Plus: A new Prometei botnet variant has infected over 10,000 devices worldwide in the last six months
Part of Network | |
Presented by |
Hackers have stolen $200M from crypto lending company Euler Finance. The breach is the 26th largest crypto theft in the industry's history. More: - The theft is believed to have happened over four transactions in currencies such as:
- dai (DAI),
- wrapped Bitcoin (WBTC),
- staked ether (sETH),
- and USDC.
- In order to steal the funds, the attacker conducted a flash loan attack.
- Flash loans allow DeFi users to borrow millions of dollars against zero collateral.
- The loan must be repaid before the transaction ends, or the smart contract reverses the transaction as if the loan never existed.
- Euler Finance has stated that it is currently investigating the breach and did not offer technical details.
| |
The Housing Authority of The City of Los Angeles has been breached by the Lockbit Ransomware group. The agency has an annual budget of $1B. More: - HACLA is a state agency responsible for providing affordable housing and job training for low-income communities in Los Angeles.
- According to a statement by the agency, the breach was discovered on Dec. 31, 2022, while the breach happened on or after Jan. 15, 2022.
- Hackers have stolen information such as:
- Full name,
- Social Security number,
- Date of birth,
- Passport number,
- Driver's license,
- State ID number,
- Tax ID number,
- Military ID number,
- Government-issued ID number,
- Credit/debit card number,
- Financial account number,
- Health insurance information,
- Medical information, etc.
- The threat actors uploaded samples of the files they claim to have stolen from HACLA's network on Dec. 31 and followed up with their threat to publish all files on Jan. 27, 2023.
- This indicates that the negotiations for the ransom payment have failed, and the government agency declined to meet the cybercriminals' demands.
| |
A message from LAIKA How Laika Can Help Your Company Become SOC 2 Compliant Laika's Compliance-as-a-Service solution helps companies automate every part of information security compliance. In this guide, you'll learn how to navigate the complex field of SOC 2 compliance from start to finish. Learn what is SOC 2 and why it matters for your startup, how to prep for SOC 2, and what time and cost to expect. Download the guide to turn compliance from a pain point into a secret weapon. Download the guide | |
Hackers are creating deepfake videos to spread malware variants such as Raccoon, RedLine, Vidar, etc. Since November 202,2 there has been a 200%-300% increase in the number of these videos being uploaded. More: - The videos are presented as tutorials on how to download cracked versions of digital creation tools such as Photoshop, AutoCAD, Premiere Pro, Autodesk 3ds Max, etc.
- Threat actors use data leaks and social hacking to take control of popular YouTube accounts and deploy malware.
- Five to 10 of these videos are uploaded every hour, with the hackers using SEO to make the malicious videos rank higher and reach more victims.
- Threat actors have also been observed to add fake comments to the uploaded videos to further mislead and entice users into downloading the cracked software.
| |
A new Prometei botnet variant has infected over 10,000 devices worldwide in the last six months. The malware mostly targets victims in Brazil, Indonesia, and Turkey. More: - The botnet's infection works by having a PowerShell command be executed to download the botnet remotely.
- Botnet uses support modules spreader programs to spread the malware through Remote Desktop Protocol (RDP), Secure Shell (SSH), and Server Message Block (SMB).
- The variant deploys an Apache web server that can carry out infected files.
- The Prometei botnet has not targeted Russian entities, leading researchers to believe that the malware is administered by Russian threat actors.
- The malware was first tracked in 2016.
| |
Hackers are blackmailing Ukrainian game development studio GSC Game World. The studio is known for creating games such as Stalker 2. More: - The company released a statement claiming that the breach happened due to an employee being targeted by a phishing campaign.
- A Russian social media user stated that they had gained access to game files such as:
- story,
- details,
- cutscenes,
- maps, etc.
- The user said they will leak the details if their demands are not met by March 15.
- The company is urging players not to watch or share leaked information about the game.
| |
Quick Hits: - End the madness of manual expense reporting with Divvy. Take a demo of Divvy and get a college basketball jersey of your choice.*
- A hacking campaign is redirecting users who are visiting breached websites in East Asia to websites that have adult content.
- Czech cybersecurity startup ELLIO Technology has raised a $1.1M pre-seed round led by Czech VC Presto Ventures.
- China-based hackers are believed to be behind a hacking campaign that is targeting SonicWall, a suite of software products that helps users protect their network privacy.
- Ready to grow your business through influencer partnerships? Get the visual guide to the essential stages.*
*This is sponsored content. | |
Upcoming events at Inside: - March 14 - Inside Startups Coffee Break (Register Here)
- March 15 - Monthly Meditation guided by Nicholas Whitaker (Register Here)
- March 20 - Inside Interview with Rollworks - Clearing the Path to ABM Success: Addressing the Issues Holding You Back (Register Here)
- March 27 - Insider Interview with Zscaler - Zero Trust Defense Strategies to Take Your Security to the Next Level (Watch On Demand)
- April 18 - Human Resources Summit'23 (Register Here)
| |
| | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
Laika is a unified compliance platform that automates workflows for audits, infosec monitoring, and vendor due diligence in a single, collaborative space. | |
767 Bryant St. #203, San Francisco, CA 94107 Copyright © 2023 Inside.com | |
|