Tag Archive for: Calling

Ransomware gang’s new extortion trick? Calling the front desk

/in


When a hacker called the company that his gang claimed to breach, he felt the same way that most of us feel when calling the front desk: frustrated.

The phone call between the hacker, who claims to represent the ransomware gang DragonForce, and the victim company employee was posted by the ransomware gang on its dark web site in an apparent attempt to put pressure on the company to pay a ransom demand. In reality, the call recording just shows a somewhat hilarious and failed attempt to extort and intimidate a company’s rank-and-file employees.

The recording also shows how ransomware gangs are always looking for different ways to intimidate the companies they hack.

“It’s increasingly common for threat actors to make contact via telephone, and this should be factored into organizations’ response plans. Do we engage or not? Who should engage? You don’t want to be making these decisions while the threat actor is listening to your hold music,” said Brett Callow, a threat analyst at Emsisoft.

In the call, the hacker asks to speak with the “management team.” Instead, two different employees put him on hold until Beth, from HR, answers the call.

“Hi, Beth, how are you doing?” the hacker said.

After a minute in which the two have trouble hearing each other, Beth tells the hacker that she is not familiar with the data breach that the hacker claimed. When the hacker attempts to explain what’s going on, Beth interrupts him and asks: “Now, why would you attack us?”

“Is there a reason why you chose us?” Beth insists.

“No need to interrupt me, OK? I’m just trying to help you,” the hacker responds, growing increasingly frustrated.

The hacker then proceeds to explain to Beth that the company she works for only has eight hours to negotiate before the ransomware gang will release the company’s stolen data.

“It will be published for public access, and it will be used for fraudulent activities and for terrorism by criminals,” the hacker says.

“Oh, OK,” says Beth, apparently nonplussed, and not understanding where the data is going to be.

“So it will be on X?” Beth asks. “So is that Dragonforce.com?”

The hacker then threatens Beth, saying they will start calling the…

Source…

After recent spate of cyber attacks, Schumer is calling on feds to crack down on hackers

/in


STATEN ISLAND, N.Y. — In response to a string of data breaches among such retailers as American Airlines, DoorDash, Uber and U-Haul over the last month, U.S. Senator Charles Schumer, is calling on the federal government to crack down on cyber hackers.

Schumer is calling on the Federal Trade Commission (FTC) to ensure companies are doing everything they can to protect consumer data. In addition, he wants the Department of Justice (DOJ) to fully investigate and go after hackers aiming to harm Americans and New Yorkers.

Schumer on Sunday cited a March 2022 law that gave the feds more oversight on hacks, and said more public information for impacted consumers should be made available. The new law, the Cyber Incident Reporting Act, according to Bloomberg, mandated that companies report hacks to the U.S. Department of Homeland Security within 72 hours of discovery of the incident, and 24 hours if they make a ransomware payment.

“In roughly the last 30 days, vital and personal information has been hacked at many major U.S. companies, compromising people’s privacy. Yet, if you ask most people about these hacks they don’t even know they occurred and the feds are saying very little,” said Schumer. “In fact, for a lot of consumers, unless you have a service—which often comes at a cost—you are not aware of these breaches and hacks. And in some cases, even if you do have a service that alerts you, information about where your personal information went, the origin of the hack and so much more is elusive.”

Schumer said many consumers are “clueless” about these recent hacks and others that have preceded them. He wants the feds to publicly disclose more details about recent breaches, and give impacted consumers more help and information.

“The feds have a law on the books to glean more information on major hacks, so the message today is: give consumers the details and investigate who is hacking,” said Schumer. “If a company is not doing right by their customers’ very personal information, then hold them to account as well. That is the two-pronged message today.”

RECENT DATA BREACHES

According to Schumer’s office, here are the most recent data breaches:

Sept. 20: American…

Source…

Calling a Hack an Exploit Minimizes Human Error

/in


Yesterday, beginning at 18:24 UTC, someone or something exploited a security vulnerability on Wormhole, a tool that allows users to swap assets between Ethereum and a number of blockchains, resulting in the loss of 120,000 wrapped ether (or wETH, worth about $321 million) on the platform.

This is the second largest decentralized finance (DeFi) attack to date, according to rekt’s leaderboard, in an industry where security exploits are fairly common and part of users’ risk curve. There’s a whole business made out of code reviews, a lexicon of industry-specific jargon to explain what’s going on and something of a playbook to follow if and when “hacks” inevitably occur.

This article is excerpted from The Node, CoinDesk’s daily roundup of the most pivotal stories in blockchain and crypto news. You can subscribe to get the full newsletter here.

Wormhole, apart from catching and patching this bug earlier, has seemingly tried to do the right thing: They shut down the platform to prevent further losses, notified the public of what they know and announced Jump Trading is on the line to replenish the stolen coins.

Read more: Blockchain Bridge Wormhole Suffers Possible Exploit Worth Over $326M

Furthermore, in a move that’s becoming increasingly common, the Wormhole Deployer has posted an open message to the exploiter on Ethereum offering them a “white hat agreement” and $10 million for an explanation of the attack in exchange for the stolen funds.

Excuse the simile, but this is like waiting for a magician to pull a rabbit from a top hat. The world is waiting to see whether they’re dealing with a “white” or “black” hat hacker, terms meant to explain a hacker’s motivations. The reality is likely to be a little more gray.

Hacks vs. exploits

“Black hat hackers are criminals who break into computer networks with malicious intent,” according to Kaspersky security experts. They may use malware, steal passwords or exploit code as it’s written for “self-serving” or maybe “ideological” reasons. White hats, aka “ethical hackers” or “good hackers,” are the “antithesis.”“They exploit computer systems or networks to identify their security flaws so they…

Source…

White House to discuss software development with tech executives, calling it ‘key national security concern’

/in


The January discussion between tech executives and White House officials is needed because open-source software is widely used but is maintained by volunteers, making it “a key national security concern,” Sullivan said in a letter to tech firms, excerpts of which the White House shared with reporters.

Invitees include software development firms and cloud service providers, according to the White House. A National Security Council spokesperson declined to say which companies had been invited.

The letter follows the discovery this month of a vulnerability in software known as Log4j that organizations around the world use to log data in their applications.

Ransomware gangs and hackers linked with the governments of China, Iran, North Korea and Turkey have moved to exploit the flaw as tech firms and government agencies have raced to apply software patches.
The US Cybersecurity and Infrastructure Security Agency, which has said that hundreds of millions of devices could be exposed to the vulnerability, issued an “emergency directive” on December 17 ordering federal civilian agencies to update their systems.

An agency spokesperson told CNN on Thursday that there is no indication that any agency has been hacked using the vulnerability in Log4j.

While no US agencies have confirmed a breach via the vulnerability, the Belgian Defense Ministry told local media outlets this week that it had shut down parts of its computer network in response to a hack using the flaw.

Cybersecurity executives have called the vulnerability one of the most critical software bugs in years and warned that it could take weeks or months to fully assess the impact.

While the world’s richest companies rely on it, the Log4j software is maintained by a group of volunteers at the nonprofit Apache Software Foundation, who have worked long hours to address the flaw.

The vulnerability in Log4j “will define computing as we know it, separating those that put in the effort to protect themselves and those comfortable being negligent,” said Amit Yoran, the CEO of the Maryland-based security firm Tenable.

It’s precisely that dearth of investment in critical software that the White House wants to address.

President Joe Biden in May…

Source…