Tag Archive for: disrupts

Massive ‘Apex Legends’ Hack Disrupts NA Finals, Raises Serious Security Concerns

/in


Something rather terrifying has disrupted the North American Finals of Apex Legends, and players are now starting to potentially worry about their own accounts and the overall safety of the game.

Respawn and EA have postponed the North American Finals in the wake of the “competitive integrity” of the game being compromised. This involved a wild situation where someone was giving the pros hacks like aimbots and wallhacks as they were playing in the Finals event, effectively ruining the entire thing without anyone actually attempting to cheat. Here’s what that looked like (warning: language):

This shocked players and one even got banned from the game for using an aimbot cheat before Respawn shut the entire thing down.

What’s unclear is the extent of the breach. There is some concern that it might not just be for messing with the pros at the finals, but a larger security issue with the entire game that could affect the wider playerbase. Some creators are claiming on social media that they’ve scanned their PCs and are finding viruses, though there’s so much panic going around there’s no evidence that has to do with this hack. But if the hack could breach a pro match, it would seem to be something that could breach normal players, even if it’s not actually doing so right now. Many believe this is the work of one hacker, Destroyer2009, who has previously been hacking pros, and this was an RCE remote exploit using their PCs, but none of that has been confirmed.

It’s hard to understate just how unprecedented something like this is in a major esports event. A finals event getting put on ice because someone breached the game to give players hacks is simply something that does not happen.

This has led to a mass of complaints about Apex’s anti-cheat systems, which clearly failed in a massive way for this situation. But it also speaks to just how advanced cheats have become as this is a private lobby for pros playing in an esports final.

Not that this is necessarily related, but Respawn was just hit days ago with 23 layoffs including Apex Legends developers, some of whom were longtime veterans. Though if anything, this shows that EA needs to…

Source…

Change Healthcare hack by ‘nation-state’ disrupts pharmacies, patients

/in


A cyberattack blamed on a “nation-state” is wreaking havoc with prescriptions on Long Island and nationwide, leading to some insurance authorizations not going through and some customers being told to wait for refills until the problem is resolved.

Pharmacies that rely exclusively on Change Healthcare to process insurance claims are reeling, said Heather Ferrarese, board chair of the Pharmacists Society of the State of New York.

“For some pharmacies, it’s been completely devastating to their business the past few days,” said Ferrarese, co-owner of Bartle’s Pharmacy in upstate Oxford.

Change, a subsidiary of the giant Minnesota-based UnitedHealth Group, first publicized the problem early Wednesday morning, and since Thursday has been periodically posting messages through fellow UnitedHealth subsidiary Optum that described a “cyber security issue” that “our experts are working to address.”

UnitedHealth said in a filing Thursday with the Securities and Exchange Commission that it “cannot estimate the duration or extent of the disruption at this time.”

Optum, with which Change merged in 2022, declined Friday to comment on a timeline.

It’s unclear how many prescriptions are impacted by the outage.

At New Island Pharmacy in Deer Park, about 10% to 20% of customers are affected by the breach, said owner and pharmacist Nidhin Mohan.

Mohan said his pharmacy has two servers that connect insurance companies with his computer system, and with the Change server down, he is using one run by competitor RelayHealth. The problems are with customers whose insurance companies or plans don’t work with Relay, he said.

When he cannot connect with the insurance companies of long-term customers, Mohan asks the customer to wait until the problem is resolved. But for those who can’t wait, he accepts the patient’s copay, which he determines from previous transactions. After Change’s systems are back online, he will seek reimbursement for the rest of the drug cost from insurance companies.

“I’m hoping that once everything is settled, I can run it through and get my money back,” he said.

“If you are using a private pharmacy, if you’re using a small mom-and-pop, this works, but if…

Source…

U.S. Government Disrupts Botnet People’s Republic Of China Used To Conceal Hacking Of Critical Infrastructure

/in


FBI News:

A December 2023 court-authorized operation has disrupted a botnet of hundreds of U.S.-based small office/home office (SOHO) routers hijacked by People’s Republic of China (PRC) state-sponsored hackers.

The hackers, known to the private sector as “Volt Typhoon”, used privately-owned SOHO routers infected with the “KV Botnet” malware to conceal the PRC origin of further hacking activities directed against U.S. and other foreign victims.

These further hacking activities included a campaign targeting critical infrastructure organizations in the United States and elsewhere that was the subject of a May 2023 FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), and foreign partner advisory.

The same activity has been the subject of private sector partner advisories in May and December 2023, as well as an additional secure by design alert released recently by CISA.

The vast majority of routers that comprised the KV Botnet were Cisco and NetGear routers that were vulnerable because they had reached “end of life” status; that is, they were no longer supported through their manufacturer’s security patches or other software updates. The court-authorized operation deleted the KV Botnet malware from the routers and took additional steps to sever their connection to the botnet, such as blocking communications with other devices used to control the botnet.

“The Justice Department has disrupted a PRC-backed hacking group that attempted to target America’s critical infrastructure utilizing a botnet,” Attorney General Merrick B. Garland said. “The United States will continue to dismantle malicious cyber operations – including those sponsored by foreign governments – that undermine the security of the American people.”

“In wiping out the KV Botnet from hundreds of routers nationwide, the Department of Justice is using all its tools to disrupt national security threats – in real time,” Deputy Attorney General Lisa O. Monaco said.  “Today’s announcement also highlights our critical partnership with the private sector – victim reporting is key to fighting cybercrime, from home offices to our most critical…

Source…

U.S. Disrupts Hacking Operation Led by Russian Intelligence

/in


The F.B.I., working with other countries, disrupted a Russian hacking operation that infiltrated more than 1,000 home and small-business internet routers in the United States and around the world, the Justice Department announced on Thursday.

Russian intelligence, collaborating with cybercriminals, created a botnet, or a network of private computers infected with malicious software, to spy on military and security organizations and private corporations in countries like the United States.

Using a court order, the F.B.I. secretly copied and deleted stolen data and malware from hacked routers. Doing this stopped Russia’s ability to use the routers without affecting how they function, officials said.

The F.B.I. director, Christopher A. Wray, shared details of the operation at an annual security conference in Munich.

The disruption is part of a broader effort to stymie Russia’s cybercampaigns against the United States and its allies, including Ukraine. The details of the operation come a day after the Biden administration said it told Congress and its European allies that Russia is seeking to create a space-based nuclear weapon to target the U.S. network of satellites.

For weeks, the White House and proponents in Congress have been trying to persuade House Republicans to continue funding Ukraine’s military operations in its fight against Russia because doing so is critical to American national security.

Speaking in Munich, Mr. Wray said Russia continued to target critical infrastructure, such as underwater cables and industrial control systems, around the world.

“For instance, since its unprovoked invasion of Ukraine, we’ve seen Russia conducting reconnaissance on the U.S. energy sector,” Mr. Wray said. “And that’s a particularly worrisome trend because we know that once access is established, a hacker can switch from information gathering to attack quickly and without notice.”

Mr. Wray warned that China’s abilities in cyberwarfare have also continued to improve.

“The cyberthreat posed by the Chinese government is massive,” Mr. Wray said. “China’s hacking program is larger than that of every other major nation combined.”

Last month, the F.B.I. announced it

Source…