Saturday, February 12, 2022 // (IG): BB //Weekly Sponsor: BLKTRIANGLE
New Malware Targeting Over 40 Crypto Wallets Discovered In Recent Hacking Attack
FROM THE MEDIA: A new malware dubbed“Mars Stealer” was recently used in several hacking incidents leading to the theft of millions of dollars in cryptocurrency from digital wallets . The Mars Stealer is an upgrade to the Oski trojan which was widely used in malware attacks in 2019. The new malware targets over 40 browser-based digital wallet extensions like Coinbase Wallet, Metamask, and Binance Chain Wallet. Additionally, the malware has capabilities of targeting two-factor authentication (2FA) extensions with a grabber feature that takes the user's private keys.
READ THE STORY: MENAFN
A QUICK LOOK:
The Quixotic Quest to Tackle Global Cybercrime
FROM THE MEDIA: In mid-January, the United Nations was formally set to begin a process to develop a global treaty on cybercrime. Given the numerous headlines in 2021 about ransomware attacks on infrastructure, from health care systems in Ireland to fuel lines in the United States, one might assume this process is being driven by the United States and its Western allies. It isn’t. It was pushed by Russia and approved by vote in the U.N. General Assembly in 2019, with Western countries voting against the process. The meeting in January was delayed due to the omicron coronavirus variant, but political maneuvering around the delay reveals that the process continues to advance without a shared sense of cooperation. In late January, Russia submitted a resolution in the General Assembly to hold the meeting the following week in New York. This was met with resistance by a number of states; the Dominican Republic, with mostly European and Central American co-sponsors alongside Australia, Japan, New Zealand, and the United States, then submitted an amendment proposing an entirely different plan. Russia’s preference lost out during the voting process. This was the second time in a year that Russia has tried to vote its preferences through for this agenda and lost. While Russia clearly sees itself as the leader of this initiative, it is being met with increasing resistance when it tries to impose its preferences.
READ THE STORY: FP
A QUICK LOOK:
Why is Cryptojacking a Major Concern in 2022 and Beyond?
FROM THE MEDIA: The cryptocurrency market has continued to achieve popularity over the years. What we have seen over a period of time is how hackers have come up with various fraud schemes to take advantage of digital currencies. One term that has been doing rounds as far as hacking in the cryptocurrency market is concerned is “Cryptojacking”. Cryptojacking is a form of illegal cryptocurrency mining, where servers, computers, mobile phones, and other common devices such as printers are hacked. No wonder Cryptojacking is a major concern. In this article, we will talk about why is Cryptojacking a major concern in 2022 and beyond. A point about Cryptojacking that is worth a mention is that it doesn’t ask for permission. Certain versions keep running long after you leave the initial site. Now, why is this a concern? The reason is quite evident – the users aren’t aware whether a site they visited has been using their computer to mine cryptocurrency. Even though the user might believe that the visible browser windows are closed, there is always a hidden one that stays open.
READ THE STORY: Analytics Insight
A QUICK LOOK:
Lawmakers want the SEC to expand cyber regulations
FROM THE MEDIA: As the Securities and Exchange Commission rolls out a series of expanded cybersecurity proposals, a group of bipartisan senators are calling for updates to mandatory reporting requirements for public companies. A bipartisan group of senators are urging the Securities and Exchange Commission to expand cybersecurity incident reporting requirements for public companies amid a renewed effort to pass national data breach legislation. The lawmakers are calling on SEC Chairman Gary Gensler to propose regulations similar to those featured in the Cybersecurity Disclosure Act they sponsored last year, which requires firms to disclose to investors whether a cybersecurity expert is on their board of directors. The Feb. 8 letter was signed by Sens. Jack Reed (D-R.I.) Angus King (I-Maine), Susan Collins (R-Maine), Mark Warner (D-Va.), Kevin Cramer (R-N.D.), Catherine Cortez Masto (D-Nev.) and Ron Wyden (D-Ore).
READ THE STORY: FCW // National Review
A QUICK LOOK:
Cops feel memes can help reduce cybercrimes
FROM THE MEDIA: Vadodara: ‘Chaahe kitni bhi aakarshak scheme hoy a anjan ladki ki friend request ho. Mein fasunga nahi’ (Be it some attractive scheme or friend request from an unknown girl, I won’t get trapped),’ says Pushpa, the rustic character played by Allu Arjun in the blockbuster movie. Pushpa may be portrayed as a criminal in the film but Vadodara police are riding high on the character’s popularity with an ambitious aim to prevent crimes in the city. The cops have created and posted a meme on Pushpa that spreads awareness about cybercrimes on its Instagram handle. “One of the aims of such campaigns is to reach out to maximum people and spread awareness to prevent crimes. Using popular characters in such memes ensures that our message reaches a wider audience,” claims Shamsher Singh, city police commissioner. If Pushpa is urging people to stay away from cyber stalkers, another popular character Bob Biswas is asking for bank account number and OTP over the phone. The meme is targeted towards people who often give their bank account details to anyone who claims to be from the bank. “The victims end up losing money and hence there has to be a constant effort to alert people about such possible frauds,” the police added. A meme on comedy film Hera Pheri wherein the villain ‘Kabira’ is asking for Aadhar card and PAN card details of a user is also getting popular on Instagram.
