SAN MATEO, CA, August 8, 2022 — Cybersecurity news weekly roundup. Stories, news, politics and events impacting the network security industry during the last week. Brought to you by NetworkTigers.
- North Korea funding weapons programs with cybercrime
- German Chambers of Industry and Commerce targeted by hackers
- Crypto thieves target Solana
- Russia on receiving end of new malware
- Cyberattack takes down Taiwan’s presidential website
- Hackers steal almost $200 million in crypto
- Russian hackers target Lockheed Martin
- Network of fraudulent investment sites targeting Europe
- North Korean hackers spying on email accounts
North Korea funding weapons programs with cybercrime
A report from the United Nations suggests that major corporations and financial institutions be on high alert in preparation for attacks from North Korean hackers looking to secure funds to continue to advance their illegal weapons programs in the face of rising costs and inflation. North Korea has been banned by the UN Security Council from testing missiles and nuclear weaponry, but the country has continued to engage in their development. Read more.
German Chambers of Industry and Commerce targeted by hackers
The German Chambers of Industry and Commerce (DIHK), whose members come from businesses all over the country, has been hit with a “massive” cyberattack that resulted in its IT systems being shut down. There is no timeline for when the DIHK will be operational again and while the attack has the hallmarks of ransomware, the nature of it has not been disclosed. Read more.
Crypto thieves target Solana
Solana, an online crypto ecosystem that has risen in popularity due to its speed and low cost, is under attack from hackers who have been draining wallets. The lost funds are believed to be more than $8 million. Solana has yet to provide much detail about the hack, with conflicting information appearing in tweets from the company itself and a co-founder’s personal account. Read more.
Russia on receiving end of new malware
Woody Rat, a newly discovered trojan, has been seen deployed against Russian organizations. It allows attackers to steal information remotely from targeted systems. The malware has been used against Russian aerospace and defense entities. While the origin of Woody Rat is currently unknown, researchers believe that it may be tied to Chinese or North Korean entities. Read more.
Cyberattack takes down Taiwan’s presidential website
Taiwan’s presidential website was taken down after being targeted by a DDoS attack. While Taiwan reports that the site was only down briefly and is back up, the attack is one of many maneuvers being made in response to Speaker of the House Nancy Pelosi’s round of meetings with American allies in Asia. The severity of the attack implies that it may not have been carried out by China, but tensions are high as Pelosi’s meetings are viewed as “provocation.” Read more.
Hackers steal almost $200 million in crypto
Crypto bridge Nomad has been hacked with criminals taking almost $200 million in crypto off the platform. The hack resulted in a huge drop in the total value of crypto assets held by Nomad and marks the third major attach on a crypto bridge this year. Nomad has reported that they are working with authorities in an effort to locate and recover the stolen funds. Read more.
Russian hackers target Lockheed Martin
As the war in Ukraine moves to its sixth month, Russian hacker group Killnet has deployed a new cyberattack against US arms manufacturer Lockheed Martin. The company provides missile technology that the US has been supplying to Ukraine. Ukraine has credited the technology for allowing them to prevent Russian troops from achieving success in the invasion. Read more.
Network of fraudulent investment sites targeting Europe
Researchers have discovered a network of more than 11,000 domains being used to commit fraud throughout Europe. Posing as investment opportunities that promise quick rewards, the sites tout fake celebrity endorsements and require a fee to sign up for. The sites are promoted over social media via fake or compromised accounts. Read more.
North Korean hackers spying on email accounts
Using a malicious browser extension, hackers that seem to be working at the behest of North Korea are stealing email information from Gmail and AOL. The activity is believed to be originating from a hacker collective called SharpTongue. Browsers including Google Chrome, Microsoft Edge and Naver’s Whale have been successfully targeted by the campaign. Read more.