Hackers attack major Telegram channels, North Face suffers credential stuffing attack, and more

Originally published at: https://cloudsek.com/threatintel/hackers-attack-major-telegram-channels-north-face-suffers-credential-stuffing-attack-and-more/

Round Up of Major Breaches and Scams

Hacker stole $2 million worth of Dai cryptocurrency from Akropolis

Cryptocurrency borrowing and lending service Akropolis disclosed a flash loan attack in which hackers have stolen roughly $2 million worth of Dai cryptocurrency. The attack took place on November 12, in response to the attack the platform halted all the transactions to prevent hackers from stealing further funds.

Scammers Expose Facebook Data Haul of 13 Million Records

Security researchers have uncovered a major Facebook scam exploiting hundreds of thousands of users, after the scammers left an Elasticsearch server unsecured. Among the 5.5GB haul discovered by vpnMentor on September 21, was 150,000-200,000 Facebook usernames and passwords, and personal info including emails, names and phone numbers for hundreds of thousands who had fallen victim to a Bitcoin scam.

Hackers attacked major Telegram channels via video on Yandex

On November 10, hackers conducted a major attack on popular Telegram channels. Reddit’s administrators completely lost access to the channel, to which 236 thousand people were subscribed. The attackers used the old scheme: they simply sent the Trojan-infected file to the administrators. Hackers stole the Telegram channel of the Reddit forum, administrators could not log in to the control panel. The Telegram channel Baza was also attacked, but the attackers failed to gain access to the channel.

Hacker shares 3.2 million Pluto TV accounts for free on forum

A hacker is sharing what they state are 3.2 million Pluto TV user records that were stolen during a data breach. Pluto TV is an Internet television service that lets you stream free TV shows with advertisements. The service has over 28 million members, and its mobile apps have been installed over 10 million times.
Pluto TV database leaked on a hacker forum

The North Face website suffered a credential stuffing attack

Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack.
Outdoor retail giant The North Face has forced a password reset for a number of its customers following a successful credential stuffing attack that took place on October 8th and 9th. Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing attacks and data breaches.

Scams Ramp Up Ahead of Black Friday Cybercriminal Craze

With more online shoppers this year due to COVID-19, cybercriminals are pulling the trigger on new scams ahead of Black Friday and Cyber Monday. The number of online holiday shoppers this year is expected to skyrocket due to the pandemic and consequently, consumers can expect an onslaught of scams, phishing attacks and other malicious activities.

Round Up of Major Malware and Ransomware Incidents

New TroubleGrabber malware targets Discord users

Netskope security researchers have spotted a new credential stealer dubbed TroubleGrabber that spreads via Discord attachments and uses Discord webhooks to transfer stolen data to its operators. The malware has the same functionalities used by other malware that target Discord gamers, like AnarchyGrabber, but it appears to be the work of different threat actors. TroubleGrabber was developed by an individual named Itroublve and is currently used by multiple threat actors.

Round Up of Major Vulnerabilities and Patches

Apple Issues Security Updates

Apple has issued multiple security updates for three of its operating systems; macOS Big Sur 11.0 and 11.0.1, macOS High Sierra 10.13.6, and macOS Mojave 10.14.6, according to a notice from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). The updates follow Apple’s release of security updates for most of its non-Macintosh platforms earlier in November.

Hackers can use just-fixed Intel bugs to install malicious firmware on PCs

Earlier this week, Intel fixed a series of bugs that made it possible for attackers to install malicious firmware on millions of computers that use its CPUs. The vulnerabilities allowed hackers with physical access to override a protection Intel built into modern CPUs that prevents unauthorized firmware from running during the boot process.

1 Like