Hacken Token
$ -- --.--

Weekly Digest #13

1.Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen

We advise our clients to make penetration tests and bug bounties regularly. Instead, often hear from our future clients the same answer  – “Yes, you know what a robust IT department we have, no one will ever hack us! ” 

No one can ever be 100% sure, and here is an example of how this happens. Today we will talk about how the cybersecurity company FireEye was hacked. The clients of this company are mainly government agencies and the country’s critical infrastructure. 

As a result of the leak, the world saw FireEye’s tools to simulate an attack on this infrastructure. The article is dedicated to all those who believe that their firewall and IT department are the coolest in the world, and no hacker will ever hack them.

Read more

2. Critical Flaws in Millions of IoT Devices May Never Get Fixed

IoT products may contain vulnerabilities that potentially expose millions or even billions of devices. New research from the IoT security firm highlights 33 flaws in open-source internet protocol bundles that potentially expose millions or even billions of embedded devices to attacks like information interception, denial of service, or full takeover. 

The affected devices are smart home sensors and lights, enterprise network equipment, industrial control equipment, barcode readers, and even building automation systems. They’re difficult, to patch—and introduce real risk that attackers could exploit these flaws as the first step into a vast array of networks.

Read more

3.Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox

Latest security notification from Microsoft today about a new malware strain that infects users’ devices and then proceeds to modify browsers and their settings to inject ads into search results pages.

The malware called Adrozek has been active since at least May 2020 and reached its absolute peak in August this year when it controlled more than 30,000 browsers each day.

Users are typically redirected from legitimate sites to shady domains where they are tricked into installing malicious software. The boobytrapped software installs the Androzek malware, which then proceeds to obtain reboot persistence with a registry key.

Once persistence is assured, the malware will look for locally installed browsers such as Google Chrome, Microsoft EdgeYandex Browser, or Mozilla Firefox. When one of these browsers are found on infected hosts, the malware will attempt to force-install an extension by modifying the browser’s AppData folders.

Read more

4. Credit card stealer discovered in social media buttons

Hackers have created a new type of web malware that hides inside images used for social media sharing buttons to steal credit card details entered in payment forms on online stores.

Such types of malware, known as a web skimmer, or Magecart script, was spotted on online stores in June and September this year.This particular script uses a technique known as steganography. Steganography refers to hiding information inside another format (i.e.,  images inside videos, text inside images, etc.).

In the modern world of malware attacks, steganography is typically employed as a way to sneak malicious code past security scanners by placing the wrong code inside seemingly innocent files. This type of code is usually invisible to users and extremely hard to detect, even for professionals.

Read more

5.BTC-e founder sentenced to five years in prison for laundering ransomware funds

Today, a French judge has sentenced the founder of the now-defunct BTC-e cryptocurrency exchange to five years in prison. Vinnik also must pay a fine of €100,000 for laundering funds for cybercriminals, including ransomware gangs.

The BTC-e founder currently remains under arrest, and both the US and Russia have filed new extradition requests with France, still hoping to get Vinnik to face charges in their respective jurisdictions.

While Russian authorities are investigating Vinnik in a case of $11,000 in fraud, US authorities said that Vinnik’s BTC-e platform helped criminals launder more than $4 billion of illegal funds.

Read more

6. Android phones from China got caught hiding nasty malware

Another Chinese company has been spotted spying on a user. For this, a unique malware was developed, which fulfilled all the assigned tasks for them.

Tecno W2 smartphones are low-cost Android phones made in China that, at least in Africa, have been giving established mobile players like Samsung a run for their money.

Android phones made by a Chinese manufacturer and sold for years in Africa came with pre-installed malware that stole users’ data and money. The culprit was found to be Triada, a malware variant that “acts as a software backdoor and malware downloader.”

That’s according to a new report from a mobile security firm, which found that tens of thousands of Android phones were sold in Africa.

Read more

7.Pfizer-BioNTech data stolen in cyberattack on European Medicines Agency

On Wednesday, The European Medicines Agency reported a cyberattack’s focus involving some of the data around the first COVID-19 vaccine distributed in Europe.

Pfizer and its German partner BioNTech said the cyberattack centered around some documents relating to the EMA’s regulatory submission for a COVID-19 vaccine candidate from the two companies. The corporate release said the information was stored on an EMA server and had been unlawfully accessed.

It was not the first attempt to breach COVID-19 vaccine research. Just last week, IBM released that hackers had targeted the cold storage supply chain for COVID-19 distribution.

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.