In the spotlight this week:
Medical technology company Olympus discloses cyber attack
Australia issues a new ransomware plan to create ransomware offences and reporting regime
Microsoft says it mitigated one of the largest DDoS attacks ever recorded
Critical flaw in OpenSea could have allowed hackers to steal cryptocurrencies from wallets
Romance scammers exploit Apple's developer program to spread fake cryptocurrency apps
Japanese medical technology company Olympus revealed that its operations in the Americas were affected by a cyberattack. The attack forced the company to shut down some of its systems, but Olympus says that it is already working on restoring them back to normal.
Olympus did not share further details on the type of attack that targeted its American systems, but the action it took in response to the incident suggests ransomware might have been used. This is the second cyberattack on technology giant Olympus in a month's time, and it should be received as a wake-up call that no large global corporation should consider itself safe from ransomware attacks.
The Australian government announced a new set of standalone criminal offences for people who use ransomware under what it has labelled its Ransomware Action Plan.
Under the new plan, people who use ransomware to conduct cyber extortion will be slapped with new stand-alone aggravated criminal charges. Both the acts of dealing with stolen data knowingly obtained in the course of committing a separate criminal offence and that of buying or selling malware for the purposes of undertaking computer crimes are also now criminalized.
Microsoft says it was able to mitigate a 2.4Tbps Distributed Denial-of-Service (DDoS) attack in August. The attack targeted an Azure customer in Europe and was 140 percent higher than the highest attack bandwidth volume Microsoft recorded in 2020. It also exceeds the peak traffic volume of 2.3Tbps directed at Amazon Web Services last year, though it was a smaller attack than the 2.54Tbps one Google mitigated in 2017.
Microsoft says the attack lasted more than 10 minutes, with short-lived bursts of traffic that peaked at 2.4Tbps, 0.55Tbps, and finally 1.7Tbps. DDoS attacks are typically used to force websites or services offline, by flooding them with an amount of traffic that a web host cannot handle. They are usually performed through a botnet, a network of machines that have been compromised using malware or malicious software to control them remotely. Azure was able to stay online throughout the attack, thanks to its ability to absorb tens of terabits of DDoS attacks.
A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could have been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation.
The attack relies on sending victims a malicious NFT that, when clicked, results in a scenario whereby rogue transactions can be facilitated through a third-party wallet provider simply by providing a wallet signature to connect their wallets and perform actions on the targets' behalf. Bad actors know they have an open window right now to take advantage of, with consumer adoption spiking, while security measures in this space still need to catch up.
Fraudsters are using the promise of love to lure victims into downloading fake cryptocurrency trading apps and then stealing their funds.
The ongoing campaign, dubbed “CryptoRom”, has targeted victims using dating apps like Bumble, Tinder, and Grindr to build trust with a victim. They then move the conversation to a messaging app, where they ask victims to install a fake trading app. Thieves have managed to swipe nearly $1.4 million with the ruse, according to an analysis of a Bitcoin wallet used by one of the scammers. Some 23,000 victims of romance scams reported more than $605 million in losses to the FBI in 2020.
Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.