Audits
Services
Services
Smart Contract Audit
Blockchain Protocol Audit
Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Smart Contract Audit
Mitigate weaknesses in your smart contract and improve its functionality with a double line-to-line code analysis and a separate review by a lead auditor.
Blockchain Protocol Audit
Secure the entire architecture and implementation layers of your blockchain protocol with professional security audits and testing.
Penetration Testing
Proactively detect vulnerabilities in your Web3 project by subjecting your systems to a simulated cyberattack in a secure and controlled environment.
dApp Audit
Identify vulnerabilities in applications interacting with blockchain networks with secure code review and static security analysis.
Crypto Wallet Audit
Code review & static security analysis for crypto wallet apps.
Cross-Chain Bridge Audit
Code review & security analysis for cross-chain crypto bridges.
Bug Bounty
Receive only relevant bug reports or undergo crowdsourced penetration testing with the help of thousands of ethical hackers curated by HackenProof.
Proof of Reserves
Enhance transparency in crypto exchanges with independent on-chain proof of assets’ true collateralization.
CCSS Audit
Assess and strengthen your security practices, identify vulnerabilities, and safeguard valuable digital assets in the ever-evolving cryptocurrency landscape.
Tokenomics Audit & Design
Ensure your token model robustness and efficiency and convey trust to investors and community with our thorough, independent audit of protocol economic security.
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company

The window to exchange $HAI for Hacken Equity Shares ($HES) is now open > Claim your spot today

Weekly News Digest #31

Weekly News Digest #31

Share via:

Hackers require $50 million ransom to prevent the leak of stolen Apple blueprints

On Wednesday, Quanta, the supplier of Apple, experienced the ransomware attack carried out by REvil ransomware group. The malicious actors are demanding Apple pay them a solid ransom of $50 mln. Otherwise, the stolen sensitive files may appear on the dark web.

In the recent post shared by a threat actor in the “Happy Blog” portal, it is mentioned that the malicious group accessed the schematics of Apple products such as Apple Watch and MacBooks by infiltrating the Taiwanese manufacturer’s network. Quanta expressed no willingness to pay a ransom to recover the stolen files and, thus, the malicious actors are making a ransom demand to the US company.

The REvil operators also added that their team was going to sell the gigabytes of personal data as well as confidential blueprints to several large brands. The malicious group has set up May 1 as the deadline for Apple to pay the ransom.

The malicious activities of the REvil group were firstly detected in June 2019. Since the group has been actively exploiting the “double-extortion” technique for maximizing profits. Other malicious groups have also emulated this technique.

Firefox Flaw fixed by Mozilla

The Firefox browser flaw that enabled the HTTPS secure communications icon spoofing has been fixed by the Mozilla Foundation. The icon was displayed as a browser address window padlock. By exploiting this flaw, a rogue website could successfully intercept browser communications.

Mozilla Firefox 88 has been released to address 13 browser bugs including 6 high-severity issues. The secure-lock-icon flaw tracked as CVE-2021-23998 used to affect the Firefox browser corporate and consumer versions before the security updates were released on Monday. The spoofed secure lock icon was discovered by Jordi Chancel, the independent researcher. The security bulletin provided by Mozilla does not indicate whether the exploitation of the flaws specified in its advisory takes place in the wild.

Telegram Platform Leveraged by Hackers to Perform ‘ToxicEye’ Malware Campaigns

Malicious actors are embedding the Telegram messaging app inside the ToxicEye, the remote access trojan (RAT). Hackers operating a Telegram messaging account control the victim’s computer infected with the ToxicEye.

The Check Point Software Technologies researchers have identified that the ToxicEye malware enables hackers to take over file systems, install malicious software, and leak data including sensitive information from the victim’s PCs.

Telegram has more than 500 mln active users worldwide and that is why hackers have targeted this app. According to the Check Point research and development manager Idan Sharabi, hackers strived to make Telegram their distribution platform due to its global popularity.

Idan Sharabi also added in the e-mail statement that most organizations allowed the use of Telegram by their employees for professional purposes and that is why hackers could exploit this app to bypass security restrictions.

Sabre rattled by Signal in the direction of Cellebrite

Signal revealed the possibility of gaining arbitrary code execution through its tools. After that, Cellebrite, the company specializing in phone scanning and data extraction, is facing the possibility that app makers can hack back at the tool.

The tools developed by Cellebrite are designed to pull data out of phones that are in users’ possession.

The execution of code modifying the Cellebrite report being created in that scan as well as the future and all previous reports in any arbitrary way such as insertion or removal of text, photos, files, contacts, and other data can take place when the specially formatted but otherwise innocuous file in an app is included on the device scanned by Cellebrite. As mentioned by Moxie Marlinspike, Signal CEO, no checksum failures or timestamp changes can be detected in such a case.

Generally, upon identifying such vulnerabilities, the software maker gets information about the issue to release fixes. Marlinspike raised the stakes since Cellebrite benefits from undisclosed vulnerabilities.

Active exploitation of SonicWall email security zero-day vulnerabilities

The US company issued a security alert on Tuesday in which it stated that published fixes resolving 3 critical flaws affecting “on-premises and hosted email security products.”

SonicWall ES has been designed to prevent business email compromise attempts and phishing emails, thereby, protecting email traffic and communication.

As of now, there has been recorded at least one case of active exploitation in the appliance.

“The organizations using SonicWall Email Security (ES) hardware appliances, virtual appliances or Microsoft Windows Server software installation have to immediately upgrade the product they use to the respective SonicWall Email Security version listed,” statement made by SonicWall.

The SonicWall ES/Hosted Email Security (HES) versions 10.0.1 and above are affected by the CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023 vulnerabilities.