Cybersecurity news headlines for July 1-31, 2020

Cybersecurity news headlines for July 1-31, 2020

In July’s edition of cybersecurity news headlines, we primarily report on one of the biggest cybersecurity incidents of the year – the Twitter hack. We also discuss CouchSurfing suffering a data breach that exposed information of 17 million users, and countries considering following India’s example of banning viral video sharing app TikTok.

Here’s what made some of the biggest headlines in July.

Twitter accounts of Elon Musk, Apple, Barack Obama and many more hijacked to promote a Bitcoin giveaway scam

In one of the biggest cybersecurity incidents this year, Twitter accounts of prominent people and companies were hijacked for a short period of time. Among hijacked accounts were those that belong to Bill Gates, Elon Musk, Barack Obama, Kim Kardashian, Apple, CoinDesk, Binance, and Jeff Bezos. Overall, 45 Twitter accounts were hijacked. All hijacked accounts were used to promote a Bitcoin giveaway scam.

On July 15, verified Twitter accounts belonging to people and companies with millions of followers started tweeting about a Bitcoin giveaway. The posts, which were taken down shortly after, said that anyone who sends Bitcoin to the shown address will get back double the amount.

While this is a fairly typical scam that has been around for a long time, using legitimate accounts to promote it clearly paid off, as many users actually sent their Bitcoins, earning cyber criminals almost $120,000 in mere minutes.

Coinbase later revealed that it managed to block 1,100 of its users from sending $280,000 to the address. The cryptocurrency exchange service later said it noticed the scam minutes after Binance and Gemini’s Twitter  accounts posted the Bitcoin giveaway tweet, and were able to blacklist the address immediately. It appears that with how common cryptocurrency giveaway scams are, Coinbase has a lot of experience with noticing scams and blocking wallet addresses in time. Nevertheless, 14 Coinbase users were able to send $3,000 before the address was blocked.

It didn’t take long for Twitter to notice that some accounts have been hijacked, and after removing the posts, they blocked all verified accounts from posting, as well as stopped some users from resetting their passwords. The restrictions lasted for a couple of hours, but soon after the accounts were returned to normal.

After an investigation, Twitter disclosed that the hack wasn’t a case of a weak password. In what the social media giant has called “a coordinated social engineering attack”, attackers successfully targeted Twitter employees who have access to internal systems and tools, and were able to briefly hijack certain accounts.

Twitter continuously updates the general public about the ongoing investigation, and one of the most recent updates reveals that a spear phishing attack was used to target a small number of employees.

“A successful attack required the attackers to obtain access to both our internal network as well as specific employee credentials that granted them access to our internal support tools. Not all of the employees that were initially targeted had permissions to use account management tools, but the attackers used their credentials to access our internal systems and gain information about our processes. This knowledge then enabled them to target additional employees who did have access to our account support tools,” Twitter explained.

From there on, the attackers used credentials of employees with access to those tools to target accounts. The attack targeted 130 accounts, but attackers sent a tweet from 45 of them. 8 accounts, none of which are verified, also had their data downloaded, and 36 users had their DMs accessed. Reportedly, among the 36 was 1 elected official in the Netherlands.

The significance of this hack is not how much money cyber criminals earned, it’s the fact that Twitter accounts of highly influential people were taken over by someone with malicious intentions. While Twitter has said only 8 accounts had their data downloaded, the fact that cyber crooks had, even if only for a short period of time, access to highly influential accounts is quite worrying.

Though it is quite strange that cyber criminals went through all that trouble to perform such a sophisticated attack for a mere Bitcoin giveaway scam. And with law enforcement closely tracking the Bitcoin addresses connected to this scam, cyber criminals would have had a hard time cashing out.

On July 31, three individuals, Mason Sheppard (also known as “Chaewon”), 19, Nima Fazeli (aka “Rolex”), 22, and a 17 year old teenager were charged in connection to the Twitter hack. It is believed that multiple parties bought access to the Twitter accounts.

CouchSurfing suffers possible data breach, 17 million user data leaked

Free lodgings service CouchSurfing has reportedly suffered a data breach, potentially exposing information of 17 million users. News of the possible breach come to light after details of 17 million users appeared on hacking forums.

Technology news site ZDNet reported that the data was being sold for $700 at the time. According to the data broker who ZDNet was in contact with, the data was advertised as taken from CouchSurfing’s servers in July 2020.

ZDNet was able to confirm that the data was legitimate after reviewing samples. Included in the data was user IDs, real names, email addresses, and CouchSurfing account settings. Passwords were not included in the samples ZDNet received but that does not necessarily mean they were not taken. Hackers may have simply chosen to not include them in the sample. The data of 17 million CouchSurfing users was initially shared in private Telegram channels, but later became available on hacking forums as well.

The company said it has contacted an independent security firm, the FBI, Secret Service and IC3, and is looking into the incident. However, no additional information has been revealed since then.

The data is being sold for $700, which may seem like a too small amount for 17 million records. However, if passwords were not part of the breach, the data is far less valuable, as it could not be used to perform credential stuffing attacks. Instead, whoever buys the data would likely use it for spamming purposes.

Countries including the US are considering banning TikTok

Viral video sharing app TikTok, among other 58 Chinese apps, was banned in India last month. The ban came amidst rising tensions between China and India over deadly clashes at the border, and was deemed necessary as the app is believed to be a national security risk. Following India, other countries are also considering banning their citizens from accessing the app.

TikTok, which has been downloaded more than two billion times, has long since been associated with the Chinese government. The video sharing app has denied any ties to the government and has made effort to distance itself from China, including hiring an American CEO. TikTok says it would never share user data with China. In a letter to the Indian government, TikTok’s CEO Kevin Mayer said they have never received requests from China to hand over user data, and if they were to receive such a request, they would not comply. This has done very little to reassure government officials.

When asked whether he would recommend downloading TikTok, Secretary of State Mike Pompeo said he recommends it for those who want their private information in the hands of the Chinese Communist Party. He also mentioned that banning the viral video sharing app is also something the US government is considering. If the ban actually happens, which seems likely, TikTok stands to lose hundreds of millions of users.

Furthermore, Japan may also consider banning the app in the near future. A group of Japanese lawmakers is proposing banning TikTok over fears it’s sharing user data with the Chinese government. The group’s proposal should be submitted to the government for consideration as early as September.

References

Site Disclaimer

WiperSoft.com is not sponsored, affiliated, linked to or owned by malware developers or distributors that are referred to in this article. The article does NOT endorse or promote malicious programs. The intention behind it is to present useful information that will help users to detect and eliminate malware from their computer by using WiperSoft and/or the manual removal guide.

The article should only be used for educational purposes. If you follow the instructions provided in the article, you agree to be bound by this disclaimer. We do not guarantee that the article will aid you in completely removing the malware from your PC. Malicious programs are constantly developing, which is why it is not always easy or possible to clean the computer by using only the manual removal guide.

Leave a comment

Your email address will not be published.