Connect with us

Overview of security incidents for the period 2-6 October 2021

Published

on

A brief overview of the main events in the world of information security in recent years.

The cybercriminals stole the cryptocurrency from the users of the Coinbase users’ crypto-exchange, but the users of the Compound crypto platform were more fortunate – in total they received $ 90 million, however, due to a technical failure. AvosLocker ransomware launched an auction of stolen data, and Conti’s operators suddenly showed character. Read about these and other events in the world of information security for the period from 2 to 6 October 2021 in our review.

The world’s second largest cryptocurrency exchange, Coinbase, sent out a notification to its users that it was hit by a large-scale hacker attack between March and May of this year. The aim of the attack was to hack user accounts and steal their cryptocurrency assets. Coinbase suggests that attackers used phishing attacks or other social engineering techniques to gain access to users’ email addresses, phone numbers, and passwords.

Due to a technical failure, the Compound cryptocurrency platform “donated” $ 90 million to its users. Having discovered the error, the platform’s founder asked the users to return the money, threatening otherwise to complain about them to the US Internal Revenue Service (IRS) and, possibly, leak their data … The incident did not affect user funds, provided assets, borrowed assets and positions.

Late last week, ransomware Conti hacked into the servers of Japanese electronics manufacturer JVCKenwood Group and stole 1.7TB of data. For data recovery, the group demanded $ 7 million from the company. However, the negotiations suddenly stopped, and the attackers made public the files stolen from JVCKenwood. Soon, the group issued a statement according to which it will no longer tolerate the “leaking” of its negotiations with the victims in the media. According to her, negotiations with JVCKenwood were terminated precisely because they were published in the press.

The American information processing company Sandhills Global has also become a victim of the Conti ransomware. First, the Sandhills Global website went offline, and all publications on it went offline. The phones of the company also stopped working. When trying to access sites hosted by Sandhills Global, an error message from Cloudflare Origin DNS appeared, stating that Cloudflare was unable to connect to Sandhills servers.

AvosLocker ransomware operators have updated their website with a new system through which ransomware will auction files stolen from victims who refuse to pay.

Cybercriminals are distributing the Sarwent Trojan through a fake website disguised as the website of the human rights organization Amnesty International. Visitors to the site are allegedly offered protection against Pegasus mobile spyware. Cybersecurity researchers at Cisco Talos say the attacks target people who fear surveillance by NSO Group’s Pegasus software.

Not without data leaks. One of the largest newspapers and online media in the UK, The Telegraph, did not properly protect one of its databases, as a result of which 10 TB of user data was disclosed. Information includes internal logs, subscriber full names, email addresses, device information, URL requests, IP addresses, authentication tokens, and unique reader IDs.

Syniverse, which serves carriers AT&T, T-Mobile, Verizon, Vodafone, China Mobile and several other companies around the world, reported a hack. Hackers have been inside her systems for years, gaining access to data from over 200 Syniverse clients. According to a company employee, hackers could have access to metadata such as the duration and cost of calls, phone numbers, the location of the participants in the conversation, and the content of SMS messages.

The Apache Software Foundation (ASF) has released a fix for a vulnerability in the HTTP Web Server project, which is already being actively exploited in hacker attacks. The issue, identified as CVE-2021-41773, only affects Apache 2.4.49 web servers, and is due to a bug in the way Apache resolves between different URL path schemes (a process called URI normalization).

However, the most high-profile incident this week was the failure of Facebook services. On Monday October 4th, Facebook, Instagram, WhatsApp, Messenger, and Oculus VR went offline and remained unavailable for six hours. It was rumored that a failed Border Gateway Protocol (BGP) update was the cause of the service outage, and an official statement from the company confirms this. According to Santosh Janardhan, VP of Engineering and Infrastructure at Facebook, a change in router configuration settings caused the connection between Facebook’s data centers to fail.

“Facebook and Instagram are mysteriously shutting down, and one day the world is a healthier place,” commented former US intelligence officer Edward Snowden.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Chinese TikTok adds 5-second pauses between videos to combat addictions

Published

on

5-second warning clips will remind you to “put the phone away” or “go to bed”.

Douyin, the Chinese app “twin” of TikTok, owned by the same ByteDance company, is introducing measures to combat its own algorithms, tuned to keep users’ attention as long as possible. Now those who “stick” in the application for too long will be revived by forced pauses between clips. Reported by the South China Morning Post.

On the social network, there are five-second pauses between videos that cannot be missed. During such pauses, users will be forced to watch videos reminding them of the need to “put the phone away”, “go to bed” or that “work tomorrow”. They will appear when the user spends too much time in the application.

Previously, Douyin had already limited video viewing – then the changes affected the children’s audience. Teenagers under 14 were allowed to watch videos for a maximum of 40 minutes a day, and were also banned from entering the application from 10 pm to 6 am.

Continue Reading

Security

Trump’s social network developers accused of illegal use of program code

Published

on

The Software Freedom Conservancy claims Trump Media and Technology Group copied the open source code of the decentralized social network Mastodon, created a new social network based on it.

The Software Freedom Conservancy (SFC), a not-for-profit organization that enforces the rights of open source software developers and the rules for using open licenses, accused in violation of the AGPLv3 license of the Trump social network developers Truth Social.

The Software Freedom Conservancy says that the developers of the service used the open source code of the decentralized social network Mastodon in violation of the license agreement.

Although the Mastodon code is free and free, the projects using it must comply with the terms of the Affero General Public License (or AGPLv3), among which is the mandatory availability of the project source code for all its users. Trump’s media company does not yet provide such an opportunity to TRUTH Social users and calls the social network a proprietary development.

The Software Freedom Conservancy gave Trump Media and Technology Group 30 days to improve, writes The Verge. Otherwise, the use of open source Mastodon will be prohibited for the company.

Continue Reading

Security

Facebook end-to-end encryption will give foreign intelligence services surveillance capabilities

Published

on

Former Facebook employee Frances Haugen criticized the company’s decision to transfer correspondence in its services to end-to-end encryption.

The introduction of end-to-end encryption in Facebook messengers could negatively affect the privacy of users and lead to increased surveillance by intelligence agencies. This opinion was expressed by a former employee of Mark Zuckerberg’s company, Frances Haugen, reports TASS.

According to her, after the launch of encryption in the Messenger application and the social network Instagram, which are owned by Facebook, the company will lose the ability to track possible “malicious operations of special services representatives.” “End-to-End Encryption Will Allow Facebook to Eliminate [от модерирования контента] and serve as an excuse for inaction, “Haugen said ahead of her October 25 speech in the British Parliament as part of discussions on online security bill.

The social network itself does not agree with this point of view. In their opinion, the introduction of end-to-end encryption in Facebook Messenger and Instagram applications, on the contrary, is aimed primarily at protecting the privacy of users and will protect them not only from foreign surveillance, but also from hackers.

Continue Reading

Most Popular