11 February 2022 | Asia Cyber Summary

In the Spotlight this Week:

  • China suspected of News Corp cyber espionage attack

  • Customer data accessed without authorization in security breach at Hong Kong online shopping platform

  • US arrests two and seizes USD 3.6B in cryptocurrency from Bitfinex hack

  • Data of Puma employees stolen in Kronos ransomware attack

  • Russian law enforcement take down several cyber crime forums

China Suspected of News Corp Cyber Espionage Attack

The Chinese hackers responsible for an attack on media giant News Corp last month likely were seeking intelligence to serve China’s interests in a cyberespionage incident that shows the persistent vulnerability of corporate networks to email-based attacks, security professionals said.

Reports revealed that an incident which occurred on the 20th January at Rupert Murdoch’s media giant involved an attack on journalists’ email accounts that gave the intruders access to sensitive data. The breach – limited to several individuals working for outlets including News UK, the Wall Street Journal and the New York Post – has raised concerns over the safety of confidential sources working with journalists affected by the incident.

Customer Data Accessed Without Authorization in Security Breach at Hong Kong Online Shopping Platform

A security breach at one of Hong Kong’s largest online shopping platforms last month led to the unauthorized access of customer information such as delivery addresses, recipient names and contact numbers.

Hong Kong Technology Venture Company Limited (HKTV), HKTVmall’s parent company, said it had detected “abnormal and suspicious activities” in its computer systems on the 26th January, as servers located in other Asian regions gained unauthorized access to customer information on its delivery platform. Investigation of the breach at HKTVmall showed affected customer information could include passwords, recipient names and delivery addresses.

US Arrests Two and Seizes USD 3.6B in Cryptocurrency from Bitfinex Hack

The US Department of Justice has arrested two people and confiscated more than USD 3.6 billion worth of cryptocurrency that it said was stolen during the high-profile 2016 hack of the Bitfinex exchange, executing the government agency’s largest financial seizure. New York-based Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, were arrested on Tuesday and accused of conspiring to launder proceeds of 119,754 bitcoin valued at USD 4.5 billion, prosecutors said in a statement. The cryptocurrency was allegedly taken when Hong Kong-based Bitfinex was breached.

Lichtenstein and Morgan have been charged with conspiracy to commit money laundering, which carries a maximum punishment of 20 years in prison, and conspiracy to defraud the US, which has a maximum sentence of five years in prison.

Data of Puma Employees Stolen in Kronos Ransomware Attack

Data of 6,632 Puma employees was stolen in a ransomware attack that hit HR management platform Ultimate Kronos Group (UKG). The attack targeted Kronos Private Cloud, a service on which UKG runs application such as Banking Scheduling Solutions, Healthcare Extensions, UKG TeleStaff, and UKG Workforce Central. Kronos immediately launched an investigation into the attack and last month discovered that Puma was one of the customers impacted by the incident.

In a filing with the Maine Attorney General’s Office, UKG revealed that potentially exposed data includes names, Social Security numbers, and other personal information.

Russian Law Enforcement Take Down Several Cyber Crime Forums

Russian authorities this week announced that they have seized Ferum Shop, Sky-Fraud, and Trump’s Dumps, three well-known online shops for stolen payment card data. On February 7, the domains were seized by the Ministry of Internal Affairs of the Russian Federation’s Department “K” division, which left a message on the sites’ homepages to warn of the illegality of stealing funds from bank cards.

Russian law prohibits the production, purchase, sale, or use of counterfeit payment cards and software, devices, or other means of illegally transferring funds. However, it’s yet unclear whether the seized domains were targeting Russian banks.

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.