The Month in Hacks: March 2018

High profile hacker group leader arrested, Bitcoin-mining computers stolen, 150 million MyFitnessPal accounts compromised, and Atlanta government files held ransom. It's all this and more in The Month in Hacks.

Leader of Carbanak (Cobalt) Hacker Group Arrested in Spain

In late March, Europol announced that a man suspected of being the leader of Carbanak hacking group was arrested in Spain. Multiple law enforcement authorities were involved in the arrest, including Taiwanese, Romanian and Belorussian agencies. The Carbanak hacking group, also referred to as Cobalt, is responsible for nearly 1 billion dollars stolen from banks and ATMs worldwide.

Among other hacking techniques, the Carbanak Group primarily used malware to instruct ATMs to dispense cash at specific times, in addition to utilizing e-payment networks to transfer money from banks into personal hacker accounts.

Malware Infects Nearly 5 Million Brand-New Smartphones

Almost 5 million smartphones made by Honor, Huawei, Xiaomi, OPPO, Vivo, Samsung, and GIONEE have been found to contain malware, called RottenSys. The malware, which was added to the phones during the supply chain, is hidden in the pre-installed System Wi-Fi Service app.

Infected devices will aggressively display ads on the home screen and over apps to generate ad revenue from users. It is unknown who added the malware to the device and if they're linked to Tian Pai, the mobile phone distributor who shipped all affected devices.

150 Million Accounts Compromised in MyFitnessPal Data Breach

Under Armour revealed on March 29th that its fitness and diet tracking app, MyFitnessPal, was targeted by hackers at some point in February. The company estimated that over 150 million accounts were breached, with usernames, email addresses, and hashed passwords among the compromised information.

After learning of the breach, MyFitnessPal notified all affected accounts through the app and email and provided details on how users can secure their information moving forward, including the directive to reset their passwords for their MyFitnessPal account as well as any other accounts that use the same password. At this time, they do not offer two-factor authentication. The company claims that no sensitive data was accessed in the breach, assuring users that their credit card information and social security numbers are safe.

U.S. Department of Justice Charges 9 with Hacking and Stealing Research Data

The DOJ recently announced 9 Iranian citizens were charged with hacking hundreds of universities and academic institutions. Specifically, trade secrets and research data from many institutions around the world were the targets of these individuals. Losses total over 3 billion dollars.

The hackers used spearfishing techniques to target emails, usernames, and passwords. After gaining access, the individuals stole academic information and scientific research papers. Some investigators speculate this spearfishing campaign was pursued to acquire the academic information and know-how required to develop nuclear weaponry.

Atlanta Government Files Being Held Hostage by Hackers

The city data of Atlanta, Georgia has been hacked. The impact has been crippling, as residents and city employees have been inconvenienced in countless ways. CNN reports, “Details about the attack itself remain thin. So far, authorities have only confirmed that the city experienced a ransomware cyberattack and city officials received a written demand related to it.”

600 Cryptocurrency-Mining Computers Stolen in Iceland

11 people have been arrested in Iceland following what is being described as one of the biggest thefts in the nation. The thievery surrounds 600 bitcoin mining computers valued at nearly $2 million.

Further suggesting the rise of cryptocurrency, Olafur Helgi Kjartansson, a police commissioner in Iceland, tells the Associated Press, “This is a grand theft on a scale unseen before. Everything points to this being a highly organized crime.”

Top VPN Services Are Leaking IP Addresses

Paolo Stagno, a security researcher, recently discovered nearly 20% of today's top VPN solutions are leaking the customer's IP address. He has shared the published results in a Google Docs spreadsheet. The researcher says he located 17 VPN clients that were leaking user IP addresses while using the web via a browser. Following his research, Stagno shared a collection of valuable tips to consider to stay anonymous while searching the web.

10 Vulnerabilities Found in 4G LTE Protocol

Researchers at Purdue University and the University of Iowa have found ten severe vulnerabilities in the 4G LTE protocol that could allow hackers to spy on phone calls and text messages, send fake emergency alerts, and spoof a device's location. The hacks can be carried out using relatively cheap USRP devices.

There have been no signs of the attacks being used in the wild, but researchers warn that the hacks could have a wide impact on cell security. Fixing the vulnerabilities likely requires major infrastructural or protocol overhaul.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.