28 Oct 2022 | Asia Cyber Summary

In the spotlight this week:

• Data of Alleged 2.6M Carousell Accounts Being Sold on Dark Web, Hacking Forums
• Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans
• Turkey Secretly Helped Pakistan In Setting Up Cyber-Army Against India
• Pathology Company Australian Clinical Labs Reveals it was Hit by Cyber Attack Eight Months Ago
• Australia Flags Increased Penalties for Data Breaches Following Major Cyber Attacks
  ‍

Data of Alleged 2.6M Carousell Accounts Being Sold on Dark Web, Hacking Forums

A database of  2.6 million user accounts was allegedly stolen from the online market Carousell and is being offered for sale on the Dark Web and hacking forums, for SGD 1000. Carousell said on Friday night that a bug was introduced during a system migration and exploited by a third party to obtain unauthorized access, compromising the data of affected users. The company's representative stated the fault has since been rectified and that no payment and credit card information has been compromised. The exposed data includes the usernames, first and last names, email addresses, mobile phone numbers, country of origin, account creation date, and victims’ follower count.

‍

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

North Korean threat actor ‘Kimsuky’ has been observed using three different Android malware strains to target users located in South Korea. Kimsuky, also known as Black Banshee, Thallium, and Velvet Chollima, is thought to have been given a global intelligence-gathering mission by the North Korean government, one that disproportionately targets people and organizations in South Korea, Japan, and the United States. 

The three malwares dubbed FastFire, FastViewer, and FastSpy are the latest additions to its evolving Android malware arsenal, which are designed to receive commands from Firebase and download additional payloads.

‍

Turkey Secretly Helped Pakistan In Setting Up Cyber-Army Against India

Under the guise of a bilateral agreement on cooperation against cyber crimes, Turkey has secretly assisted Pakistan in establishing a cyber army that was used to further internal political objectives as well as to launch attacks against the USA and India. The cyber army was responsible for shaping public opinion by influencing the views of Muslims in Southeast Asia in an effort to undermine criticism that was made against Pakistan’s leaders. The cyber army was found to have hacked political opponents' emails and social media accounts, gathered personal information from their cell phones and computers, and subsequently used the compromised information to harass and occasionally blackmail dissidents.

‍

Pathology Company Australian Clinical Labs Reveals it was Hit by Cyber Attack Eight Months Ago

Pathology company Australian Clinical Labs (ACL) has revealed that it was hit by a cyber attack eight months ago which saw the data of 223,000 of its customers compromised and published on the dark web. The most concerning compromised data includes individual medical and health records associated with a pathology test, credit card numbers and attached names, as well as Medicare numbers and names. 

‍

Australia Flags Increased Penalties for Data Breaches Following Major Cyber Attacks

Following high-profile hacks that affected millions of Australians in recent weeks, Australia will introduce laws to parliament that would stiffen penalties for businesses that suffer major data breaches, next week. Maximum fines for major or repeated privacy violations would increase from the existing AUD 2.22 million (USD 1.4 million) to the greater of AUD 50 million, three times the value of the benefit derived through the misuse of information, or 30 percent of turnover in the relevant period, whichever is greater.