Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 117

Crypto drainer steals $59 million from 63k people in Twitter ad push

Google and Twitter ads are promoting sites containing a cryptocurrency drainer named ‘MS Drainer’ that has already stolen $59 million from 63,210 victims over the past nine months.

According to blockchain threat analysts at ScamSniffer, they discovered over ten thousand phishing websites using the drainer from March 2023 to today, with spikes in the activity observed in May, June, and November.

A drainer is a malicious smart contract or, in this case, a complete phishing suite designed to drain funds from a user’s cryptocurrency wallet without their consent.

Ubisoft Stops Hackers From Stealing 900GB of Data

Ubisoft reportedly stopped hackers from stealing 900GB of data from the company, including user data from the game Rainbow Six Siege.

The company reportedly discovered the breach 48 hours after the hack, at which point it revoked the hackers’ access before they could remove any data, BleepingComputer reports.

Still, the hackers reportedly were able to access Microsoft Teams conversations, the Ubisoft SharePoint server, and the Confluence and Mongo DB Atlas.

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware.

The security shortcoming is CVE-2020–14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers.

“This vulnerability allows remote authenticated attackers to execute code using a gadget chain and is commonly chained with CVE-2020–14882 (an authentication bypass vulnerability also affecting Oracle Weblogic Server) or the use of leaked, stolen, or weak credentials,” Imperva said in a report published last week.

U.S. and China race to shield secrets from quantum computers

No one knows who might get there first. The United States and China are considered the leaders in the field; many experts believe America still holds an edge.

As the race to master quantum computing continues, a scramble is on to protect critical data. Washington and its allies are working on new encryption standards known as post-quantum cryptography – essentially codes that are much harder to crack, even for a quantum computer. Beijing is trying to pioneer quantum communications networks, a technology theoretically impossible to hack, according to researchers. The scientist spearheading Beijing’s efforts has become a minor celebrity in China.

Quantum computing is radically different. Conventional computers process information as bits – either 1 or 0, and just one number at a time. Quantum computers process in quantum bits, or “qubits,” which can be 1, 0 or any number in between, all at the same time, which physicists say is an approximate way of describing a complex mathematical concept.

China’s Cyber Threat: Is U.S. Infrastructure at Risk?

The Chinese military has been escalating its cyber capabilities, posing a potential threat to key American infrastructure. This includes power and water utilities, as well as communication and transportation systems. Over the past year, hackers affiliated with China’s People’s Liberation Army have successfully infiltrated the computer systems of approximately two dozen critical entities.

These cyber intrusions are not isolated incidents. They are part of a broader strategy to develop methods that could cause panic, chaos, or disrupt logistics in the event of a U.S.-China conflict. The victims of these cyber-attacks include a water utility in Hawaii, a major West Coast port, and at least one oil and gas pipeline. There was also an attempt to breach the operator of Texas’s power grid.

/* */