Tag: Cybersecurity
HTX falls victim to crypto thieves – September 27th
Cryptocurrency is being increasingly targeted by hackers, with $7.9 million recently stolen in a hack targeting cryptocurrency exchange HTX. The hack attack was identified as soon as it occurred, with HTX authorities stepping up promptly in an innovative way to recover losses. Following the attack, HTX offered a ‘white hat’ ethical hacker a 5% bonus to return the stolen cryptocurrency, amounting to a total bonus of $400,000.
Hack costs Mixin Network $200M – September 26th
Dubbed the ‘biggest hack of the year’, the recent attack on Hong Kong-based digital wallet company, Mixin Network has cost the company $200 million worth of crypto assets. Network authorities have announced that deposits and withdrawals on the site will only recommence once all vulnerabilities have been confirmed and fixed.
Dark web ads are seeing a massive surge – September 25th
There has been a surge of advertisements on the dark web this year, with over 700 adverts advertising Distributed Denial of Service (DDoS) attacks through the Internet of Things (IoT) devices having been identified. The cost of employing the sinister DDoS attack services ranges from $20 per day to $1 000 per month, depending on the amount of protection the target has.
AI revolutionizes sextortion scams
Artificial intelligence (AI) services are enabling unscrupulous online blackmailers to create fake but highly realistic sexually explicit photographs and videos of innocent victims. The blackmailer usually emails the target individual to show them pornographic images of themselves, threatening to send the pictures to the victim’s contacts – a process known as “sextortion.” A variation is to claim to have compromising images of the victim recorded via the webcam on their smartphone.
Lazarus equips two new remote access trojan weapons – September 22nd
The Lazarus group is using two new remote access trojans to target health systems' ManageEngine vulnerabilities. The group recently made headlines after targeting healthcare entities in Europe and the US and has since evolved its malware to exploit the CVE-2022047966 vulnerability in the ManageEngine setup, allowing for remote code execution. Its new RAT variants, QuiteRAT and CollectionRAT, allow for the attacker to run arbitrary commands, among other capabilities.
$7.3-million lost through Android phone hacks – September 21st
Singaporean police have warned Android phone users of a new malware variant that is capable of resetting Android phones to factory settings. Reports say that more than $7.3 million has been lost through threat actors using the malware variant. The malicious code is hidden in social media posts, advertising the sale of different items. It is then downloaded when the applicant clicks on the link to make a payment.
Beware of Death by a Billion Bots
US corporations lose an average of 4.3 percent of their online revenues to malicious ‘bots,’ malware designed to resemble human communications. Malware attacks of this nature accounts for an average annual loss of $86.5 million a year for corporations with average annual online revenues of $1.9 billion, according to a new report from cybersecurity firm Netacea, “Death by a Billion Bots: The Accumulating Business Cost of Malicious Automation”.
Pizza Hut threatened by hackers – September 20th
It seems that no one and no business is immune to hacker activity. Recent reports say that Pizza Hut Australia has again been the victim of threat actors a year after its newsmaking Optus cyber attack. Reports allege customers’ data has been compromised by the incident, which occurred in early September, with the fast food outlet having contacted clients to notify them of the data breach.
FBI sounds second call to arms to fight cybercrime
The US Federal Bureau of Investigation (FBI) is increasingly anxious to enlist the private sector in the losing battle it is fighting against global cybercrime and espionage. Speaking in Washington on Monday, FBI director Christopher Wray stressed the importance of “collaborative, public-private” operations in fighting cybercrime, developing a strategy previously outlined by FBI Deputy Director Paul Abbate at a Boston cybersecurity conference three months ago.
Western Union payouts highlight the “insider threat”
International money transfer company, US-based Western Union, has been obliged to pay a further $40 million on top of a previous $365 million payout to defrauded customers. As many customers were the victims of phishing attacks in which Western Union had already admitted some of its staff were complicit, the payouts highlight the growing “insider threat” now facing multinational corporations.
US fleet management systems impacted in ransomware attack – September 19th
ORBCOMM, the US trucking and fleet management software provider, has linked recent service outages across freight transportation firms throughout the US to a ransomware attack. These outages prevented the Blue Tree Electronic Logging Device usage and inventory tracking capabilities of the fleet management software. Investigations continue into the identity of the threat actors.
BlackCat gang wields new weapon to target cloud storage – September 18th
The BlackCat ransomware gang is now using the Sphynx encryptor to target Azure cloud storage. The Spynx variant was discovered in March this year in an investigation of a data breach that shared similarities with another attack described in an IBM-Xforce report. BlackCat continues to be one of the most high-profile, sophisticated threat actor groups, owing to the gang's ability to continuously refine and adapt its tactics.