Hacken Token
$ -- --.--

Weekly News Digest #49

Ransomware attacks targeting smart cities: actions are required right now!

The power of ransomware attacks always increases. There is a risk that this type of cybercrimes may take out even the infrastructure of 5G enabled smart cities. Cybercriminals often choose government services as their primary targets. Government networks enable the provision of crucial services to citizens and their compromise by malicious actors may have devastating consequences for society. 

The urban infrastructure such as transport, traffic light management systems, emergency services, CCTC, and other elements are becoming connected to 5G IoT services and sensors for efficient data collection and analysis. Security weakness can make all these elements of urban infrastructure ideal targets for cybercriminals. That is why measures should be applied ASAP to prevent the intensification of cybercrimes targeting 5G enabled infrastructure.

Read more

Data belonging to Android gamers exposed by Chinese developers

The data belonging to Android users were exposed by Chinese developers through an unsecured server. In the report provided by vpnMentor’s cybersecurity team, the researchers revealed that EskyFun, the owner of a 134 GB server exposed and made public the data belonging to the users of its games. The list of games developed by EskyFun includes The Legend of the Three Kingdoms, Adventure Story, MetaMorph M., Rainbow Story: Fantasy MMORPG, and others. Potentially, 365,630,387 records could be exposed.

According to the authors of the report, the Chinese developers introduce “aggressive and deeply troubling settings such as analytics, tracking, and permissions. As a result, they can collect much more data than a user may expect. For example, the records included phone numbers, device information, IP and IMEI numbers, the OS in use, etc. Totally, more than 1 million users are likely to be affected by this data exposure.

Read more

New Hive Ransomware: warning issued by FBI 

Hive is the new increasingly prolific ransomware variant. FBI has warned firms of the new type of cyberthreats. Multiple mechanisms are applied by affiliate-based ransomware to compromise the targeted corporate networks. Defenders are likely to face serious issues when trying to address this type of threat. The malicious mechanisms include the hijacking of Remote Desktop Protocol (RDP) and sending phishing emails with threatful attachments. 

The processes linked to anti-virus systems, file copying, and backups are looked for and terminated by the new ransomware type. Some victims received follow-up calls from their attackers with a request to pay a ransom. The malicious actors behind the Hive ransomware are likely to be responsible for attacking the Memorial Health System. Generally, 28 organizations have fallen victim to Hive ransomware.

Read more 

More than 15,000 Ethereum stolen from Liquid exchange by crypto gangsters

Last week, the global crypto community was actively discussing the security incident involving Poly Network during which an attacker had stolen $600 mln assets but then returned most of this sum. However, the second security incident involved the Japanese exchange Liquid. Totally, $97 mln in digital assets were stolen by attackers. The company published the information on the wallets used by attackers to steal assets and terminated all activities to estimate the scope of experienced damage. The list of main assets targeted during this attack included Ethereum, Bitcoin, Ripple, and Tron.

Attackers were actively using coin mixers to reach their targets. As of now, they have cycled 6,000 Ethereum worth $20 mln through these mixers into new anonymous wallets. Authorities are actively working to recover the remaining assets (9,600 Ethereum). Liquid exchange has already taken serious security measures to prevent the occurrence of similar security incidents in the future. 

Read more

Largest DDoS attack ever recorded thwarted by Cloudflare

Cloudflare detected and mitigated 17.2m rps DDoS in an automatic way. The attack was thwarted in July 2021 and was 3 times stronger than any other DDoS attack ever recorded. According to Cloudflare, the attack generated 68% of its quarterly HTTP legitimate traffic (in Q2 2021). The botnet behind this attack was used at least twice in the recent few weeks and one of the company’s clients experienced the DDoS attack carried out by this botnet.

The autonomous edge DDoS protection systems applied by Cloudflare have allowed the company to successfully address the attack. These systems can automatically detect and mitigate DDoS attacks. As a result, there is no need for manual mitigation by the company’s staff. However, even much larger attacks are likely to take place in the future and, thus, the company needs to be prepared. 

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.