Hacking, Security & Privacy - Page 5

On July 4 of all days, Independence Day for Americans, the largest password leak in history occurred, dubbed "RockYou2024" by the original poster "ObamaCare" on a leading hacking forum.

There are an incredible 9,948,575,739 passwords compiled all in plain text, close to 10 billion passwords, posted by user "ObamaCare". The user registered on the hacking forum in late May 2024, previously sharing the employee database from law firm Simmons & Simmons, a lead from an online casino AskGamblers, and student applications from Rowan College at Burlington County.

The team cross-referenced the passwords in the huge "RockYou2024" leak with the data from Cybernews' Leaked Password Checker, which the site "revealed that these passwords come from a mix of old and new data breaches". Researchers said: "In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks".

Ransomware is a popular form of malware in which files on a device, server, or computer system are encrypted, and the actors (often a hacker group or syndicate) demand a ransom to decrypt the data - and it's on the rise. According to ExpressVPN, ransomware payments exceeded 1 billion USD in 2023, the highest amount ever. In the age of generative AI, increasingly sophisticated encryption methods will see this figure grow even higher.

And then there's the rise of Ransomware-as-a-Service (RaaS), which is almost like a marketplace for ransomware tools and services - powered by the anonymity of cryptocurrency, the payment of choice for ransomware groups and hackers. The democratization of cyberattacks has opened the door to virtually anyone launching a cyberattack on unsuspecting individuals, businesses, or government bodies.

In recent years, large-scale ransomware attacks have targeted the healthcare industry, network security companies, Windows users, oil pipelines, and even Costa Rica. Here's a breakdown of the most notable.

A man has been charged with stealing the credentials of people's social media and email services while on a commercial airline.

The Australian Federal Police (AFP) charged a man who was carrying a "portable wireless access device, a laptop, and a mobile phone" in his luggage. The AFP claims the man was attempting to scrape sign-in information from passengers aboard a flight by running a fake Wi-Fi network on a plane. The alleged man was reportedly creating fake Wi-Fi hotspots with SSIDs that were very similar to the network names found on flights, or an "evil twin".

When a user joined the network, they were prompted to input their credentials, which included email addresses and passwords that were then saved to the man's device. At the moment, authorities charged the man with unauthorized access to devices, along with "possession or control of data with the intent to commit a serious offense," which alludes to the man having the intention of using the data nefariously.

Microsoft confirmed it was breached on January 12, 2024, by hackers that gained access to Microsoft's corporate email accounts, leading to the theft of federal government email accounts.

While the hack was considered extremely bad at the time, and it still is, it appears the breach may be worse than initially anticipated as more Microsoft customers are receiving emails their email account has become compromised, meaning it wasn't just federal email account data stolen, but also customer data.

Microsoft blamed the attack on a Russian government-sponsored hacking organization called Midnight Blizzard, and according to the software giant, they are providing notifications to customers who were exposed to the hack through email correspondence with compromised Microsoft corporate email accounts.

An American healthcare provider that serves more than 1.2 million people is concerned a former employee from the Microsoft-owned Nuance Communications stole sensitive data on more than a million patients.

Geisinger, an American healthcare provider for more than a 1.2 million people across Pennsylvania announced a security breach took place last year that was traced back to a former employee of Nuance Communications, the Microsoft-owned IT provider. Geisinger discovered the security breach on November 29 and immediately contacted Nuance Communications, which discovered the individual removed his access before the authorities were notified.

Nuance Communications then launched its own investigation and discovered the former was terminated from their position and then two days later accessed the sensitive records, making copies of records on more than a million Geisinger patients. The data includes birth dates, addresses, hospital admissions, discharge records, medical data, and demographic information. Notably, financial and insurance information wasn't stolen, according to Geisinger.

Uhh... so the United States Federal Reserve has been hacked, with a new post on a Dark Web leak site associated with ransomware group LockBit, holding 33TB of incredibly confidential financial data from the Fed.

