Cyberattack on Migrations: the Government presented a precautionary measure to stop the dissemination of stolen files on Google

Elections in the United States: the strange cases of the intellectuals who vote for Donald Trump

For some, the president represents rage against the "liberal orthodoxy" of the Democrats. For others, it is the "lesser evil" compared to Joe...

Confusing study of coronavirus warfare: vampire bats recognize importance of safety gap

Bat species are suspected to be the original carriers of the current SARS-CoV-2 virus. According to the prevailing theory, the virus traveled through...

Jill, Hunter, Ashley … who is who in Joe Biden’s family and what does each member do?

The elections on November 3 in the United States could extend Donald Trump's tenure in the White House for another four years or, on...

VIDEO Violent protests in Italy over new anti-COVID-19 government restrictions. Protesters threw Molotov cocktails

In Turin, protesters threw Molotov cocktails at law enforcement, tear gas was used against protesters in Milan, and violence was reported in Naples,...

Disinformation contaminates the US elections

The disinformation it is not a new phenomenon but in the current election campaign in the United States that deliberate distribution of falsehoods...

They are on DropMeFiles, a Ukrainian service. They were stolen from the body with ransomware and asked for 4 million in reward for not publishing them.

After more than 2,000 people downloaded the stolen information from the National Migration Directorate (DNM), the agency dependent on the Ministry of the Interior formalized a request before the Justice to stop the spread of search engines such as Google and contain access to 2,200 documents hosted in a service called DropMeFiles of Ukrainian origin.

The link first circulated in the deep web, but it leads to a link that can be accessed from any browser. And that is the URL that Migrations asked to be restricted, as he could learn Clarion.

Government sources confirmed to this newspaper that, after the release of the stolen data, a precautionary measure was presented to the Guillermo Marijuan prosecutor’s office, who instructs in the case at the request of Judge Sebastián Casanello. “I request that you consider the extremes of the requested precautionary measure as credited and while the investigation of the crimes reported continues, the Internet search engines (including the main search engines, such as: Google, Yahoo, Bing, Baidú, Yandex, Ask, AOL, Duckduckgo, etc) “, they ask the federal prosecutor in the text.

Its intention is that the search results that show the link can be blocked so that anyone can download the files seized on August 27, through a coordinated attack by a group of cybercriminals that operates with Netwalker, the ransomware that they injected Migrations.

It happens that there are already about 2 thousand people already have that stolen information in their possession. For this reason, and although the Government insist that it is “sensitive but not critical information”, There is concern about the spread of these files.

“We request that search results be blocked, we want to prevent download links from spreading,” official sources explained.

There are two strategies to stop the spread: either target the search engines, as the Government does, or the service where the information is hosted ─DropMeFiles─. The problem with this last way of proceeding is that this Ukrainian page is not one of the best known, so it is not clear if an official request would take effect.

However, the request for the files to disappear directly from the web can be made: “DropMeFiles is a Ukrainian company, the Argentine government should send a complaint to the site administrator to request that they download it,” explained information security specialist Javier Smaldone.

Moreover, the terms of use of the Ukrainian platform – whose servers are located in Dnipropetrovsk, to a city located in the southeast of the country on the banks of the Dniépersu river – are clear: they affirm that uploading files that go against the laws of the country from which they are uploaded is prohibited.

However, there is the key: so far it is unknown from which jurisdiction the stolen documents were uploaded. Anyway, DropMeFiles marks that each person or entity affected can send a complaint email arguing their reasons for removing the content.

Beyond the information that is already circulating, there is a latent concern: “Deciphering exactly what happened and how much information was stolen is very difficult: it requires forensic expertise that can take weeks,” he specified to Brett Callow, analyst and computer security expert at Emsisoft .

And he said that in many cases cybercriminals publish part of the stolen data, and save another part for future operations or “freelance” the information (sell it to an interested party).

“It is sensitive information, but not critical for National Security”, qualified (and insisted) the Government, since Clarion revealed last Friday that a group of cybercriminals was talking about a Hack Migrations.

Now, after the leak, they ratify their words. “It is administrative information, they did not access the database or biometric data; only to files related to administrative tasks in management areas: notes, documents, judicial reports, reports on criminal records ”, they explained in the DNM, where an evaluation of all the violated information was made and it was decided to present a precautionary measure to prevent it from being replicate the download link.


Related Articles