Infosec Round-Up Aug 13th

Play Video

Apple Privacy, Crypto Hack & Crytek Ransomware

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Apple Responds to Criticism

Following backlash regarding the announcement that Apple will be scanning US users iPhones for child sexual abuse material (CSAM), Apple has pledged to not “expand” the system for any reason.

The plans announced mean that the technology company will cross-reference iPhone content against a database of known CSAM hashes. A move which privacy advocates have criticised, citing its possible misuse as, amongst other things, a spying tool to be abused by authoritarian governments.

Despite this, Apple noted that it “will not accede to any government's request to expand" the system, and that the anti-CSAM tool would not allow the company to see or scan a user’s photo album, only checking photos that are shared via iCloud.

Welcomed, and even applauded by some, the UK’s Health Secretary Sajid Javid praised the decision, calling for others, especially Facebook, who recently announced a move in the opposite direction, to follow suit.

Attempting to quell fears, Apple has stated: “The likelihood that the system would incorrectly flag any given account is less than one in one trillion per year.”

Crypto Hacker Return Funds

The hacker behind one of the biggest cryptocurrency thefts in history has returned over half of the $611 million worth of assets stolen earlier this week.

The theft was confirmed by Chinese blockchain company Poly Network on the 10th of August, stating that hackers had exploited a ‘contract calls’ vulnerability which allowed them to make off with thousands of digital tokens, including Ether, Binance, and USDC.

With the threat actor starting to return funds within hours of the attack being publicly acknowledged, in a peculiar Q&A published via Twitter, they claim to have been motivated by exposing security flaws and not by money.

Despite this, millions of dollars’ worth of crypto remains in the hacker’s accounts, with some sceptical parties suggesting that this explanation may only be a post-hoc reaction to fears their identity may be uncovered.

Tom Robinson, co-founder of Elliptic, a blockchain analytics company, speculated, “I wonder whether this hacker stole the funds, realised how much publicity and attention they were getting, realised wherever they moved the funds they would be watched, and decided to give it back”.

Game Developer Ransomware Attack

German game developer and publisher Crytek has publicly confirmed a significant ransomware attack on its systems which occurred in October of last year.

Conducted by the Egregor ransomware syndicate, systems were not only encrypted, but files containing the personal information of customers was also stolen; information which was subsequently leaked via the gang’s darknet website.

Having informed affected individuals only this month, the communication sought to minimise the potential impact of the leak, suggesting the gang’s website was “difficult to identify” and that cyber criminals would likely be discouraged by the “huge risk” of malware possibly embedded within the documents.

With Egregor responsible for attacks on other developers, including Ubisoft, the ransomware-as-a-service syndicate has been operational since late 2020, and has claimed an estimate 200 victims since its launch.

In the announcement, Crytek noted on the incident, “We took immediate action to prevent the encryption of our systems, further secure our environment, and initiate an internal and external investigation into the incident.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

Infosec Round-Up Aug 6th

Infosec Round-Up Aug 6th - Hut Six

Zoom to pay $86 million on privacy lawsuit. LockBit 2.0 cyber criminals recruiting insider threats. Isle of Wight schools hit with ransomware attack.

InfoSec Round-Up July 30th

InfoSec Round-Up July 30th - Hut Six

Israeli government raids NSO Group offices. Biden warns cyber breach could lead to "hot-war". Irish DoH data leak.

InfoSec Round-Up July 23th

InfoSec Round-Up July 23th - Hut Six

NSO responds to international criticism. Saudi Aramco hacked for a second time. Chinese government denies involvement with Microsoft Hack.

InfoSec Round-Up July 16th

InfoSec Round-Up July 16th - Hut Six

UK Police seize £180 million in money laundering investigation. REvil ransomware website mysteriously disappears. Iran targets British academics in phishing attack.

InfoSec Round-Up July 2nd

InfoSec Round-Up July 2nd - Hut Six

Member of public finds Ministry of Defence (MoD) documents. Salvation Army loses data in cyber attack. Denmark's Central Bank affected by SolarWinds hack.

InfoSec Round-Up June 25th

InfoSec Round-Up June 25th - Hut Six

Prolific phishing scammer arrested for 25k SMS messages. Scotland's EPA announces 4 thousand files were stolen. Security icon John McAfee found dead.

InfoSec Round-Up June 11th

InfoSec Round-Up June 11th - Hut Six

New York Time, the Guardian, Reddit and more unavailable. JBS pays $11 million ransom to attackers. FBI created fake end-to-end encrypted chat app.

InfoSec Round-Up June 4th

InfoSec Round-Up June 4th - Hut Six

Meat Supplier JBS grinds to a halt. The ICO fines Conservatives £10K. Swedish Public Health Agency hacked.

InfoSec Round-Up May 28th

InfoSec Round-Up May 28th - Hut Six

UK's ICO fines Amex £90K for marketing emails. Japanese government responds to supply chain attack. Darkside criminal gang strike again.

InfoSec Round-Up May 21st

InfoSec Round-Up May 21st - Hut Six

Fuel supplier pays a huge $4.4 million ransomware to criminals. Russia "unconvincingly" denies involvement with SolarWinds hack. FTC reports $80 million has been lost to scams.