Hacken Token
$ -- --.--

Weekly News Digest #60

Attackers can smuggle malware onto your network via a sneaky trick

A relatively new form of cyberattacks dubbed “HTML smuggling” has been flagged by Microsoft. This malicious technique is used during targeted cyberattacks and in email campaigns deploying remote access Trojans and banking malware. Through this malicious technique, an attacker can “smuggle” encoded malicious script into a specially crafted HTML attachment. Microsoft 365 Defender Threat Intelligence Team warns that this malware delivery technique utilizes legitimate HTML5 and JavaScript features. 

This nasty trick bypasses security infrastructure such as email gateways and web proxies. After an employee opens a web page or attachment containing a malicious HTML script, the malware is built into the network. Although gateway devices check for suspicious ZIP, Office, or EXE documents, a corporate network can be hit. This malicious technique is highly attractive for hackers since many companies use HTML and JavaScript to run their business applications. 

Read more

EU pharmaceutical giants neglect using encryption in login forms and run old and vulnerable apps

According to recent security research conducted by Outpost24, 80% of the top EU pharmaceutical companies may be referred to as “critically exposed” to possible cyberattacks. Pharmaceutical giants run many web applications and close to 3.3% of them are suspicious such as open test environments. Also, 18% of analyzed pharmaceutical giants use unpatched and not up-to-date web components containing known vulnerabilities. 

Although the US pharmaceutical companies run fewer apps, they have roughly the same amount of suspicious ones and more than 23% of their apps are outdated. Many pharmaceutical companies are operating without encryption thereby facing the risk of interception and theft of information about their clients. Also, the list of common security issues attributable to pharmaceutical companies includes privacy policy misconfigurations, SSL failures, and cookie settings. By exploiting these vulnerabilities malicious actors can cause serious damage to healthcare providers.

Read more

$55 million in crypto were stolen by a hacker after a phishing attack targeting bZx developer

The crypto company bZx admitted that a hacker succeeded in stealing millions of dollars in different cryptocurrencies after one of its developers fell victim to a phishing attack. According to the estimations provided by the security company SlowMist, the total amount of losses experienced by the project has equalled more than $55 mln. 25% of total losses are personal losses resulting from the compromise of the team wallet. bZx is the crypto company operating in the DeFi segment. According to the statement made by bZx, the hack affected lenders, borrowers, and farmers whose funds were on two networks, namely, Polygon and Binance Smart Chain.

The funds were stolen from the wallets, the owners of which had approved unlimited spend. The attack began with a phishing email containing a malicious macro in a Word document sent to one of bZx developers. The Word document resembled a legitimate email attachment. As a result, hackers succeeded in compromising the mnemonic phrase to the developer’s personal wallet. 

Read more

Hacker-for-hire prolific group uncovered by researchers

The details of a new Russian-speaking cyber-mercenary group responsible for a number cyberattacks as a result of which more than 3,500 individuals have fallen victims over the last 6 years have been revealed by researchers from Trend Micro. The group is dubbed “Void Balaur” and it participates in different underground Russian language forums under the name “Rockethack”. The hacker group focuses on compromising the email and social media accounts and selling sensitive information. 

The list of companies that have experienced cyberattacks initiated by this hacker group includes financial services firms, ATM vendors, medical insurers, and IVF clinics. However, this malicious group is also actively targeting human rights activists, journalists, scientists, politicians, and cryptocurrency users. The main instruments used by this malicious group to compromise victims are phishing and info-stealing malware. 

Read more

White hat hacker has detected a fatal flaw in Opensea security infrastructure

The fatal flaw has been discovered in the codebase of one of the biggest NFT marketplaces by trade volume. The exploitation of this bug by malicious actors could have resulted in the creation of fake blue-chip NFTs. The researcher who has revealed a flaw is a developer of smart contracts for NFT and Web 3.0 as part of RUG.TECH. The bug enabled minting NFTs appearing to be created by any ETH wallet without any approval from the side of the wallet owner. 

The developer slammed Opensea suggesting that the marketplace is not paying enough attention to security. At the time when blockchain projects are ready to pay huge money to ethical researchers for revealing bugs in their infrastructure, Opensea pays close to nothing. Opensea had been initially going to pay the researcher 3 ETH but then rescinded the offer. 

Read more

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email.

    hackenproof logo

    The world trusted Bug Bounty Platform. Run custom-tailored Bug Bounty Programs to secure your business and assets.