Hackers Stole $5.4 Million From Eterbase Cryptocurrency Exchange

Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe’s Premier Digital Asset Exchange. Based in Bratislava, Slovakia, and launched in 2019, Eterbase is a small cryptocurrency exchange platform that focuses on crypto to SEPA integration (via individual IBAN accounts), multi-asset support, and regulatory compliance. On Monday night, malicious threat…

Read More

New Linux Malware Steals Call Details from VoIP Softswitch Systems

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed “CDRThief” that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata. “The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR),” ESET researchers said in a Thursday analysis. “To steal this metadata, the malware queries internal MySQL databases used by the softswitch. Thus, attackers demonstrate a good understanding of the internal architecture of the targeted platform.” Softswitches (short for software switches) are…

Read More

New Unpatched Bluetooth Flaw Lets Hackers Easily Target Nearby Devices

Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices supporting both — Basic Rate/Enhanced Data Rate (BR/EDR) and Bluetooth Low Energy (BLE) standard. Cross-Transport Key Derivation (CTKD) is a Bluetooth component responsible for negotiating the authenticate keys when pairing two Bluetooth devices together, also known as “dual-mode”…

Read More

Russian, Chinese and Iranian hackers all targeting 2020 election, Microsoft says

Russian, Chinese and Iranian hackers have all attempted to hack people and organizations involved in the 2020 US presidential election, Microsoft said on Thursday. Thursday’s disclosure sheds new light on efforts by Chinese and Iranian hackers to break into US political campaigns and suggests that Russian hacking efforts have continued apace. “The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election,” Microsoft said in a post on its website. Top US cybersecurity officials acknowledged that Microsoft detected attempts to…

Read More

30 MILLION FACEBOOK ACCOUNTS WERE HACKED: CHECK IF YOU’RE ONE OF THEM

Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for millions of accounts by taking advantage of a flaw in the ‘View As’ feature. At the time of the initial disclosure, Facebook estimated that the number of users affected by the breach could have been around 50 million, though a new update published today by the social media giant downgraded this number to 30 million. Out of those 30 million accounts, hackers successfully accessed personal information from 29 million Facebook…

Read More

Service NSW confirms 180,000 customers’ personal details exposed in cyber security breach

More than 180,000 New South Wales residents are believed to have been caught up in a major cyber security breach after a state government department was compromised earlier this year. Key points: Service NSW began investigating the breach in May after staff emails were compromised in April NSW Police are investigating who accessed the sensitive information Opposition MP Sophie Cotsis criticised the Government for taking months to inform customers Service NSW on Monday morning confirmed the large number of people likely impacted in the breach which was first reported publicly…

Read More

Loopholes that lead to hacking even when 2FA is enabled

Cybersecurity is like a game of whack-a-mole. As soon as the good guys put a stop to one type of attack, another pops up. Usernames and passwords were once good enough to keep an account secure. But before long, cybercriminals figured out how to get around this. Often they’ll use “brute force attacks”, bombarding a user’s account with various password and login combinations in a bid to guess the correct one. Hackers have been known to trick mobile phone carriers into transferring a victim’s phone number to their own phone.…

Read More

Evilnum hackers targeting financial firms with a new Python-based RAT

An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan (RAT) that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereason researchers yesterday, the Evilnum group has not only tweaked its infection chain but has also deployed a Python RAT called “PyVil RAT,” which possesses abilities to gather information, take screenshots, capture keystrokes data, open an SSH shell and deploy new tools. “Since the first reports…

Read More

Elon Musk, Bill Gates: List of other Twitter accounts hacked before PM Modi incident

Microblogging site Twitter on Thursday confirmed that a page which is linked to an account of Prime Minister Narendra Modi’s personal website was hacked. Not specifying the details of the hacking, a report by news agency Reuters said a series of tweets asking followers of the page to donate to a relief fund through cryptocurrency were put out. To a query from Hindustan Times, a spokesperson from Twitter in an email said, “We’re aware of this activity and have taken steps to secure the compromised account. We are actively investigating…

Read More

2 Nigerian nationals among 5 held for hacking bank account of Surat builder

The builder lodged a complaint with the police alleging that Rs 1.71 crore was fraudulently transferred from his bank account on July 26 and July 27, 2020 he Surat Crime Branch has arrested a gang of five members, including two Nigerian nationals, for allegedly hacking bank account of a builder and transferring Rs 1.71 crore through net banking. The accused are identified as Raphael Yinka (38) and Kelvin Ozombe (38), Nigerian nationals who reside in Mumbai, Nevil Shukla, a resident of Rajkot, Rakesh Malaviya from Katargam, and Imran Kazi from…

Read More