We have collected the most important news from the world of cybersecurity for the week.
- Meta has been fined $1.3 billion in the EU for sending user data to the US.
- Experts have discovered a way to hack Android through fingerprints.
- Phishing service Inferno Drainer stole more than $5.9 million in cryptocurrencies.
- US government contractor attacked by ransomware.
Meta fined $1.3 billion in the EU for sending user data to the US
The Data Protection Commission of Ireland imposed on the local branch of the Meta Corporation record fine in the amount of $1.3 billion for a breach of confidentiality.
The agency found that the company is transferring data from platform users from the EU to the US, where data protection rules vary in each state, and thus does not guarantee their security.
The Irish regulator, which is the lead privacy regulator in a block of 27 countries, launched an investigation back in August 2020.
Now Meta is obliged to stop transferring user data to the United States, bring it into line with GDPR and within six months, delete all illegally stored and processed information.
Corporation representatives called imposed a fine unfair and intend to appeal the decision of the authorities.
Experts have discovered a way to hack Android through fingerprints
Some models of Android smartphones from Samsung, Xiaomi, OnePlus, Vivo, OPPO, and Huawei have been found vulnerable to fingerprint hacking. About it report researchers from Tencent Labs and Zhejiang University.
In an attack called BrutePrint, the attacker generates a large number of fingerprint samples and matches them to the device’s sensor until he finds a suitable one. As a result, he can access the target device and all the information stored on it.
An attacker would need physical access to the device, a database of fingerprints from academic datasets or biometric leaks, and hardware worth about $15.
Android devices allow for infinite fingerprinting, so given enough time, the attack will be successful.
The reason for the vulnerability is that many smartphone manufacturers use standard fingerprint recognition algorithms. More advanced devices equipped with ultrasonic sensors are better protected.
Phishing service Inferno Drainer stole more than $5.9 million in cryptocurrencies
Since March 27, the phishing service Inferno Drainer has stolen more than $5.9 million worth of cryptocurrencies through at least 689 fake websites. About it reported scam sniffer company.
Inferno Drainer is advertised as a multi-chain scam. Its creators provide customers with an administration panel with the ability to set up phishing pages and even offer a trial version.
The pages created with Inferno Draine mimic the sites of 229 popular brands, including Pepe, MetaMask, OpenSea, Sui, zkSync and more.
At the time of writing, most of the assets ($4.3 million) were stolen from the Ethereum network, $790,000 from Arbitrum, $410,000 from Polygon and $390,000 from BNB Chain.
According to the researchers, the attackers distribute the funds received from the attacks among five wallets.
US government contractor attacked by ransomware
Swiss multinational technology company and US government contractor ABB confirmed ransomware attack on some of their systems. The incident happened on May 7th.
Attackers were able to steal an unnamed amount of data from hacked devices, but the company did not reveal signs of impact on client systems.
ABB has located the service disruption and is taking additional security measures to protect the network. An investigation has been launched with the participation of law enforcement officers.
Edition BleepingComputer found that the attack was organized by hackers from the Black Basta group. They targeted the corporate Windows Active Directory and affected hundreds of Windows-based devices, company sources told reporters.
ABB develops industrial control, supervisory control and data acquisition systems for industries and energy suppliers. Her clients include the US Department of Defense and federal civilian agencies, including the Departments of the Interior, Transportation, and Energy, as well as the US Coast Guard and Postal Service.
The companies behind the “army” of IT-specialists of the DPRK came under US sanctions
OFAC announced on sanctions against four organizations and one individual from North Korea involved in cyber attacks and illegal schemes for generating income from IT.
The department list includes:
- Pyongyang University of Automation;
- Bureau of Technical Intelligence of the Main Intelligence Directorate of the DPRK;
- cyber division of the 110th research center;
- Chinyong Information Technology Cooperation Company;
- citizen of the DPRK Kim Sang-man.
According to OFAC, thousands of IT professionals from the DPRK are fraudulently employed by foreign companies. They deliberately hide their identity and location using proxy accounts, stolen identities, and falsified documents.
The income received from their activities is used to finance the North Korean nuclear missile program.
Over 50,000 downloads turned app into spyware
Android screen recording app iRecorder – Screen Recorder has been trojanized after a year of being uploaded to the Google Play Store as a result of a recent update. This was reported by the experts of the company ESET.
During this time, it has been downloaded more than 50,000 times.
The developer included in the mentioned update the RAT AhRat malware with the prescribed code for the backdoor and communication with the command and control server.
The AhRat malware can track the location of infected devices, steal call, contact and text message logs, send SMS, record background sounds, and take photos.
The app is currently removed from Google Play, but may be available on unofficial Android app stores.
Also on Cryplogger:
What to read on the weekend?
In the educational section “Cryptorium” we talk about what a VPN is, about the pros and cons of such services.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!
We have collected the most important news from the world of cybersecurity for the week.
