SAN MATEO, CA, September 19, 2022 — Cybersecurity news weekly roundup. Stories, news, politics, and events that impacted the network security industry last week. Brought to you by NetworkTigers.
- Social engineering and bad password habits led to IHG hack
- Crypto scams poised to explode in popularity
- Russian hackers attacked 20 Japanese government websites
- Uber hacked via social engineering
- FBI indicts Iranian nationals in children’s hospital hacking attempt
- New “sock puppet” phishing scams on the rise
- Hackers stealing Steam accounts with a new phishing attack
- U-Haul suffers data breach
- Vulnerabilities in HP computers remain unpatched
Social engineering and bad password habits led to the IHG hack
Last week, the InterContintental Hotel Group (IHG) succumbed to a cyberattack that caused disruptions through the organization’s hotel chains. The hacker gang responsible for the attack, Vietnam-based TeaPea, has revealed to the BBC that they initially used social engineering to trick an employee into downloading malicious code. The attackers then accessed an internal password vault that was locked behind the password “QWERTY1234.” Read more.
Crypto scams poised to explode in popularity
According to researchers, the first half of 2022 saw the registration of fraudulent crypto sites skyrocket by 335%. 63% of the domains were registered with Russian registrars, and the scammers have been using hijacked YouTube channels to direct victims to sites that purport to offer crypto investment opportunities. One such campaign could steal almost $1.7 million in only three days using videos of famous crypto enthusiasts. Researchers expect crypto scams to escalate heavily, as the nature of the currency provides fertile ground for criminals to prey upon those looking for quick, easy money. Read more.
Russian hackers attacked 20 Japanese government websites
20 Japanese government websites have been disrupted by DDoS attacks launched by pro-Kremlin hacker gang Killnet. Killnet has been prolifically hacking on Russia’s behalf, lodging attacks at everything from government agencies deemed hostile to Moscow to the Eurovision Song Contest voting system in protest of Russia’s exclusion from the competition. According to Japanese authorities, no personal information was exposed in the attacks. Read more.
A hacker claiming to be 18 years old has seemingly hacked ride-sharing giant Uber in what would be a devastatingly deep breach if the attackers’ claims are all true. The hacker allegedly gained access to Uber’s system after gaining login credentials from an employee via social engineering. Once in, the attacker located high-value credentials and was then able to access all areas within Uber’s network. The hacker made their presence known by announcing the breach and interacting with Uber employees on the company’s Slack message board. Read more.
FBI indicts Iranian nationals in children’s hospital hacking attempt
Three Iranian nationals are on the FBI’s wanted list for allegedly attempting to engage in a cyberattack against Boston Children’s Hospital in 2021. According to the FBI, the three men have a history of hacking for personal gain and have been responsible for attacks against companies and organizations worldwide, even in their home country of Iran. Read more.
New “sock puppet” phishing scams on the rise
Threat actors are employing a technique called “multi-persona impersonation” (MPI), in which a fraudulent email is CC’d to other compromised or controlled email accounts. Responses from the other accounts make the original appear to be legitimate. The accounts used to add to the conversation threads are called “sock puppet” accounts. This technique requires more effort than most phishing attempts but can make even wary users confident enough to click a malicious link. Read more.
Hackers stealing Steam accounts with a new phishing attack
A new browser-in-the-browser attack is gaining popularity as hackers employ it to steal Steam account login credentials. The technique uses a pop-up window that appears to be the sign-in page for a targeted service. Steam users are sent a direct message that invites them to a game or tournament, provides a link to a fraudulent site, and then asks them to log in to their Steam account for access via the fake window. Read more.
U-Haul suffers data breach
Moving, shipping, and vehicle rental provider U-Haul has disclosed that the company has suffered a data breach that has exposed customer drivers’ licenses. On August 1st, an internal investigation into suspicious activity revealed that an unauthorized user had accessed customer rental contracts in July. The breach was able to take place after the attacker compromised two passwords. Read more.
Vulnerabilities in HP computers remain unpatched
Several HP computers contain firmware vulnerabilities that had been unfixed for more than a year, with the company not providing a means to patch them. There are six “high-severity” bugs, all of which could allow threat actors to install backdoors or malware onto a targeted device. Three of these bugs were publicly disclosed in July of 2021, meaning HP has had over a year to issue fixes. Read more.
More cybersecurity news
- Last week’s news
- All cybersecurity news and articles are brought to you by NetworkTigers.
