We’ve brought together this week’s most important news from the world of cybersecurity.

Rutube hacked and offline for several days

On May 9, Russian video host Rutube suffered a massive hacker attack and was unable to restore her business for several days.

Anonymous hackers claimed responsibility for the attack. They reported that the major release damaged more than 75% of databases and infrastructure, and 90% of backups and database recovery sets.

Citing a source close to the Rutube team, The Village reported that the site’s code was “completely removed” during the attack and the video service “could not be recovered.” However, Rutube denied this information.

The day the network was hacked seen Screenshots with a list of channels from the internal system of the service, as well as a letter allegedly sent to the FSB by the director of Rutube, Alexei Nazarov, with a complaint of fraud when purchasing a cyber protection system from Group IB.

The latter denied information that the company’s products were “used, or have ever been used, to protect the office or server infrastructures or individual applications of the Rutube video hosting provider against cyberattacks.”

On May 11, the service team announced the restoration of the platform.

CoinGecko and Etherscan warn of a phishing attack

CoinGecko and Etherscan have reported a phishing attack on their users. Meanwhile, hackers attempt to access victims’ funds by requesting the link of MetaMask wallets.

Users are invited to link their wallet to a specific nftapes.win site.

CoinGecko and Etherscan emphasized that this should not be done under any circumstances.

It was later discovered that the phishing attack was carried out using a malicious script from the Coinzilla ad network.

Data of 21 million VPN service users was publicly available

A 10GB database of various VPN services is spread across Telegram channels, including GeckoVPN, SuperVPN, and ChatVPN. VPNMentor writes about it.

The database contains 21 million records containing email addresses, names, payment details and other user information. Last year, the data was sold on the dark web, but is now distributed for free.

Sberbank’s fake application has become one of the most downloaded in the Russian segment of the App Store.

The Sberbank Online Site service was among the ten most downloaded free applications in the App Store in the Russian Federation. But RBC warned that Sberbank is not official, but started by scammers.

Recall that due to sanctions, the Sberbank Online application could not be downloaded from the App Store, and then disappeared from Google Play.

Russian Android users complained of problems updating Google Chrome

Android OS users from the Russian Federation reported that they were unable to update their Google Chrome browser via Google Play.

Earlier, Google Play announced that from May 5th it is blocking the download of paid apps and updates to them.

Also on ForkLog:

• The US State Department has offered $15 million for data on the operators of the Conti ransomware virus.
• Chainalysis calculated that 97% of cryptocurrencies stolen in 2022 came from DeFi protocols.

What to read on the weekend?

The expert says how to protect privacy in correspondence and why Telegram will not help in this matter.