Issue 62 - Week of April 25th

1.       Qatar National Bank Probes Possible Data Breach: Qatar National Bank is probing reports of an online leak of confidential data of a large number of its customers, but has not confirmed it suffered a data breach. The details leaked include names, passwords, and banking information of several journalists, ruling family, government and defense officials. Some 1.5GB of information was found online and Reuters reports seeing recent transactions of overseas remittances. The bank is one of the largest in the Middle East.

2.       German Nuclear Power Plant Infected With Malware: A German nuclear power plant near Munich reportedly was found infected with malware, It has confirmed that since the plant is cut off from Internet, the malware infection did not affect or harm operations. Conficker and W32.Ramnit malware were discovered in unit B of the Gundremmingen plant on the computer system that operates the tools that move nuclear fuel rods. Conficker is a worm that can spread quickly through networks, while W32.Ramnit steals files from computers and is spread through USB sticks.

3.       Spotify Hacked! Change your Password ASAP: If you are one of the millions of people around the world who love to listen to music on Spotify, you may need to change your password immediately. Spotify apparently suffered a security breach that leaked hundreds of Spotify accounts details, including emails, usernames, passwords and account type, which was published last week to the popular anonymous file sharing website Pastebin. Spotify is investigating.  Couple of months ago, hundreds of spotify premium accounts were exposed online.

4.       Nearly 93.4 Million Mexican Voter Data Leaked Online: A hacker discovered over 100 gigabytes of an extensive database completely open on the Internet for anyone to download while the hacker was browsing Shodan – a search engine for servers and Internet-connected devices. The database turned out to be a voter registration database for the country of Mexico that contained the personal information, including full names, residential addresses, and national identification numbers, of virtually all registered voters.  Philippines and Turkey too suffer similar hacks.

5.       DDoS Extortionists made $100,000 without Launching a Single Attack: Cyber crooks find a new and ingenious way to make hundreds of thousands of dollars with no effort.  An unknown cyber gang, pretending to be Armada Collective, has made more than $100,000 in less than two months simply by threatening to launch DDoS attack on websites, but never actually launched a single attack. Armada Collective is the criminal gang that was responsible for one of largest DDoS attacks against ProtonMail in November 2015 and extorted $6,000 to stop sustained DDoS attack that had knocked its service offline.

6.       Details emerge on the Bangladesh Heist: Investigators discovered that hackers who stole $81 million from the Bangladesh Central Bank actually hacked into software from SWIFT financial platform, a key part of the global financial system. The hackers used a custom-made malware to hide evidence and go undetected by erasing records of illicit transfers with the help of compromised SWIFT system. Recently, Bangladesh police investigators uncovered evidence revealing that the Bank was using second-hand $10 network switches without a Firewall to run its network, which offered hackers access to the bank’s entire infrastructure, including the SWIFT servers.

7.       Former Tor Developer Created Malware for FBI to Unmask Tor Users: Tor is an anonymity software used by millions of people, including government officials, human rights activists, journalists and, of course, criminals around the world to keep their identity hidden while surfing the Internet. According to an investigation, a cyber-security expert and former employee of the Tor Project, helped the FBI with Cornhusker a.k.a Torsploit malware that allowed Feds to hack and unmask Tor users in several high-profile cases, including Operation Torpedo and Silk Road.

8.       MIT University Launches Bug Bounty Program: The Massachusetts Institute of Technology (MIT) launches its experimental bug bounty program this week, which aims at encouraging university students and security enthusiasts to find and responsibly report vulnerabilities in its official websites. The MIT becomes the first academic institution to reward hackers, open only for university affiliates with valid certifications.  Other recent Bug bounty programs – Uber, General Motors, Pentagon.

9.       Irremovable Android malware poses as Google Chrome update: A banking and personal information stealing mobile malware posing as a Google Chrome update for Android, and which can't be removed from the infected device, has been spotted in the wild by cybersecurity researchers. The malware is capable of harvesting banking information, call logs, SMS data and browser history which are all sent to a remote command-and-control server. The Malware can't be removed as it refuses to allow the user to remove administrative access. The only way to remove the infection is to return the device to factory settings - an option which causes all data stored on the phone to be lost.

Bank of Baroda hacked: Hackers infiltrated the bank and started carrying out transactions through debit cards of BoB customers. One time passwords were not generated or needed for such fraudulent transactions. 70 customers’ accounts were affected and a loss of over ₹ 1Million reported.