On June 23, 2024 at 8:27 UTC, LockBit announced it had hacked into the systems of the Federal Reserve, with 33TB of sensitive banking information taken. The data includes confidential details of American banking activities, which if veritified, would make this one of the largest breaches of financial data in history.

The post reads: "Federal banking is the term of a way the Federal Reserve of the United States distributes its money. The Reserve operates twelve banking districts around the country which oversee money distribution within their respective districts. The twelve cities which are home to the Reserve Banks are Boston, New York City, Philadelphia, Richmond, Atlanta, Dallas, Saint Louis, Cleveland, Chicago, Minneapolis, Kansas City, and San Francisco".

A hacker has claimed to have breached Apple security and extracted the source for three internal Apple tools, only a day after the same hacker claimed to have breached AMD.

BreachedForums user "IntelBroker" announced yesterday they infiltrated AMD and stole customer databases, upcoming product specifications and plans, internal financials, source code, firmware and ROMs, and information on employees - names, user IDs, phone numbers, and other sensitive information. Notably, this isn't the first time IntelBroker has claimed responsibility for a high-profile hack.

Europol, Home Depot, and the Pentagon all admitted to experiencing a breach this year, all of which IntelBroker claimed responsibility for and placed the hacked information onto the dark web for sale. However, it's one thing to claim responsibility for a hack and another to have actually hacked who you are claiming and extracted valuable data.

Hacking groups have been using a piece of weaponized code for nearly 10 years to access both Windows and Linux operating systems, and now security researchers have discovered it is not a variant of other malware but its own individual entity.

A new report published by Trend Micro has outlined a go-to form of malware used by Chinese-state-sponsored hacking groups such as Iron Tiger and Calypso. The piece of malware is believed to have been used since at least 2016, and was originally thought to be a variant of other famous malware such as Gh0st RAT and Rekoobe. Trend Micro reports the new malware isn't a variant of the aforementioned malware, but a "new type altogether".

The publication suspects its currently being used by many Chinese hacking groups performing espionage or cybercrime, and it has been dubbed "Noddle RAT". The new form of malware has been confirmed on both Windows and Linux machines, with some instances dating back as far as July 2016.

A hacking group has claimed to have stolen an astonishing 500 million Ticketmaster customers' data, which includes a treasure trove of sensitive user data.

It was only last month Ticketmaster was slapped by the Department of Justice (DOJ), which filed an anti-trust lawsuit against Ticketmaster's parent company Live Nation Entertainment over its alleged monopoly on the entertainment industry. Now, Ticketmaster is reportedly suffering as a hacking group claimed to have stolen more than 500 million Ticketmaster customers' data in a recent attack, which the group is now turning around and attempting to sell for $500,000.

According to the hacker group the treasure trove of stolen data is approximately 1.3 terabytes and contains various sensitive user information such as full names of Ticketmaster customers, their addresses, phone numbers, email addresses, order history and ticket purchase details. It doesn't stop there. The group also claims to have scraped customers' payment data which includes names and the last four digits of their credit card numbers that were used at checkout of the ticketing service.

United States authorities announced they have arrested the administrator behind what is likely the world's largest botnet, which included more than 19 million compromised Windows machines across multiple countries.

The description of the world's largest botnet comes from FBI director Christopher Wray, who said the botnet was used to gather millions of dollars from people over the last 10 years. More specifically, the FBI director said to the Justice Department that a international cyber operation was conducted to identify the alleged administrator of the botnet known as "911 S5", who was found to be the individual Yunhe Wang. Wang was arrested and US authorities "seized infrastructure and assets, and levied sanctions against Wang and his co-conspirators," said Wray.

The infection of this botnet was truly global, with US officials writing the 911 S5 Botnet had infected PCs in nearly 200 countries and "facilitated a whole host of computer-enabled crimes, including financial frauds, identity theft, and child exploitation." Moreover, the US Treasury wrote in its announcement Wang didn't act alone in the venture, and named two more alleged perpetrators, Jingping Liu and Yanni Zheng. In total, the US authorities believe the botnet netted Wang and others involved $99 million.