Well kids, it’s been another fun week in cybersecurity land. Let’s dive in to see what’s been happening!
The feds got a big take this week with a seizure of Bitcoins valued at more than a billion dollars. The money was tracked back to a hacker who stole them from Silk Road, the online black market that was forcibly shut down by the government seven years ago. “Individual X” hacked into the once popular online criminal marketplace and transferred the cryptocurrency from there to wallets in the hacker’s control. The funds were tracked down by Justice officials and agents in the Internal Revenue Service Criminal Investigation, or IRS-CI unit, which specializes in virtual currency tracing.
In other federal news, the FBI issued a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. In addition, The IoT Security Bill is getting closer to becoming law. The bill would require certain internet-connected devices purchased by the government to include basic security features. It has been approved by the House of Representatives and is now in the Senate for consideration.
Popular website Mashable learned that it was hacked late last week. A hacker known for targeting websites and apps posted a copy of one of its databases on the web. The types of data in the database included first and last names, general location, email addresses, gender, date of registration, IP addresses, links to social media profiles and more. As a precaution, Mashable has temporarily disabled access to all affected accounts.
According to BleepingComputer, MacBook manufacturer Compal is the victim of a ransomware attack and was “asked” to pay 1,100 Bitcoins in ransom. It’s not clear whether Compal agreed to pay it. The article notes that the company managed to “urgently [repair] most of [its system] and is expected to return to normal today.” Compal is a juicy target for hackers since it does a lot of work with Apple.
Another ransomware attack victim is Italian drinks group Campari CPRI.MI. It announced late last week that checks conducted after a hacking attack showed data on some of the company's servers had been encrypted and some information had been lost. Earlier this week the Milan-based group famous for its red aperitif said it had been targeted by hackers around Nov. 1. The encryption process renders data unreadable for its owners, who are generally asked to pay a ransom by hackers to regain access. Let’s have a drink to the attackers being caught soon!
That is a wrap for this week. Thanks for stopping by our blog. We hope you stick around to review all the stories covered in this week’s post. Have a great weekend!
Top Industry News
NextGov (November 11, 2020) Bitcoins valued at more than $1 billion were traced back to a hacker who took them from the notorious criminal marketplace, Silk Road
"The Justice Department recently got its grips on thousands of bitcoins—worth roughly more than $1 billion—in a move that marks the largest seizure of cryptocurrency in the agency’s 150-year history.
The money traces back to Silk Road, the infamous, online black market that government authorities shutdown in 2013.
'Silk Road was the most notorious online criminal marketplace of its day,' United States Attorney David Anderson said in the department’s announcement of the seizure late last week.
Someone deemed 'Individual X'—whose identity is not revealed, but is known to the government—hacked into Silk Road and transferred cryptocurrency from there, to wallets that were in the hacker’s control, the federal officials learned."
Cult of Mac (November 10, 2020) $17 million ransomware attack reportedly hits MacBook manufacturer
"The last thing you need when you’re a manufacturer trying desperately to deliver orders for Apple is to be hit with a ransomware attack. According to a new report, that’s exactly what happened to Compal, maker of MacBooks, over the weekend — when it was reportedly hit with a massive $17 million extortion attempt.
The firm says that it was simply an 'abnormality' in its system, but Taiwanese media claims that it was a cyberattack. This has seemingly been backed up by the website BleepingComputer, which obtained the ransomware note."
NextGov (November 10, 2020) IoT Security Bill Nears Passage as New Consortium Tackles Open 5G
"A bill that would require certain internet-connected devices purchased by the government to include basic security features is closer to becoming law, Sen. Mark Warner, D-Va., said during the launch of a consortium that will be testing the open architecture for fifth-generation networking that U.S. policymakers are counting on to counter reliance on Chinese providers.
'I've got bipartisan legislation that I was hoping to be able to announce by today,' Warner said regarding the legislation, which he said would at least require the devices be patchable and avoid hard-coded passwords. 'It’s passed the House. It’s close to passing the Senate, we're getting through a last run through.'”
Mashable (November 9, 2020) Mashable experiences its own data incident
"This past Wednesday evening, November 4th, we learned that a hacker known for targeting websites and apps had posted a copy of a Mashable database to the internet. Based on our review, the database breach related to a feature that, in the past, had allowed readers to use their social media account sign-in (such as Facebook or Twitter) to make sharing content from Mashable easier. The types of data in the database included first and last names, general location (such as city or country), email addresses, gender, date of registration, IP addresses, links to social media profiles, expired OAuth tokens, and month and day of user birthdays (but not year).
As soon as we learned of the incident we began investigating, and we have temporarily disabled Mashable access to all affected accounts as a precaution."
ZDNet (November 7, 2020) FBI: Hackers stole source code from US government agencies and private companies
The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses.
US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property.
Intrusions have taken place since at least April 2020, the FBI said in an alert sent out last month and made public this week on its website.
The alert specifically warns owners of SonarQube, a web-based application that companies integrate into their software build chains to test source code and discover security flaws before rolling out code and applications into production environments.
Reuters (November 6, 2020) Italy's Campari says hackers encrypted and stole data
"Italian drinks group Campari CPRI.MI said on Friday checks conducted after a hacking attack showed data on some of the company's servers had been encrypted and some information had been lost.
Earlier this week the Milan-based group famous for its red aperitif said it had been targeted by hackers around Nov. 1.
The encryption process renders data unreadable for its owners, who are generally asked to pay a ransom by hackers to regain access."
Other Industry News
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.