A dark web marketplace serving as a front for illegal narcotics trade since 2022 has been taken down in Finland.

Finnish authorities revealed that the PILOPUOTI marketplace, which operated as a “hidden service in the encrypted TOR network,” is no more. Details about any arrests have not been released so far.

According to Finnish customs, drugs from the site were smuggled to Finland from other places. Law enforcement authorities have partnered with Germany and Lithuania to launch a criminal investigation into its origins.

Romanian cybersec firm Bitdefender also aided in the seizure of PILOPUOTI.

Middle East Telecoms targeted by HTTPSnoop backdoor

In a shocking development, the HTTPSnoop backdoor has reportedly targeted several telecom operators across the Middle East. This backdoor is part of the new intrusion set ShroudedSnooper, allowing threat actors to snoop into conversations on infected devices.

According to researchers from cybersecurity firm Cisco Talos:

"HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the infected endpoint."

Reports state that the ShroudedSnooper exploit infects internet-facing servers, deploying the HTTSnoop payload to gain access to target environments. The malware strain then impersonates Palo Alto Network’s Cortex XDR application to evade detection.

Samir Yawar
Samir Yawar / Content Lead
Samir wants a world where people can instinctively whack online scams and feel accomplished without the need for psychic powers. As an ISC2 member, he is doing his bit to turn cybersecurity awareness training into a fun concept with simple, approachable and accessible content. Reach out to him at X @yawarsamir
FAQsFrequently Asked Questions
A backdoor is a malware type that grants threat actors access to a system by bypassing normal authentication procedures.