SAN MATEO, CA, September 12, 2022 — Cybersecurity news weekly roundup. Stories, news, politics, and events impacted the network security industry last week. Brought to you by NetworkTigers.
- $30 million recovered from Axie Infinity hack
- North Korean hackers target energy providers
- 0ktapus hacker gang obtain Okta credentials
- Major hotel chain suffers data breach
- EvilProxy lowers the bar of entry for phishing attacks
- Cyberattack takes down LA school system computers
- TikTok denies hackers’ claims of a data breach
- China accuses the USA of university breach
$30 million recovered from Axie Infinity hack.
The US government has reclaimed $30 million stolen from the game Axie Infinity by Lazarus Group. This is the first time funds have been recovered from the North Korean hacking collective, known for attacking crypto platforms to enrich the Kim Jong Un regime. The total amount stolen from Axie Infinity was $650 million. Read more.
North Korean hackers target energy providers.
North Korea’s notorious Lazarus hacker gang, best known recently for hacking crypto exchange platforms, exploits VMWare Horizon servers to access networks belonging to energy providers in the US, Canada, and Japan. Using a driver’s range of tactics, Lazarus focused on the energy sector from February to July of 2022. Because the group is so well known, they are heavily monitored by international authorities and continually evolving their strategies to prevent detection and achieve success. Read more.
0ktapus hacker gang obtain Okta credentials
A hacking campaign under the moniker of “0ktapus” has successfully compromised 9,931 accounts by spoofing multi-factor identification systems. As the name implies, the attackers focus their energy on Okta, an identity and access management platform used across many industries. The campaign has thus far affected 130 firms, 114 of which are based in the US. Researchers believe that the threat actors began the campaign by targeting telecom companies in search of phone numbers that could be used to achieve MFA access to Okta accounts. Read more.
Major hotel chain suffers a data breach.
IHG Hotel Group has been the victim of “unauthorized activity” that has affected booking platforms across all of their chains, including Holiday Inn, Crowne Plaza, Regent and more. The disruptions were referred to as “significant,” although the nature of the incident has not been revealed. Customers trying to book hotel rooms are met with a page that says that the company is working to restore systems as soon as possible. Read more.
EvilProxy lowers the bar of entry for phishing attacks.
EvilProxy, a new Phishing as a Service (PasS) platform, allows hackers of all skill levels to steal login information to break into accounts that are well protected via reverse proxies. While only seasoned hackers could navigate this technique in the past, EvilProxy’s simple user interface gives amateurs the tools they need to engage in and manage phishing campaigns. Read more.
Cyberattack takes down LA school system computers.
The Los Angeles Unified School District suffered a cyberattack that has taken computer systems down, affecting access to email and other tools teachers use. Despite the hack, the school does not intend to delay the opening of the school year. Both local law enforcement and federal agencies are investigating the attack. Read more.
TikTok denies hackers’ claims of a data breach.
The hacking group “AgainstTheWest” has claimed to have breached a TikTok server containing 2 billion records, including user data and source code. TikTok has denied the claims, stating that they have observed no suspicious activity and that users don’t need to take any proactive actions. The social media platform has stated that all the information the hackers have posted thus far is publicly available and has not been obtained via a breach. Read more.
China accuses the USA of a university breach.
According to Chinese officials, China’s Northwestern Polytechnical University has been targeted by the US in a cyber espionage campaign. The National Computer Virus Emergency Response Center has alleged that the attack was traced to the US National Security Agency but did not disclose how it came to that determination. The university in question is reported to provide research and assistance to the Chinese military. Read more.