March cyber news round-up

The popular cryptocurrency exchange platform Coinbase announced on March 7th that it is blocking access to more than 25,000 blockchain addresses linked to Russian individuals and entities.

The company has shared all the blocked addresses with the US government to help enforce sanctions. The exchange has also blocked sanctioned actors from opening new accounts and detecting attempts to evade the ban.

The ban comes after Ukraine's VP Minister Mykhailo Fedorov asked all major crypto exchanges to block blockchain addresses used by Russian users to increase pressure on the Russian government.

Crypto exchanges refused to freeze all Russian accounts but said they would comply with sanctions imposed on Russia and will take steps to identify sanctioned entities and block their accounts and transactions.

Professional services and insurance giant AON has disclosed that they suffered a cyber attack on February 25th. The disclosure was made in an 8-K form that AON filed with the Securities and Exchange Commission. AON has not provided any further details of the attack apart from that it affected a limited number of systems.

In the form, AON claims to have engaged the services of relevant third parties to assist and said "the incident has not had a significant impact on the Company's operations."

“Although the Company is in the early stages of assessing the incident, based on the information currently known, the Company does not expect the incident to have a material impact on its business, operations or financial condition.”

EU government employees involved in managing the logistics of the refugees fleeing Ukraine have been targeted by a phishing campaign.

The campaign originated from a compromised Ukrainian military email address and was conducted through malicious Microsoft Excel files. This comes during a mass wave of cyber attacks against Ukraine that has been ongoing for months, including DDoS campaigns and attacks on national infrastructure.

It is believed this was conducted to gain intelligence on the movement of NATO supplies.

Nestlé has denied claims that the Anonymous hacktivist group has stolen and published its sensitive data as punishment for continuing business in Russia.

On Sunday night, Anonymous published a list of companies it was targeting that had 48 hours to stop cooperating with Russia. After Nestlé’s inaction, Anonymous published a statement on Tuesday claiming they leaked 10GB worth of Nestlé’s data, including emails, passwords and client information.

However, the leaked file only weighed in at 5.7MB, which is only a small portion of the total Anonymous claims to have stolen. Nestlé has since negated the claims, saying that the affected data had already been published last month by the company itself.