SAN MATEO, CA, October 10, 2022 — Cybersecurity news weekly roundup. Stories, news, politics, and events that impacted the network security industry last week. Brought to you by NetworkTigers.
- Toyota discloses possible customer data leak
- Colorado state website taken down by Killnet hackers
- Hackers make off with $570 million in crypto from Binance
- Hackers breaching scam sites to steal crypto
- Former Uber Security Chief found guilty of covering up data breach
- New Android spyware can record audio
- Activision Blizzard has game launch disrupted by cyberattack
- FBI: Beware of “Pig Butchering” crypto scheme
- Hackers leak Los Angeles Unified School District data
Toyota discloses possible customer data leak
Toyota Motor Corp has revealed that 296,000 pieces of customer data from its T-Connect service may have been leaked. The data includes email addresses and customer numbers but no sensitive personal information, payment information or names. The company’s statement is vague, saying they cannot rule out the possibility that T-Connect information was accessed by a third party and that email addresses may be used in phishing attempts. Read more.
Colorado state website taken down by Killnet hackers
Making good on the threat that they would begin targeting US state government pages, Russian hacker group Killnet has unleashed a cyberattack against Colorado’s state website. In what appears to have been a DDoS attack, the site was overwhelmed with traffic and ceased to operate. While voting data is not affected, authorities have raised concerns that such hacks will cause citizens to question the validity of upcoming elections. Read more.
Hackers make off with $570 million in crypto from Binance
Binance, the world’s largest cryptocurrency exchange, has suspended its blockchain network in response to hackers stealing $570 million worth of BNB tokens. Hackers exploited a bug that allowed them to forge transactions and deposit crypto into their wallets. Read more.
Hackers breaching scam sites to steal crypto
Victims targeted by crypto scams now face twice as much danger. Proving that not even criminals are safe from breaches, a hacker group named “Water Labbu” has breached crypto scam sites to piggyback on the work of other threat actors and steal funds from unsuspecting investors. The environment is lending itself to a feeding frenzy among criminals who have no qualms about cannibalizing one another’s victims. Read more.
Former Uber Security Chief found guilty of covering up data breach
After nearly four weeks of testimony that peered into the company’s cybersecurity practices, Uber’s former Security Chief, Joe Sullivan, was convicted of covering up a massive data breach in 2016. The breach saw the data of 50 million customers and 7 million drivers stolen. Sullivan faces up to 8 years in prison for attempting to hide the breach from the Federal Trade Commission and working to pay the hackers responsible for secretly deleting the data. Read more.
New Android spyware can record audio
A new Android spyware variant, “RatMilad,” spotted on devices in the Middle East, is spread via a fake Android app that sideloads the malware after the user grants it specific permissions. In addition to the usual spyware hallmarks such as stealing data and call logs, RatMilad can also turn on the phone’s microphone to monitor the room. Read more.
Activision Blizzard has game launch disrupted by cyberattack
Activision Blizzard’s launch of Overwatch 2, the highly anticipated sequel to the original released in 2016, has been disrupted by two DDoS attacks that disabled the game’s servers and made it impossible for users to play the game. Overwatch 2 is running normally after administrators worked through the night to mitigate the effects of the attack. However, it remains to be seen if the game will continue to run as more players participate. Read more.
FBI: Beware of “Pig Butchering” crypto scheme
The FBI has warned about “Pig Butchering” schemes related to fraudulent crypto investments. The term describes a form of social engineering in which a scammer gains a target’s trust, referred to as the “pig,” only to suggest that they invest money in cryptocurrency on fake websites and platforms that steal their money. The counterfeit sites make it appear that huge returns are being received on investments, inspiring more cash input until the scammer ceases communication and makes off with the money. Read more.
Hackers leak Los Angeles Unified School District data
Following a Labor Day cyberattack against LAUSD, the criminals responsible leaked stolen data onto the internet. The attack, carried out by an “international hacking syndicate,” saw a ransom demand placed on the school. The district denied payment entirely. No description of the leaked data has been reported, but the school has provided a hotline for those with questions. Read more.
More cybersecurity news
- Last week’s news
- All cybersecurity news and articles are brought to you by NetworkTigers.