WEEK OF JANUARY 17, 2022
‘Massive’ cyberattack hits Ukraine Government websites
- A sweeping cyberattack briefly knocked out key government websites in Ukraine amid high-voltage tensions between Russia and the West over Ukrainian security.
- The European Union’s foreign policy chief Josep Borrell said the bloc was mobilizing “all its resources” to aid its ally after the attacks temporarily brought down sites, including those of the foreign ministry and cabinet.
- Kyiv said the damage was limited and held back on apportioning blame but the ex-Soviet country has accused Russians with links to Moscow for previous hits on websites and key infrastructure.
- The foreign ministry website earlier Friday displayed a message in Ukrainian, Russian and Polish warning Ukrainians that their personal data had been compromised. “All information about you has become public, be afraid and expect the worst,” the message read.
Aditya Birla Fashion (ABFRL) data allegedly leaked online, over 5 Million email addresses breached
- The data breach is said to include details of employees including salary details, religion, and their marital status
- The alleged database includes personal customer information such as names, phone numbers, addresses, dates of births, order histories, credit card details, and passwords stored as Message-Digest algorithm 5 (MD5) hashes.
- The alleged Aditya Birla Fashion and Retail database has been made public by a hacker group known as ShinyHunters.
- The news of a breach of ABFRL accounts was informed to some affected customers by data breach tracking website Have I Been Pwned. As many as 5,470,063 Aditya Birla Fashion and Retail Limited accounts are said to be breached and ransomed in December last year. The hacker group’s ransom demand was allegedly rejected, and the data was subsequently posted publicly on a popular hacking forum.
Teen makes Tesla hacking claim
- German hacker says he has full remote control of more than 25 Tesla cars in 13 countries
- Colombo, who is the 19-year-old founder of Colombo Technology, said he could remotely run commands on the compromised vehicles without the owners’ knowledge.
- . Actions that he can allegedly perform include disabling Sentry mode, opening the cars’ doors and windows, flashing their lights and even starting keyless driving.
- The teen also claims to be able to query the exact location of the vehicle, check if the driver is present, and cause music to play on the Tesla’s sound system.
North Korean hackers stole millions from cryptocurrency startups worldwide
- Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what’s yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor.
- Russian cybersecurity company Kaspersky, which is tracking the intrusions under the name “SnatchCrypto,” noted that the campaign has been running since at 2017, adding the attacks are aimed at startups in the FinTech sector located in China, Hong Kong, India, Poland, Russia, Singapore, Slovenia, the Czech Republic, the U.A.E., the U.S., Ukraine, and Vietnam.
- According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights’ data breach site, the breach – reported on Dec. 27 – affected 79,943 people.
- “The attackers have been subtly abusing the trust of the employees working at targeted companies by sending them a full-featured Windows backdoor with surveillance functions, disguised as a contract or another business file,” the researchers said. “In order to eventually empty the victim’s crypto wallet, the actor has developed extensive and dangerous resources: complex infrastructure, exploits and malware implants.”
Stolen credit card vendors retire with $358 million in crypto
- Elliptic described the shuttered platform, UniCC, as “the leading dark web marketplace of stolen credit cards.”
- UniCC’s operators reportedly announced their retirement on a number of dark web forums in both English and Russian. Elliptic shared a screenshot of one such post in which the operators say not to “build any conspiracy theories” about why they called it quits after nearly a decade.
- Elliptic notes that several platforms similar to UniCC have shut down in recent months. It only became the leading stolen credit card vendor after Joker’s Stash was shut down in February 2021, for example, and four other such platforms went dark between October 2021 and January.
Young couple lost $120k in fake text message scam targeting OCBC Bank customers
- The victims who reportedly fell victim to phishing scams involving OCBC Bank lost around $8.5 million in total.
- It claimed that an unknown payee had been added to their account, and instructed him to click on the link if it was not approved by him. “The SMS looked like it came from OCBC and entered the usual SMS chat history from OCBC used for authentic banking services,” he said.
- He then entered his account details, unwittingly handing over control of the whole account to scammers.
- The couple realised they had been scammed only when the man received SMSes from the bank informing him of changes and transactions involving the account that had taken place earlier that afternoon.