Hackers Steal Over $ 90M From Liquid Crypto Exchange in Japan
Earlier this week, T-Mobile confirmed data breach affecting at least 48 million people, a number that could still rise as the company’s investigation continues. The data set contains sensitive information such as social security numbers, driver’s license details, and reportedly even the unique IMEI numbers that come with each smartphone. Not only that, but the most of the victims of the violation to date have not been T-Mobile customers; Instead they are past or future customers who have sometimes asked for a carrier loan. A class action lawsuit has already been filed even if the arbitration proposal on T-Mobile’s customer agreements could be an obstacle on the path to payment.
We also looked at a frightening vulnerability in ThroughTek Kalay, a software developer kit for a platform that runs tens of millions of video-of-things video devices. That means child monitors, security cameras, and so on. Researchers have shown how attackers can use the errors to view video feeds in real time or cover them up with denial-of-service attacks. ThroughTek sent out an update in 2018 that provided ways to minimize the attack, but it’s unclear with instructions on how or why customers will implement it.
Google also made specific changes to Workspace, the suite of cloud-based productivity software formerly known as G Suite, after a worm in Google Docs 2017 showed how vulnerable the platform is to scammer. But a security researcher showed that to be the case it is still very possible for a dedicated hacker to abuse the system.
Twelve are civil rights groups are at gunpoint of Apple’s controversial system part that people use IPhones to help locate child sexual abuse material. China has long been a propaganda powerhouse and of late it turned its attention to the BBC, attacking various reporting lines contrary to the interest of the country. And we made a quick tutorial for that how to send lost messages of the most popular chat apps.
And there is more! Each week we focus on all the WIRED security news not covered in depth. Click on the news headlines to read the full stories, and stay safe there.
This is a great month for cryptocurrency theft! It was last week Poly Network, which saw a hacker go missing with more than $ 610 million of various digital coins before returning most of them. Now it’s Liquid’s turn. The Japanese cryptocurrency exchange said last week that “hot” wallets — those connected to the internet, as opposed to “cold” wallets, which are not — had been compromised by a hack that resulted in nearly $ 97 million worth bitcoin, Ethereum, and other coins. stolen. The liquid said it transferred some of the properties to the cold wallets as a response, but the damage was already done.
Elliot Carter runs a site called WashingtonTunnels.com, which actually gives its name. The “DC Underground Atlas” offers a detailed look at the underground passages in the U.S. capital. As you can imagine, that often gets a steady stream of enthusiasts rather than seeing a lot of traffic spikes. That is, until a few days before rioters stormed the U.S. Capitol building. At the time, Carter told NBC colleagues in the DC area, he saw an influx of visitors from across the country, most of them from “anonymous message boards, sites and forums named after militia or weapons, or use Donald Trump’s name. ” Makaduda! Carter reported the activity to the FBI, and a few days later it happened.
The bad news is that hackers compromised the U.S. Census Bureau in January 2020, in a way that was preventable and perhaps a bit embarrassing. The good news, or at least not so much bad news, is that hackers don’t get anywhere near the real census results. But they got access to the servers thanks to a vulnerability revealed by software company Citrix a few weeks ago, the day after a proven concept for an exploit of that flaw. published on GitHub. Consistent with the timeline provided by the Inspector General’s Office, the Census Bureau’s firewall prevented attackers from communicating with their command and control servers after a day, but took weeks for the agency to complete the intrusion. .
Apple needs a famous line hard against leaks, deploy a team of investigators to minimize the spillover of corporate secrets and minimize fallout. They also found recruiting even one community member to sell banned documents and hardware to Apple, according to a new report from Motherboard. The informant said he reached out to Apple, rather than the other way around, but eventually got into their relationship. It’s a worthy book for the perspective of both Apple’s anti-leak squad and the people they’re trying to find.
More WIRED Stories