Cyber security weekly summary 24 - 30 July

Not long after the theft of crypto actives emitted by the cryptocurrency company CoinDash, covered in the last cyber review, several tokens of cryptocurrency Veritaseum worth circa 8.5 million dollars were stolen. A representative of the company described the incident as the result of a sophisticated attack carried out using social engineering but didn't delve into further details.

Sweden is currently facing possible political fallout due to a massive breach of confidential data. Ignoration of security procedures by the Swedish transport agency, which contracted a local branch of IBM as an IT services provider, caused IBM's foreign staff to have full access to vehicle/transport databases, names, photographs, and addresses of Swedish drivers, as well as strategic information about the country's transport infrastructure. So far, the incident led to the resignation of two ministers - Interior and Infrastructure. 

On 26 July, representatives of the Italian banking group UniCredit reported newly found cases of hacker attacks which took place in autumn of 2016 and summer this year. The hackers compromised the system of an external partner company and obtained access to personal data of 400,000 customers of the banking group. UniCredit further reported that no passwords or any other data allowing unauthorized transfers of funds from clients' accounts were compromised.

On the same day, Google security workers revealed the existence of a new sophisticated spyware for the Android platform nicknamed Lipizzan. In addition to capturing calls, SMS, and e-mails, the virus is capable of gathering other data about infected devices and their users, and processing information from a variety of applications including Gmail, LinkedIn, Messenger, Skype, Snapchat, StockEmail, Telegram, Threema, Viber, and WhatsApp. Lipizzan, which has been propagating itself via baited apps, was found on less than hundred devices. Google claims that the malware is linked to Israeli company Equus Technologies, which develops tailor-made software solutions for governments.

WikiLeaks further contributed to its efforts in releasing documentation of the CIA's cyber arsenal. The newest leak describes three tools on Mac OS and Linux platforms, known as Project Imperial. Achilles serves to bind a one-time executable to an OS X disk image file (DMG), which automatically deletes itself from the file after payload delivery, Aeris is a malware designed to exfiltrate data via TLS-encrypted channels, and SeaPea is an OS X rootkit with capabilities including initiating socket connections/processes and hiding files and directories. It also allows communication with the kernel and thus infection of OS X systems while rebooting. 

During the Black Hat conference held in Las Vegas on 26-27 July, security experts highlighted the risks of equipment belonging to the Internet of Things (IoT) category. Researchers Billy Rios and Jonathan Butts have found a number of vulnerabilities in online connected Laserwash car washes enabling them to penetrate their systems, disable security protocols, and subsequently physically damage the vehicle and endanger its crew. The same conference served the specialists of Chinese company Tencent to demonstrate a hacker attack on the Tesla Model X car during which they managed to gain control over the brakes, vehicle lighting system, and manipulate its doors. The exploited vulnerability was already removed by the automatic firmware update.

About author: Roman Šulc

Partners

Tento web používá k analýze návštěvnosti soubory cookie. Používáním tohoto webu s tím souhlasíte. Další informace