Here's this week's recap – a brief summary of hacks and threats Cybernews observed between February 20 and February 24.
Cyberwar at a glance
It’s been a year since Russia started a full-scale invasion of Ukraine, triggering a cyberwar – assuming that’s even a thing. According to experts, a full-scale and separate cyberwar is not a realistic prospect but rather a tool in a wider conflict. Gintaras Radauskas has a comprehensive analysis of the past year on the cyberfront for you to dig into.
Thought to be a superpower in cyberwarfare, Russia hasn’t been able to hit Ukraine’s network as hard as anticipated. It’s usually pro-Russian and pro-Ukrainian hacktivists making all the fuss – and the headlines.
This week, hackers claiming allegiance to Ukraine purportedly silenced Vladimir Putin during his address to the Duma. Journalists in multiple locations reported being unable to access the live broadcast at different points of the speech.
Meanwhile, pro-Russian hacker collective Zarya started developing its version of the Mirai botnet, intended to recruit more devices from the web that could potentially become the group’s unwilling soldiers. Zarya, which formerly operated under the wing of partisan hacker collective Killnet, has befriended threat actors from Akur Group, a hosting provider for pro-Russian hacktivist groups.
Cybernews exclusive research
This week, we published two reports of our own. They serve as yet another stellar example that privacy, well, is just a myth.
Our in-house researchers discovered a popular voice-chat app, OyeTalk, leaking sensitive user data. And not just any data, but private conversations. The platform that allows users to interact in discussion rooms on various topics and host podcasts left a 500MB-strong dataset exposed to the public. It contained unencrypted user chats, usernames, and cellphone International Mobile Equipment Identity (IMEI) numbers.
During another routine investigation, our researchers stumbled upon a 1.5GB-strong open database with nearly 45 million documents. They were able to attribute it to Fayvo – a Saudi Arabia-based social media app. The app – designed to "keep track of all your favorite things" from food to fashion – contained full user names, usernames, email addresses, phone numbers, dates of birth, post details, and profile images.
When online, act as if you are in public, keeping in mind that everything you do, say, and take pictures of might be seen by others.
Exciting tech’s scary side
Many people get really excited about the opportunities that tech innovation brings. However, it has yet another dark side. Let’s forget about privacy and leaks just for now: sometimes the danger lurking in our favorite social media apps and devices can be physical.
Electrical and computer engineering professors at the University of Utah published a study claiming that smartwatches, fitness trackers, and other wearable devices could trigger a potentially fatal heart attack in people with cardiac implants. Researchers tested three specific cardiac implantable devices and four mainstream wearable tech gadgets, including the Samsung Galaxy Watch 4.
“Slight electrical currents from these wearable gadgets can interfere and sometimes confuse cardiac implantable devices into operating incorrectly,” the study concluded.
Another worrying trend was highlighted by Human Rights Watch (HRW). According to the organization, Middle East authorities systematically use communication, social media, and dating apps such as WhatsApp, Grindr, and Facebook to entrap LGBT people. Officials often pretend to be community members to lure victims into a trap and take them into custody, where they are subjected to human rights abuses.
Summary of hacks and breaches
- GoDaddy, a web hosting behemoth, said the company suffered from a multi-year breach after attackers installed malware on its servers.
- Activision has suffered a data breach as well, with threat actors accessing the game publisher’s corporate Slack environment and game-release calendar. Activision has confirmed the attack.
- And in a bizarrely surreal twist, the BlackCat ransomware gang (ALPHV) has listed the City of Lakewood, Washington, on its data leak site, urging the affected companies to sue the municipality.
- Meanwhile, an all-too-real threat has been discovered at the US Department of Defense, whose cloud server was found wide open on the internet, leaking vast amounts of sensitive US military emails.
- And BlackCat surfaces again, albeit up against some stiff opposition: a US-based healthcare system that runs more than a dozen hospitals has refused to pay extortion money to the Russia-linked hackers.
- Finally, the cryptocurrency exchange Coinbase said the attackers behind the breach it suffered recently are likely the same group that targeted Twilio and Cloudflare.
Subscribe to our newsletter