Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Cyberattacks, breaches, hacks and ransomware are on the rise — that should come as no news.
And, according to many experts, one of the significant reasons behind this is a long-lamented cybersecurity talent shortage.
A Turkish entity going by the name of Nitrokod has been accused of running a campaign by spoofing a desktop version of Google Translate to actively mine cryptocurrency from its more than 111,000 users across eleven countries (UK, US, Sri Lanka, Greece, etc., Israel, Germany, Turkey, Cyprus, Australia, Mongolia, and Poland) in 2019.
In addition to Google Translate, there are five other fake desktop applications on the Nitrokod website. Most of them impersonate programs that are not officially available as desktop applications, but as web or mobile applications, which makes the desktop version created by the attackers particularly attractive. In any case, they are popular applications that can be found on websites such as Softpedia and UpToDown.
Six fake applications available on the Nitrokod website. When installing any of these programs, the malicious effects do not manifest until after a sequence of dropper for almost a month after installation, in order to hide such effects from the antiviruses.
The channel has around 262,000 subscribers and actively posts videos on government policies and current events. It’s the third YouTube account run by South Korea’s government to have been breached in the last two weeks, Korean daily JoongAng Ilbo’s Lee Jian reported.
The identities and motives of those behind the attacks are not immediately known, the paper wrote, citing a statement from the Ministry of Culture, Sports and Tourism.
The Korea Tourism Organization’s YouTube channel was breached twice once on Thursday and once on Friday and was suspended until Sunday, JoongAng Ilbo reported.
Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims’ exfiltrated data when used by other cybercriminals.
“While this untrustworthy behavior is nothing new in the world of cybercrime, the victims’ data end up in the hands of multiple threat actors, increasing the risks of one or more large scale attacks to follow,” Zscaler ThreatLabz researchers Atinderpal Singh and Brett Stone-Gross said in a new report.
Prynt Stealer, which came to light earlier this April, comes with capabilities to log keystrokes, steal credentials from web browsers, and siphon data from Discord and Telegram. It’s sold for $100 for a one-month license and $900 for a lifetime subscription.
TikTok has denied reports of a data breach after a hacker group claimed to have gained access to information on two billion of its users.
Ransomware hackers are abusing an anti-cheat system driver for the extremely popular game Genshin Impact to disable antivirus software.
The droppers are designed to drop a new version of SharkBot, dubbed V2 by Dutch security firm ThreatFabric, which features an updated command-and-control (C2) communication mechanism, a domain generation algorithm (DGA), and a fully refactored codebase.
Fox-IT said it discovered a newer version 2.25 on August 22, 2022, that introduces a function to siphon cookies when victims log in to their bank accounts, while also removing the ability to automatically reply to incoming messages with links to the malware for propagation.
Samsung suffered a data breach that exposed some personal information from its U.S. customers.
The hack created a massive traffic jam in Moscow.
Drivers working for Yandex Taxi, the largest taxi service in Moscow, did not have a good day on Thursday as hackers messed with the company’s app and sent dozens of cars to the same location resulting in a traffic jam that lasted up to three hours, according to Twitter reports.
A co-founder sanctioned for propaganda.
KrimKate/iStock.
