Cyber Security Headlines: $6 million music platform hack, Rogers coding error, North Korean bounty

Hacker swipes $6 million from blockchain music platform

Over the weekend, a threat actor stole over 18 million AUDIO tokens worth approximately $6 million from the decentralized music platform, Audius. AUDIO tokens are based on Ethereum blockchain and can be earned by artists and listeners by sharing and listening to music. Audius responded within minutes of the hack by freezing services until developers could deploy fixes. The hacker exploited a bug in the contract initialization code that enabled them to transfer the stolen tokens to their wallet. The attacker then traded their tokens on Uniswap for just over $1 million and then passed the funds through the Tornado Cash mixing service to hide their trail.

(Bleeping Computer)

Coding error to blame for Rogers outage 

Rogers Communications has disclosed the cause of the outage which began early on July 8 leaving millions without cellphone and internet service. Rogers said a coding update deleted a routing filter allowing all possible routes to the Internet to pass through their routers which flooded and overwhelmed the core network. Rogers CEO apologized for the massive service outage and indicated the company has hired a third party to further investigate the root cause. Officials from Rogers and a slew of other stakeholders appeared at a parliamentary committee on Monday in Ottawa to further explain the cause of the outage, and to outline the steps they are taking to ensure it doesn’t happen again.

(CBC)

US doubles reward for tips on North Korean-backed hackers

The US State Department has increased rewards for anyone providing information on North Korean-sponsored threat group members to $10 million. The Department is seeking info on malicious groups such as APT38, Bluenoroff, Guardians of Peace, and Lazarus Group, who target US critical infrastructure in violation of the Computer Fraud and Abuse Act. The new bounty doubles down on the $5 million reward announced by the State Department back in March for info on North Korean threat actors targeting crypto exchanges and financial institutions.

(Bleeping Computer)

New malware apps installed 10 million times from Google Play

The Dr. Web antivirus team has discovered a new batch of malicious Android apps that have  been downloaded from Google Play Store to mobile devices nearly 10 million times. The dubious apps masquerade as tools such as image-editors, virtual keyboards, system optimizers, and wallpaper changers. However, their underlying functionality is to push intrusive ads, subscribe users to premium services, and steal victims’ social media accounts. Google has removed most of the malicious apps, however, three applications are still available on the Play Store. One notable example is ‘Neon Theme Keyboard,’ which has over a million downloads despite the 1.8-star score and many negative reviews.

(Bleeping Computer)

Thanks to today’s episode sponsor, Snyk

Developers want to code fast and security wants to ship securely. And that’s why they both choose Snyk.
Backed by industry-leading security intelligence, Snyk provides real-time scanning with automated fixes and remediation advice right from the tools and workflows developers use.

Code, dependencies, containers, cloud infrastructure… all of it.

And while developers are building securely, Snyk gives security teams a bird’s eye view of all of their projects, so they can prioritize and focus their efforts in the right places.

Developer tested. Security approved. Start your free Snyk account at snyk.co/cybersecurity.

Malware volumes increase for first time in three years

A new report from SonicWall indicates that malware attacks surged by 11% across the globe in the first half of 2022. The 2.8 billion malware attacks detected during the period represents the first recorded growth in global malware volumes in three years. SonicWall also detected a whopping 45% increase in never-before seen malware variants. There was also a 132% increase in encrypted threats designed to evade detection and 77% increase in threats targeting IoT systems. SonicWall CEO and president, Bill Conner, said “With so much turmoil in the geopolitical landscape, cybercrime is increasingly becoming more sophisticated and varying in the threats, tools, targets and locations.” 

(Infosecurity Magazine)

Teenager jailed for snapchat blackmail cybercrimes

On Monday, a teenager was sentenced to two years in prison for hacking the Snapchat accounts of a series of women and blackmailing their friends. Eighteen-year-old Jasin Bushi, used the stolen accounts to message the victim’s friends asking to borrow rent money in order to avoid eviction. If the victim’s friends refused to send money, Bushi would threaten to post nude images of the victims on the internet. Authorities were able to trace PayPal accounts, set up by Bushi under fake names, back to Bushi’s mobile numbers. Detectives noted that these types of crimes often go unreported due to the victims feeling a sense of shame or embarrassment.

(IT Security Guru)

Poor training and communications hindering cybersecurity efforts

A new report from Tessian indicates that three in four companies in the UK and US experienced a security incident in the last year. The report highlights that employees don’t understand their role in protecting the company, with nearly half (45%) of workers indicating they didn’t know who to report a security incident to, and 30% believing they had no role in helping with cybersecurity. While 85% of employees participate in security awareness programs, almost two-thirds (64%) don’t pay full attention during the training and over a third (36%) consider the security training boring. Additionally, mismanaged anti-phishing exercises are an issue for half of employees, who said they have had negative experiences with phishing simulations. 

(Infosecurity Magazine)

Spanish flight delayed due to Apple AirDrop hack

Last Thursday, a Vueling Airlines flight that was about to depart for Rome was delayed for over two hours after a hacker sent haunting images and death threats to several passengers via Apple Airdrop. Several of the 147 passengers onboard were terrified upon receiving images of a ghost-like figure along with messages hinting that the recipient will suffer for their misdeeds. After 29 hours of investigation, Vueling discovered the messages were sent by an 18-year-old from Spain who was scheduled to board the flight, but couldn’t because of personal reasons. He is now in police custody and could face a jail term or a hefty fine for causing harm to society.

(Cybersecurity Insiders)

Sean Kelly is a cyber risk professional and leader who thrives on learning, collaborating and helping the business securely advance its mission. Sean is also a musician and outdoor enthusiast who loves spending time with his family and two cats.