Tag Archive for: renewed

Crypto hacking behind N. Korea’s renewed nuclear ambition

/in


Crypto hacking behind N. Korea’s renewed nuclear ambition (The Korea Herald)

Crypto hacking behind N. Korea’s renewed nuclear ambition (The Korea Herald)
Borders were closed and trade was cut off while international sanctions continued throughout the COVID-19 pandemic, further isolating North Korea, one of the world’s most impoverished nations. But its regime has discovered new ways of raking in funds to continuously pursue its missile ambitions and divert sanctions and regulations at the same time — via hacking cryptocurrencies.

The online theft of cryptocurrency has allowed Pyongyang free access to the new but less regulated financial system operated on blockchain technology, believed to be unhackable, through manipulation techniques that exploit human error to trick people into giving up confidential information or to download malware-ridden files.

Through such highly engineered methods, North Korean hackers have been channeling billions of dollars into the secluded regime’s pockets, according to experts from the US and South Korea.

It has become an efficient means to cover the astronomical costs of missile launches and nuclear tests for North Korea, with a gross national income that stands at 36.3 trillion won ($27.7 billion) — about 1.7 percent that of South Korea.

The pandemic has pushed the North Korean regime to further rely on cybertheft, allowing Kim Jong-un to expand his nuclear program without having to engage with the outside world.

“North Korea has engaged in a string of illicit moneymaking schemes over the decades, from manufacturing methamphetamine to counterfeiting $100 bills, and crypto theft is the latest,” said Jean Lee, a fellow at the Wilson Center in Washington and co-host of the “Lazarus Heist” podcast from the BBC World Service.

“Cryptocurrency is incredibly appealing for North Korean hackers because it promises the potential for huge gains — and remains largely unregulated.”

North Korea’s cryptocurrency theft — which began in 2017 — has begun to take center stage this year as it has fired a record-breaking number of missiles at unprecedented speed and geared up for another nuclear test despite its still-sluggish economic conditions.

This year alone, North Korea has so far fired around 90 missiles, including…

Source…

Government Shutdown Means Government Website Security Certs Aren’t Being Renewed

/in

With all the news about the ongoing government shutdown and the big messes it has caused, it’s creating lots of little messes with potentially big impact as well. For example, scammers and robocallers have upped their game during the shutdown, knowing that (1) there’s no one investigating these scams right now, and (2) as I discovered when I tried to report one, the FTC has literally shut down the web portal where you used to be able to submit complaints.

Another one, however, pointed out last week by Netcraft, is the fact that government website security certificates are expiring… and there’s no one around to renew them:

Dozens of U.S. government websites have been rendered either insecure or inaccessible during the ongoing U.S. federal shutdown. These sites include sensitive government payment portals and remote access services, affecting the likes of NASA, the U.S. Department of Justice, and the Court of Appeals.

With around 400,000 federal employees currently furloughed, more than 80 TLS certificates used by .gov websites have so far expired without being renewed. To compound the situation, some of these abandoned websites can no longer be accessed due to strict security measures that were implemented long before the shutdown started.

As Netcraft notes, some of those sites you can’t even get around the security warning, such as certain DOJ sites:

In a twist of fate, the usdoj.gov domain — and all of its subdomains — are included in Chromium’s HSTS preload list. This is a prudent security measure which forces modern browsers to only use secure, encrypted protocols when accessing the U.S. DoJ websites; however, it will also prevent users from visiting the HTTPS sites when an expired certificate is encountered. In these cases, modern browsers like Google Chrome and Mozilla Firefox deliberately hide the advanced option that would let the user bypass the warning and continue through to the site.

There are some government websites that you can click through on, but as Netcraft notes, this could allow for man-in-the-middle attacks or other security risks:

This introduces some realistic security concerns, as task-oriented users are more likely to ignore these security warnings, and will therefore render themselves vulnerable to man-in-the-middle attacks.

If the shutdown continues for a while, this problem could get significantly worse. I know that Wall Street put pressure on the government to make certain IRS employees suddenly deemed “essential” to help Wall Street keep functioning smoothly, perhaps someone might want to deem the people renewing security certs similarly essential? Or, you know what, maybe just re-open the damn government.

Permalink | Comments | Email This Story

Techdirt.

Pwn2Own contest highlights renewed hacker focus on kernel issues

/in

Hackers demonstrated 21 new vulnerabilities in attacks against browsers and operating systems during this year’s Pwn2Own hacking contest. The complexity of the exploits, though, shows that hackers have to jump through many hoops to gain full system control.

On Wednesday and Thursday, five contestants — four teams and one independent researcher — demonstrated three successful remote code execution attacks against Safari on OS X, two against Microsoft Edge on Windows, four against Adobe Flash on Windows and one partially successful attack against Google Chrome on Windows. Firefox was not a target in this year’s contest.

To read this article in full or to leave a comment, please click here

Network World Security