Categories
APT Blackmail Breach Credential Stuffing CVE Cyber Security Data leak Hacking Malware Phishing Scam Vulnerability

Amazon delivery drivers hack scheduling system, Hacker sentenced to 5 years for blackmailing, and more

Major cybersecurity events on 22nd September 2020 (Evening Post): Activision denies claims of breach, following incident that affected 500,000 user accounts. Popular TikTok profiles promote fraudulent mobile apps generating $500,000. FBI reveals Chinese data mining scheme.

Round Up of Major Breaches and Scams

British Hacker Sentenced to 5 Years for Blackmailing U.S. Companies

A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous international hacking group ‘The Dark Overlord,’ has been sentenced to five years in prison and ordered to pay $1,467,048 in restitution to his victims.

Activision Denies Hacking Claims Over Leaked Accounts

Around half a million Activision account details have been breached, after an apparent credential stuffing attack. According to a series of user reports on social media, detailed by Dexerto, attackers leaked the user credentials and locked users out of their accounts too. Activision, whose games include Call of Duty, the Tony Hawk skateboarding series and Crash Bandicoot, do not have two-factor authentication offered on accounts, and users encouraged each other to change passwords.

Scammers Impersonating Texas Gov’t Departments to Send Fake RFQs

Scammers are impersonating governmental departments within the State of Texas to send out fake Requests For Quotations (RFQs). On September 21, Abnormal Security revealed that it had spotted an attack email that impersonated the Texas Department of State Health Services. Scammers used spoofing techniques to camouflage the sender address as an account that was affiliated with the official dshs.texas.gov domain.

Popular TikTok profiles promote scammy apps generating $500,000

At least three TikTok profiles with more than 350,000 followers combined have been promoting multiple fraudulent mobile apps that generated $500,000 in profit, according to conservative estimation. The marketing push over TikTok likely played an important part in the scammy Android and iOS apps getting installed more than 2.4 million times. Researchers at Avast learned about the apps from a child using the company’s Be Safe Online to report a TikTok profile recommending one of the suspicious apps.

FinCEN Leak Exposes $2tn of Money Laundering Activity

Global financial institutions have largely failed over recent years to prevent mass money laundering linked to Russian oligarchs, mobsters and Conservative Party donors, according to a new trove of leaked documents. Over 2000 suspicious activity reports (SARs) filed with the US government’s Financial Crimes Enforcement Network (FinCEN) between 2000 and 2017 were leaked to various publications, in an apparent whistleblowing effort designed to highlight the scale of criminal activity in this area.

FBI reveal Chinese data mining scheme

In a congressional hearing last week, FBI Director Christopher Wray stated that China has been involved in massive data mining scheme that has likely stolen the personal information of nearly half the countries population. Wray also gave new details on the scale of Chinese hacking efforts, outlining an attack back in 2017 when credit bureau Equifax was hacked revealing the financial information of 150 million people.

Round Up of Major Malware and Ransomware Incidents

Russian hackers use fake NATO training docs to breach govt networks

A Russian hacker group known by names, APT28, Fancy Bear, Sofacy, Sednit, and STRONTIUM, is behind a targeted attack campaign aimed at government bodies. The group delivered a hard-to-detect strand of Zebrocy Delphi malware under the pretense of providing NATO training materials. Researchers further inspected the files containing the payload and discovered these impersonated JPG files showing NATO images when opened on a computer.

Round Up of Major Vulnerabilities and Patches

Russia wants to ban the use of secure protocols such as TLS 1.3, DoH, DoT, ESNI

ZDNet Recommends The best VPN services for your home office or any remote connection VPNs aren’t essential only for securing your unencrypted Wi-Fi connections in coffee shops and airports. Every remote worker should consider a VPN to stay safe online. Here are your top choices and how to get set up. Read More The Russian government is working on updating its technology laws so it can ban the use of modern internet protocols that can hinder its surveillance and censorship capabilities.

Firefox 81 Release Kills High-Severity Code-Execution Bugs

Mozilla has fixed three high-severity flaws with the release of Firefox 81 and Firefox ESR 78.3. Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code. Two severe bugs (CVE-2020-15674 and CVE-2020-15673) are errors in the browser’s memory-safety protections, which prevent memory access issues like buffer overflows. CVE-2020-15674 was reported in Firefox 80, while CVE-2020-15673 was reported in Firefox 80 and Firefox ESR 78.2.

Amazon Delivery Drivers Hacking Scheduling System

Amazon drivers are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking that they are closer than they actually are. The phones in trees seem to serve as master devices that dispatch routes to multiple nearby drivers in on the plot, according to drivers who have observed the process. They believe an unidentified person or entity is acting as an intermediary between Amazon and the drivers and charging drivers to secure more routes, which is against Amazon’s policies.