Lazarus Attributed to Taiwan Bank Heist – As reported on here on Oct 11, all evidence of the actors behind the failed $60M bank heist in Taiwan, now points to the Lazarus Group. Some of those attempting to steal via fraudulent transactions on a compromised Swift account in Taiwan from foreign banks located in Sri Lanka, Cambodia and the US, have been arrested after one attempted to withdraw nearly $250K of the stolen funds. BAE Systems reported on the hack and stated that it began with a spear-phishing campaign that delivered malicious Microsoft Office documents to bank employees that installed malware enabling lateral movement using SMB. After incorrectly using certain banking codes whilst trying to transfer the money, the bank was alerted but the hackers began distributing the Hermes ransomware on the banks network to slow the investigations and destroy any evidence of their intrusion. The modus operandi fits with previous attacks attributed to the hacking group associated with North Korea but the banks are getting better at spotting these attacks now but I am sure it won’t be the last time we see Swift compromised.
Google’s New Advanced Protection – A good news story for once from the world of cyber security. Google have released a new advanced feature that adds even more security to your account if you are a high risk individual with a lot to lose if you were to be hacked. For the time being, even if an attacker gets your password and attempts to access your account, with the new feature they will not be able to get in. To use the new feature, a user will require two physical security keys that work with FIDO Universal 2nd Factor (U2F). To log in via a computer, a user will need a special USB stick and accessing via a smartphone will require a bluetooth-enabled dongle that is paired with the user’s phone. No security key, then no access to the account. Two other features included if you sign up are limited data access and sharing for anything other than Google apps and the blocking fraudulent account access. A step in the right direction for securing sensitive data.
Hackers can Track, Spoof Locations and Communicate via Kids’ Smartwatches – A Norwegian project has found that kids’ smartwatches are riddles with security flaws allowing attackers nearly complete access to the devices. The vulnerabilities found meant that by using some pretty basic hacking techniques, attackers could gain control of the watches and use them to track, eavesdrop and communicate with the wearer. The watches in question are the Xplora, Viksfjord and Gator 2 devices, who subsequently have all been reported to the Norwegian Data Protection Authority. If your children have these devices or anything similar, it is worth doing a little bit of testing to see if the same flaws exist.