READ THE STORY: Times of India
A QUICK LOOK:
Cyber thieves steal $3.5 million in Quincy pension fund hack
FROM THE MEDIA: Cyber thieves hacked the city of Quincy’s employee pension fund and made off with $3.5 million in an email phishing scam, according to local reports. The hack reportedly happened a year ago but is just now coming to light. According to The Patriot Ledger, John Parsons, executive director of the Public Employee Retirement Administration Commission, said the transaction was “the result of human error and a breakdown of security controls.” An investment manager for the Quincy Retirement Board reportedly got an email from a former employee’s board account, which had been hacked, asking for a $3.5 million wire transfer. The manager then followed the fraudulent email’s instructions, according to the Ledger’s report. The stolen money was meant for 3,000 city employees’ pensions — funds were slated to go to current workers as well as retirees and the surviving family members of deceased employees. Though the hack happened in February 2021, the board didn’t discover the transfer until months later, then reported it in October 2021. The commission is now investigating the board.
READ THE STORY: Boston
A QUICK LOOK:
Brexit deal blow: Truss warned hackers now know 'everything' about UK trade negotiations
FROM THE MEDIA: The attack on the Foreign, Commonwealth and Development Office (FCDO) has been described as a “serious security incident”. A public tender document published by the Government online revealed it was looking for a cyber security firm for “urgent support” and “support remediation and investigation”. Dan O’Dowd, a cyber security expert and CEO of Green Hills Software, told Express.co.uk that it was “certainly possible” that it was a Russian attack, and warned the hackers could have taken “everything”. When asked what the hackers could have taken from the attack, Mr O’Dowd responded: “Everything. "The NSA can do it, the Russians can do it, the Chinese can do it, probably the Iranians and maybe even North Korea too. “They all do it, they are all listening in on everything.” Mr O’Dowd said this could compromise sensitive trade negotiations, like the post-Brexit deal that the UK has been working on since leaving the EU. He told Express.co.uk: “You have trade negotiations. There’s a guy in the room listening with someone saying ‘well should we give them this concession or that concession’. They know exactly what your position is.”They know your weaknesses, they know everything. They are listening to everything you do.
READ THE STORY: Express
A QUICK LOOK:
SWIFT off Russia sanctions list, state banks likely target -U.S., EU officials
FROM THE MEDIA: U.S. and European officials are finalizing an extensive package of sanctions if Russia invades Ukraine that targets major Russian banks, but does not include banning Russia from the SWIFT financial system, according to U.S. and European officials. The sanctions on the table also include export controls on components produced by Russia for the tech and weapons sectors, and sanctions against specific Russian oligarchs, according to three sources familiar with the discussions. One U.S. official said the Russian banks targeted with sanctions could include state-backed VTB and Sberbank, the largest financial institutions in Russia. Both institutions are already subject to sectoral sanctions imposed by the Treasury Department after Russia annexed Ukraine's Crimea region that limit their ability to raise capital in the United States, but the full blocking sanctions in sight now would have far more significant consequences, said one sanctions expert.
READ THE STORY: Saltwire
A QUICK LOOK:
Taiwan: China’s Gray Zone Doctrine in Action
FROM THE MEDIA: The world's top manufacturer of lithography equipment, Dutch company Advanced Semiconductor Materials International (ASML), has warned that it believes a Chinese company may be selling chipmaking equipment that infringes its intellectual property rights. News of the possible Chinese imitation emerged in ASML's 2021 annual report [PDF] in a section on intellectual property protection: Early in 2021, we became aware of reports that a company associated with XTAL Inc, against which ASML had obtained a damage award for trade secret misappropriation in 2019 in the USA, was actively marketing products in China that could potentially infringe on ASML's IP rights. The annual report, dated this week, names the possibly infringing company as DongFang JingYuan Electron. The Chinese company is certainly in the chipmaking business and promotes itself as a source of offering electron beam inspection products that improve the yield of chipmaking processes, as well as critical dimension-scanning electron microscopes that improve quality during the same processes. ASML's annual report doesn't specify what IP it thinks DongFang JingYuan Electron might be abusing, but states Chinese authorities have been informed. China is widely suspected of using espionage – some of it state-sponsored – to secure information about technologies it feels are necessary for the nation's security and prosperity. FBI director Christopher Wray last week said the agency he leads is currently investigating over 2,000 attacks on US targets alone.
READ THE STORY: The Register
A QUICK LOOK:
The Largest Group of CryptoPunks to Ever Come to Auction Will Be Offered at Sotheby’s. It Could Bring in $30 Million
FROM THE MEDIA: Sotheby’s announced it will hold a single-lot sale featuring 104 CryptoPunks with a “landmark” estimate of $20 million to $30 million—the highest asking price to date for an NFT (non-fungible token) or piece of digital art at auction. The auction will be conducted live from Sotheby’s New York saleroom on February 23. This past June, Sotheby’s sold CryptoPunk #7523 for a record $11.8 million. In May 2021, Christie’s sold nine CryptoPunks at an evening sale for just under $17 million ($16.96 million). Although the category only debuted last year, total NFT sales at Sotheby’s have already hit $100 million. The CryptoPunks were released in 2017 by Larva Labs, and are among the world’s most sought-after and expensive NFTs. The group in question was acquired together in a single blockchain transaction from an anonymous collector known as 0x650d. This stand-alone acquisition connects each of the 104 Punks with the same provenance—a wallet that currently holds more than 1 percent of all CryptoPunks, one of the largest Punk collections, according to a statement from Sotheby’s.
READ THE STORY: Marketscreener
A QUICK LOOK:
About this Product
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at dominanceinformation@gmail.com