Tag Archive for: code

Documents, Code, Business Systems Accessed in Reddit Hack

/in


Reddit on Thursday informed users that its systems were hacked as a result of what the company described as a sophisticated and highly targeted phishing attack aimed at employees.

According to Reddit, the intrusion was detected on February 5. The hackers gained access to some internal documents, source code, internal dashboards and business systems. 

Up until this point in the investigation, Reddit has determined that the exposed information includes limited contact information for hundreds of contacts and current and former employees, as well as some advertiser information. 

“Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online,” Reddit said. 

There is no indication that user passwords or accounts have been compromised. The company also said there is no evidence of a breach of production systems, where the platform runs and where a majority of its data is stored.

The data breach was discovered after an employee informed Reddit’s security team that they had fallen for a phishing attack. The attackers targeted Reddit employees with “plausible-sounding prompts” that led them to a phishing website mimicking its intranet gateway. 

A Reddit representative noted in an AMA (Ask Me Anything) thread that the employee whose credentials were phished did have two-factor authentication (2FA) enabled on their account, as the company requires it for all employees. 

However, it seems that the phishing page targeted not only employee credentials, but also their second-factor tokens. 

Several major tech companies were targeted in sophisticated phishing attacks in the past months. One of them is Zendesk, which revealed recently that some employees handed over their credentials to threat actors in the fall of 2022. 

At around the same time, companies such as Twilio, Cloudflare and at least 130 others were targeted in a phishing campaign dubbed Oktapus, which appeared to be the work of financially-motivated threat actors.

Related: Reddit Names Allison Miller as CISO, VP of…

Source…

Hackers Behind Riot Games Breach Stole League of Legends Source Code

/in


Riot Games says it lost the source code to the multiplayer title League of Legends after hackers breached its internal systems last week. 

The hackers also stole the source code to another game, TeamFight Tactics (TFT), and the computer code for a “legacy anticheat platform,” Riot Games revealed on Twitter today.

In addition, the hackers sent a “ransom email” to the game studio on the same day, demanding it pay up to keep the source code private. But Riot Games is refusing to submit.

As a result, it’s possible the hackers could publicly leak or try to sell the stolen source code to the highest bidder. However, both League of Legends and TFT are already free-to-play titles. Copyright protections also prevent other game studios from stealing assets for a game. 

According to Riot Games, the real threat is the stolen source code giving cheaters a behind-the-scenes look at exploiting the game mechanics. “Truthfully, any exposure of source code can increase the likelihood of new cheats emerging,” the company said. “Since the attack, we’ve been working to assess its impact on anticheat and to be prepared to deploy fixes as quickly as possible if needed.”

The stolen source code also contains experimental features for the games, but not all of these features may end up in the final product. 

So far, Riot Games has only said the hackers managed to infiltrate the company’s systems through a “social engineering attack.” This likely means the attackers duped a company employee into giving up their corporate password or installing malware onto their computer. 

The incident has temporarily forced the company to delay updates for its games. But in some good news, Riot Games maintains that no user data appears to have been compromised in the hack. The company also expects to repair its ability to release game updates later this week. 

“We’re committed to transparency and will release a full report in the future detailing the attackers’ techniques, the areas where Riot’s security controls failed, and the steps we’re taking to ensure this doesn’t happen again,” the studio added.

Source…

Exploit code to hack Lexmark printers and photocopiers published, uses zero day vulnerabilities

/in


The American corporation Lexmark International, Inc. is a privately owned business that specializes in the production of laser printers and other image goods.

The researcher found that the product is susceptible to two vulnerabilities, either of which can be exploited by an adversary to copy file data from a source path to a destination path or to induce the server-side application to make requests to an unintended location. Both of these vulnerabilities are possible due to the fact that the product is vulnerable to both of these vulnerabilities. According to the specialists, the printer has two vulnerabilities that enable an authorized hacker to upload arbitrary files and run code with elevated privileges. Both of these vulnerabilities may be exploited by a malicious user.

He published the code on Github that had a proof-of-concept (PoC) exploit for each of the four vulnerabilities. These vulnerabilities make it possible for an adversary to seize control of a vulnerable device.

According to the findings of the researcher, an attack may be carried out that compromises the device by exploiting all four of its vulnerabilities simultaneously.

The proof-of-concept attack has been successfully tested against a Lexmark MC3224adwe printer using the most recent version of the firmware, CXLBL.081.225; nevertheless, it is claimed to operate successfully against other printers and photocopiers as well.

The security flaw that was discovered in Lexmark’s printer devices has not been fixed.

Source…