- Meta has been fined $1.3 billion in the EU for sending user data to the US.
- Experts have discovered a way to hack Android through fingerprints.
- Phishing service Inferno Drainer stole more than $5.9 million in cryptocurrencies.
- US government contractor attacked by ransomware.
Meta fined $1.3 billion in the EU for sending user data to the US
The Data Protection Commission of Ireland imposed on the local branch of the Meta Corporation record fine in the amount of $1.3 billion for a breach of confidentiality.
The agency found that the company is transferring data from platform users from the EU to the US, where data protection rules vary in each state, and thus does not guarantee their security.
The Irish regulator, which is the lead privacy regulator in a block of 27 countries, launched an investigation back in August 2020.
Now Meta is obliged to stop transferring user data to the United States, bring it into line with GDPR and within six months, delete all illegally stored and processed information.
Corporation representatives called imposed a fine unfair and intend to appeal the decision of the authorities.
Experts have discovered a way to hack Android through fingerprints
Some models of Android smartphones from Samsung, Xiaomi, OnePlus, Vivo, OPPO, and Huawei have been found vulnerable to fingerprint hacking. About it report researchers from Tencent Labs and Zhejiang University.
In an attack called BrutePrint, the attacker generates a large number of fingerprint samples and matches them to the device’s sensor until he finds a suitable one. As a result, he can access the target device and all the information stored on it.
An attacker would need physical access to the device, a database of fingerprints from academic datasets or biometric leaks, and hardware worth about $15.
Android devices allow for infinite fingerprinting, so given enough time, the attack will be successful.
The reason for the vulnerability is that many smartphone manufacturers use standard fingerprint recognition algorithms. More advanced devices equipped with ultrasonic sensors are better protected.
Phishing service Inferno Drainer stole more than $5.9 million in cryptocurrencies
Since March 27, the phishing service Inferno Drainer has stolen more than $5.9 million worth of cryptocurrencies through at least 689 fake websites. About it reported scam sniffer company.
Inferno Drainer is advertised as a multi-chain scam. Its creators provide customers with an administration panel with the ability to set up phishing pages and even offer a trial version.
The pages created with Inferno Draine mimic the sites of 229 popular brands, including Pepe, MetaMask, OpenSea, Sui, zkSync and more.
At the time of writing, most of the assets ($4.3 million) were stolen from the Ethereum network, $790,000 from Arbitrum, $410,000 from Polygon and $390,000 from BNB Chain.
According to the researchers, the attackers distribute the funds received from the attacks among five wallets.
US government contractor attacked by ransomware
Swiss multinational technology company and US government contractor ABB confirmed ransomware attack on some of their systems. The incident happened on May 7th.
Attackers were able to steal an unnamed amount of data from hacked devices, but the company did not reveal signs of impact on client systems.
ABB has located the service disruption and is taking additional security measures to protect the network. An investigation has been launched with the participation of law enforcement officers.
Edition BleepingComputer found that the attack was organized by hackers from the Black Basta group. They targeted the corporate Windows Active Directory and affected hundreds of Windows-based devices, company sources told reporters.
ABB develops industrial control, supervisory control and data acquisition systems for industries and energy suppliers. Her clients include the US Department of Defense and federal civilian agencies, including the Departments of the Interior, Transportation, and Energy, as well as the US Coast Guard and Postal Service.
The companies behind the “army” of IT-specialists of the DPRK came under US sanctions
OFAC announced on sanctions against four organizations and one individual from North Korea involved in cyber attacks and illegal schemes for generating income from IT.
The department list includes:
- Pyongyang University of Automation;
- Bureau of Technical Intelligence of the Main Intelligence Directorate of the DPRK;
- cyber division of the 110th research center;
- Chinyong Information Technology Cooperation Company;
- citizen of the DPRK Kim Sang-man.
According to OFAC, thousands of IT professionals from the DPRK are fraudulently employed by foreign companies. They deliberately hide their identity and location using proxy accounts, stolen identities, and falsified documents.
The income received from their activities is used to finance the North Korean nuclear missile program.
Over 50,000 downloads turned app into spyware
Android screen recording app iRecorder – Screen Recorder has been trojanized after a year of being uploaded to the Google Play Store as a result of a recent update. This was reported by the experts of the company ESET.
During this time, it has been downloaded more than 50,000 times.
The developer included in the mentioned update the RAT AhRat malware with the prescribed code for the backdoor and communication with the command and control server.
The AhRat malware can track the location of infected devices, steal call, contact and text message logs, send SMS, record background sounds, and take photos.
The app is currently removed from Google Play, but may be available on unofficial Android app stores.
Also on Cryplogger:
What to read on the weekend?
In the educational section “Cryptorium” we talk about what a VPN is, about the pros and cons of such services.
Found a mistake in the text? Select it and press CTRL+ENTER
Cryplogger Newsletters: Keep your finger on the pulse of the bitcoin industry!