Tag Archive for: Call

Call of Duty cheaters targeted with crypto-draining software

/in


Gamers downloading cheats for the first-person shooter Call of Duty are reportedly being targeted by crypto-draining malware that has so far compromised the details of more than 4.9 million accounts.

Call of Duty cheat provider Phantom Overlay was made aware of the malware campaign this week after users started to make unauthorized purchases. Phantom Overlay provides a marketplace for Call of Duty gamers to buy cheats, such as aimbot and player detection behind walls.

As reported by malware sleuth VX Underground, an unknown entity is using malware to steal the credentials of cheaters before publishing them online. The culprit has also infected users with crypto-draining malware capable of stealing bitcoin from Electrum wallets.

Most users responding to VX’s news are reveling in the misfortune of cheaters.

Malware campaign spawns unlikely alliance

VX claims that “in a bizarre twist of fate,” video game company Activision Blizzard is working alongside cheat providers to help users infected with the malware because “The scope of the impact is so large.”

Indeed, VX reports that the accounts of an estimated 3,662,627 Battlenet, 561,183 Activision, 117,366 Elitepvpers, 572,831 UnknownCheats, and 1,365 Phantom Overlay have been compromised, making up 4,915,372 accounts altogether.

Read more: Fake crypto wallet in App Store for four years drained $120K in Stacks

Phantom Overlay reportedly approached gaming forum Elitepvpers, which confirmed that over 40,000 of its accounts were comprised

VX Underground claims that the amount of crypto stolen and the malware delivery methods are currently unknown. VX also clarified that not all of the comprised accounts are cheaters, adding that some impacted users were utilizing software for latency improvement, controller boosting, and VPNs.

Protos has contacted Phantom Overlay, Elitepvpers, and Activision Blizzard for comment and will update if we hear back. 

Got a tip? Send us an email or ProtonMail….

Source…

A Wake-Up Call for Securing Remote Employees’ Hardware

/in


Update: Multiple U.S. and international government agencies released an advisory Feb. 7 detailing the Volt Typhoon attacks. The threat actors targeted and compromised the IT environments of U.S. communications, energy, transportation and water infrastructure in the continental U.S. as well as non-continental areas and territories, such as Guam.

Original article: State-sponsored hackers affiliated with China have targeted small office/home office routers in the U.S. in a wide-ranging botnet attack, Federal Bureau of Investigation Director Christopher Wray announced on Wednesday, Jan. 31. Most of the affected routers were manufactured by Cisco and NetGear and had reached end-of-life status.

Department of Justice investigators said on Jan. 31, 2024, that the malware has been deleted from affected routers. The investigators also cut the routers off from other devices used in the botnet.

IT teams need to know how to reduce cybersecurity risks that could stem from remote workers using outdated technology.

What is the Volt Typhoon botnet attack?

The cybersecurity threat in this case is a botnet created by Volt Typhoon, a group of attackers sponsored by the Chinese government.

Starting in May 2023, the FBI looked into a cyberattack campaign against critical infrastructure organizations. On Jan. 31, 2024, the FBI revealed that an investigation into the same group of threat actors in December 2023 showed attackers sponsored by the government of China had created a botnet using hundreds of privately-owned routers across the U.S.

The attack was an attempt to create inroads into “communications, energy, transportation, and water sectors” in order to disrupt critical U.S. functions in the event of conflict between the countries, said Wray in the press release.

SEE: Multiple security companies and U.S. agencies have their eyes on Androxgh0st, a botnet targeting cloud credentials. (TechRepublic) 

The attackers used a “living off the land” technique to blend in with the normal operation of the affected devices.

The FBI is contacting anyone whose equipment was affected by this specific attack. It hasn’t been confirmed whether…

Source…

CSA launches Cybersecurity Industry Call for Innovation 2023 with Challenge Statements by Three End-Users

/in


More than 50 Proposals Received for CyberCall 2022, Four Proposals Selected

The Cyber Security Agency of Singapore (CSA), together with National University of Singapore (NUS) Enterprise, launched the Cybersecurity Industry Call for Innovation 2023 (CyberCall 2023) today. The launch was announced by Mrs Josephine Teo, Minister for Communications and Information and Minister-in-charge of Smart Nation and Cybersecurity at the Cybersecurity Innovation Day 2023 held today, 29 September 2023, at the Sands Expo and Convention Centre.

2      The CyberCall initiative, first launched in 2018, seeks to catalyse the development of innovative cybersecurity solutions. Through this, CSA aims to strengthen organisations’ cyber resilience and at the same time provide opportunities for cybersecurity companies to contribute to the development of innovative solutions that shows potential to be applied in many organisations’ systems.  Each selected solution that fulfils the eligibility criteria may receive a funding of up to S$1,000,000 under CSA’s Cybersecurity Co-Innovation and Development Fund (CCDF).

CyberCall 2023

3      This year’s CyberCall is looking for proposals in the following areas: 

a. Cybersecurity for Artificial intelligence (AI) 

To safeguard AI systems and the data they process from various cyber attacks in order to maintain the integrity, confidentiality, trustworthiness and reliability of AI applications in an increasingly connected and digital world.

b. Using AI for cybersecurity

To harness the power of AI to strengthen organisations’ cyber defences to protect their systems, data and networks, improve threat detection, and respond more effectively to cyber attacks.

c. Operational Technology (OT) / Internet of Things (IoT) security

To safeguard critical infrastructure, Industrial Control Systems (ICS) and internet-connected devices from cyber threats and vulnerabilities. 

d. Cloud security

To safeguard infrastructure, data and applications hosted in cloud environments, while maintaining the confidentiality, integrity and availability of resources in the cloud.

e. Privacy-Enhancing Technologies (PET)

To safeguard the privacy of individuals…

Source…

MGM cyber attack: How a phone call may have led to the ongoing hack

/in


Did prominent casino chain MGM Resorts gamble with its customers’ data? That’s a question a lot of those customers are probably asking themselves after a cyberattack took down many of MGM’s systems for several days. And it may have all started with a phone call, if reports citing the hackers themselves are to be believed.

MGM, which owns more than two dozen hotel and casino locations around the world as well as an online sports betting arm, reported on September 11 that a “cybersecurity issue” was affecting some of its systems, which it shut down to “protect our systems and data.” For the next several days, reports said everything from hotel room digital keys to slot machines weren’t working. Even websites for its many properties went offline for a while. Guests found themselves waiting in hours-long lines to check in and get physical room keys or getting handwritten receipts for casino winnings as the company went into manual mode to stay as operational as possible. MGM Resorts didn’t respond to a request for comment, and has only posted vague references to a “cybersecurity issue” on Twitter/X, reassuring guests it was working to resolve the issue and that its resorts were staying open.

It took about 10 days, but MGM announced on September 20 that its hotels and casinos were “operating normally” again, although there may be some “intermittent issues” and MGM Rewards may not be available.

“We thank you for your patience,” the company said in its statement. It did not provide any additional information on the reason why its systems went down in the first place.

The attacks show how even organizations that you might expect to be especially locked down and protected from cybersecurity attacks — say, massive casino chains that pull in tens of millions of dollars every day — are still vulnerable if the hacker uses the right attack vector. And that’s almost always a human being and human nature. In this case, it appears that publicly available information and a persuasive phone manner were enough to give the hackers all they needed to get into MGM’s systems and create what is likely to be some very expensive havoc that will hurt both the…

Source…