Tag Archive for: hacker

How the Ledger Connect hacker tricked users into making malicious approvals

/in


The ‘Ledger hacker’ who siphoned away at least $484,000 from multiple Web3 apps on Dec. 14 did so by tricking Web3 users into making malicious token approvals, according to the team behind blockchain security platform Cyvers.

According to public statements made by multiple parties involved, the hack occurred on the morning of Dec. 14. The attacker used a phishing exploit to compromise the computer of a former Ledger employee, gaining access to the employee’s node package manager javascript (NPMJS) account.

Once they gained access, they uploaded a malicious update to Ledger Connect’s GitHub repo. Ledger Connect is a commonly used package for Web3 applications.

Some Web3 apps upgraded to the new version, causing their apps to distribute the malicious code to users’ browsers. Web3 apps Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash were infected with the code.

As a result, the attacker was able to siphon away at least $484,000 from users of these apps. Other apps may be affected as well, and experts have warned that the vulnerability may affect the entire Ethereum Virtual Machine (EVM) ecosystem.

How it could have happened

Speaking to Cointelegraph, Cyvers CEO Deddy Lavid, chief technology officer Meir Dolev, and blockchain analyst Hakal Unal shed further light on how the attack may have occurred.

According to them, the attacker likely used malicious code to display confusing transaction data in the user’s wallet, leading the user to approve transactions they didn’t intend to.

When developers create Web3 apps, they use open-source “connect kits” to allow their apps to connect with users’ wallets, Dolev stated. These kits are stock pieces of code that can be installed in multiple apps, allowing them to handle the connection process without needing to spend time writing code. Ledger’s connect kit is one of the options available to handle this task.

Source…

Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Kyivstar

/in


Over nearly a decade, the hacker group within Russia’s GRU military intelligence agency known as Sandworm has launched some of the most disruptive cyberattacks in history against Ukraine’s power grids, financial system, media, and government agencies. Signs now point to that same usual suspect being responsible for sabotaging a major mobile provider for the country, cutting off communications for millions and even temporarily sabotaging the air raid warning system in the capital of Kyiv.

On Tuesday, a cyberattack hit Kyivstar, one of Ukraine’s largest mobile and internet providers. The details of how that attack was carried out remain far from clear. But it “resulted in essential services of the company’s technology network being blocked,” according to a statement posted by Ukraine’s Computer Emergency Response Team, or CERT-UA.

Kyivstar’s CEO, Oleksandr Komarov, told Ukrainian national television on Tuesday, according to Reuters, that the hacking incident “significantly damaged [Kyivstar’s] infrastructure [and] limited access.”

“We could not counter it at the virtual level, so we shut down Kyivstar physically to limit the enemy’s access,” he continued. “War is also happening in cyberspace. Unfortunately, we have been hit as a result of this war.”

The Ukrainian government hasn’t yet publicly attributed the cyberattack to any known hacker group—nor have any cybersecurity companies or researchers. But on Tuesday, a Ukrainian official within its SSSCIP computer security agency, which oversees CERT-UA, pointed out in a message to reporters that a group known as Solntsepek had claimed credit for the attack in a Telegram post, and noted that the group has been linked to the notorious Sandworm unit of Russia’s GRU.

“We, the Solntsepek hackers, take full responsibility for the cyber attack on Kyivstar. We destroyed 10 computers, more than 4 thousand servers, all cloud storage and backup systems,” reads the message in Russian, addressed to Ukrainian president Volodymyr Zelenskyy and posted to the group’s Telegram account. The message also includes screenshots that appear to show access to Kyivstar’s network, though this could not be verified. “We attacked Kyivstar…

Source…

Children’s computer game Roblox insider tricked by hacker for access to users’ data

/in



Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in
The hacker had access to personal information, the ability to change passwords and two-factor authentication, and could steal valuable in-game items from some of the ‘richest’ players in the game
Find your bookmarks in your Independent Premium section, under my profile
A hacker who bribed a worker for the online video game Roblox managed to gain access to the personal information of a smaller number of users, the ability to change passwords and email addresses, and allocate in-game currency.
The hacker first paid an insider to look up data about users, and then targeted a customer support representative. They said they did it to “prove a point” to the company.
Speaking to Motherboard under the condition of anonymity, the hacker could also change security settings, enact bans, and steal items from other users.
Roblox is a free-to-play game that “lets you play, create, and be anything you can imagine,” according to its description on the Microsoft Store. It is available on a number of platforms, including Android and iOS smartphones, Xbox game consoles, and Windows computers.
Players can customise characters and then navigate ‘minigames’ such as running obstacle courses, scuba diving, acting as a superhero, and many other activities.
According to Techcrunch, its millions of users rage from between eight and 18, although its key demographic is between nine and 15 years old.
“A lot of kids come to Roblox to play with their friends,” Craig Donato, Roblox Chief Business Officer told Techcrunch. “It’s like a virtual playground where they tend to jump from game to game with their friends – almost like jumping like I used to jump from the swing set to the monkey bars.”
In screenshots reportedly seen by Motherboard, the hacker claimed to show a customer support panel containing user data from high-profile players such as YouTuber Linkmon99 – known for being the “richest” player due to the value of their in-game items.
The YouTuber confirmed to Motherboard that the email address shown was one “secretly”…

Source…

Y0ur P@ssw0rd S*cks: Hacker Answers Security Questions

/in


Y0ur P@ssw0rd S*cks is a bi-weekly column that answers the most pressing internet security questions web_crawlr readers have to make sure they can navigate the ‘net safely. If you want to get this column a day before we publish it, subscribe to web_crawlr, where you’ll get the daily scoop of internet culture delivered straight to your inbox.

You may know crimew as the hacktivist who discovered the TSA No Fly List on an unsecured server earlier this year, as exclusively reported by the Daily Dot. The discovery even spawned an internet meme, but that’s a story for another day.

We asked crimew three questions that are most commonly asked by those interested in the world of hacking.

First things first, what exactly is a hacker? It may seem like a silly question. While many people associate the term with criminal activity, hacker is a very broad term. Although the context of this conversation will center around computer hackers, a hacker doesn’t even have to be someone who focuses on electronic devices.

As crimew puts it: “A hacker is anyone who finds creative solutions to problems.”

So, what one piece of advice would a skilled hacker give to help everyday users stay safe online from nefarious actors? It’s much simpler than you’d think.

There’s a popular belief that criminal hackers are spending most of their time breaking into individual people’s social media accounts, leading to worry among many. But in reality, most hacks are done at scale. Criminal hackers steal passwords, credit card numbers, and health data from large databases, for example.

One of the best moves you can make, crimew says, is to keep all your software updated. Sometimes you’re worried that an update will introduce a new feature you aren’t excited about. We get it. But applying all your updates, especially those for your web browsers and operating systems, will help keep you from randomly getting hacked.

Also make sure to check out web_crawlr’s other security tips, which cover a wide array of topics related to everyday life in the digital age.

Now, an answer to the question you have almost certainly asked at some point: “Why haven’t…

Source…