What Happened in May? A Review of Cyber Events
Learn more about Utopia P2P benefits here.
But today we offer a look at 5 news stories for May. We have included events related to both data leakage and hacker attacks and deceptions.
What happened during the winter 2022? Read more here.
The review of cyber events
#1 Hacker stole $1.5 million worth of NFTs using phishing link
29 Moonbirds worth about 750 ETH ($1.5 million) were stolen from their owner DigitalOrnithologist.
Even though Moonbirds was released just a month ago, the collection quickly equaled the Bored Ape Yacht Club as a target for hackers. The NFT, created by Proof Collective venture capitalist Kevin Rose, rapidly gained popularity and almost immediately after the launch was at the center of a phishing scam.
Twitter user 0xLosingMoney linked the new attack to a Twitter account called @DVincent_, which then disappeared along with the corresponding OpenSea page. He also noted that before the attack, other NFT holders reported that @DVincent_ had approached them with a request for private sales.
For example, the owner of Bored Ape @just1n_eth wrote that “we have agreed on the price. This person insisted that we use a platform called “p2peers.io.” I’ve been in this sector for over a year and haven’t heard of it. I immediately realized that the case was not clean.”
But the p2peers website, registered to a company from Finland, seems to have stopped working. According to Tal Beeri, security research manager, co-founder, and technical director of ZenGo, the point of sending people to such sites is to fraudulently force victims to sign and approve a transaction that transfers ownership to an attacker.
Do you want to become a NFT artist? Here is a guide.
#2 Tens of thousands of WordPress sites have been attacked by cybercriminals
Sites running WordPress and using the Epsilon Framework platform have faced massive attacks by intruders. According to the data, hackers from 18 thousand IP addresses have already carried out about 7.5 million attacks on more than 1.5 million sites to search for potentially vulnerable resources.
The vulnerability was found in 15 so-called themes (templates for page design) of the Epsilon Framework platform. Potentially, the vulnerability makes it possible to seize control of the site.
To reduce the likelihood of an attack, it is recommended to update the themes used on the sites to the latest version.
#3 General Motors a faced cyberattack
The servers of General Motors were subjected to a hacker attack, as a result of which confidential information about customers was disclosed.
Among the data stolen by the attackers are the names, home addresses, and phone numbers of car owners, as well as the mileage of their cars, and the history of route searches and maintenance.
The number of affected customers at GM has not been disclosed, but according to data, there are more than 500 of them in California alone.
The data theft did not happen immediately: the attackers logged into the accounts in the spring, General Motors reported after investigating the incident. They used the method of automatic substitution of usernames and passwords (credential stuffing) — that is, sorting through login data that could be bought on the dark net.
What is the dark net? Learn all the peculiarities here.
The criminals’ goal was probably the bonus points for customers. All of them were debited from the accounts and exchanged for gift cards that can be used to pay for services and goods. All bonuses have already been returned to customer accounts.
However, with personal information, everything is not so simple. The hackers had a rather long list of data at their disposal: names, surnames, addresses (home and email), phone numbers, saved places, avatars, and even photos, as well as the history of using the car.
GM tried to reassure customers by stating that the “drain” does not contain a date of birth, insurance number, bank card, or driver’s license data — such information is not stored in the account.
How can you protect data from hackers? Find out here.
#4 A fraudster stole the data of hundreds of Verizon employees
The database of employees of one of the largest American telecommunications companies, Verizon Communications, was stolen by an unknown attacker.
It is reported that the attacker stole the data of the company’s employees and demanded $250 thousand from Verizon in order not to publish the information. The hacker said in a chat with Vice Motherboard that he had gained access to the data using social engineering methods.
A Verizon representative said that the fraudster contacted the company and demanded $250,000, threatening to disclose information. “We do not believe that the fraudster has any confidential information, and we do not plan to interact with this person in the future,” a company representative said.
The attacker claimed that he used a method of social engineering and not any software vulnerabilities. The hacker persuaded a Verizon employee to provide remote access to the computer by introducing himself to technical support staff, and then ran a script to copy data from the victim’s computer.
#5 Scammers earned $5 million on the fake distribution of cryptocurrencies on behalf of Elon Musk
Cybercriminals took advantage of Elon Musk’s broadcast on Saturday Night Live to launch a fake Dogecoin distribution on his behalf — scammers broadcast fragments of a popular TV show online, leading viewers to believe in the authenticity of the offer, and then lured them to special sites where they were deprived of crypto savings. This scheme, which is not very difficult to implement, brought fraudsters several million dollars.
The appearance of Elon Musk on the Saturday Night Live (SNL) show as a host provoked scammers to launch a criminal scheme that brought them $5 million. While the businessman was spending time on the air, a “Dogecoin distribution” was initiated on his behalf — this is a cryptocurrency, the name of which was given by a popular internet meme.
The first fraud was noticed by a company from San Francisco, TRM Labs, which gave a detailed description of this scheme. As it turned out, during the broadcast of Saturday Night Live, users who searched in the YouTube search for “Elon Musk on SNL” could see several live broadcasts that were allegedly conducted by NBC. These were streams launched by cybercriminals.
Scammers took advantage of the fact that Musk promotes Dogecoin in every possible way — he mentions it in interviews and jokes about it on his social networks. There was also a mention of cryptocurrencies during the SNL broadcast.
These fake live broadcasts included links were attached to specially created sites that offered all viewers cryptocurrency “completely free of charge.”
What does Elon Musk want to develop next? Read more here.