InfoSec Round-Up: Jan 29th

Play Video

TikTok Flaws, Broken Botnet & Ransomware Gang Takedown

TikTok Flaw Exposed Profile Details

The technology company ByteDance has fixed a security vulnerability in the social media platform TikTok, which could have allowed attackers to steal the personal information of its users.

Uncovered by security researchers at Check Point, the flaw could have allowed malicious actors to bypass privacy protections by exploiting the platforms ‘Find Friends’ function, enabling access to, amongst other data, unique user IDs and users’ phone numbers.

One of several vulnerabilities discovered by researchers, last year a different flaw was also disclosed which would have made it possible for attackers to effectively hijack user accounts, as well as steal personal data.

The platform, which has surpassed 2 billion global downloads, launched a private bug bounty program back in April of 2020, encouraging security researchers to find and report bugs before they could be exploited by malicious actors.

In a statement, a TikTok spokesperson noted, “The security and privacy of the TikTok community is our highest priority, and we appreciate the work of trusted partners like Check Point in identifying potential issues so that we can resolve them before they affect users”.

Emotet Botnet Disrupted

As part of a Europol effort, police from the UK, EU, US, and Canada have seized thousands of computers running the global botnet known as Emotet.

Originally designed as a banking trojan, the Emotet botnet spread through infected e-mail attachments, exploiting users by prompting them to “enable macros” once they had opened a malicious Word document.

Utilising a new and unique approach, the botnets infrastructure was taken down “from the inside”, with infected machines of victims being redirected towards law enforcement-controlled infrastructure.

According to the press release, Emotet was far more than just a malware, labelling it “one of the most resilient malwares in the wild”. Going on to explain how the software facilitated additional attacks by acting as a ‘loader’ for other forms of malware.

“The EMOTET infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorised access was established, [this was] sold to other top-level criminal groups to deploy further illicit activities such [as] data theft and extortion through ransomware.”

Netwalker Ransoms Seized

Several dark web websites associated with the Netwalker ransomware syndicate have been seized as part of an international law enforcement effort, with one Canadian national being charged for his involvement in the criminal enterprise.

Believed to have generated tens of millions in ill-gotten gains, Netwalker is what is known as a ‘ransomware-as-a-service’ (RaaS) operation, whereby affiliates distribute the ransomware in return for a 60-75% share of ransom payments.

Sebastien Vachon-Desjardins of Quebec, an affiliate of the gang, is alleged to have obtained at least $26 million as a result of his elicit involvement in ransomware campaigns.

The website seizures and subsequent arrest were a coordinated effort between the US Department of Justice and Bulgarian agencies, with law enforcement also seizing approximately $454,000 in cryptocurrency as part of the operation.

Dealing a significant blow to the Netwalker syndicate, FBI Special Agent Michael F. McPherson stated on the matter, “This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable for their alleged criminal actions”.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

Information Security Focus for 2021

Information Security Resolutions for the New Year: Part Two

Information Security Resolutions for the New Year: Part Two. Information security for 2021 blog post by Hut Six Security.

InfoSec Round-Up: Jan 22nd

InfoSec Round-Up: Jan 22nd - Hut Six

INTERPOL Warning, Leaked Pixlr Records & App Flaws - InfoSec Round-Up Jan 22nd

Information Security Resolutions 2021

10 Information Security Resolutions for the New Year: Part One

Information security in 2021: blog by Information security awareness training and phishing simulation provider Hut Six Security.

InfoSec Round-Up: January 17th

InfoSec Round-Up: January 17th - Hut Six

Ryuk Ransomware Gang, Cryptocurrency Fortunes & SolarWinds - InfoSec Round-Up Jan 17th

ISO 27001 vs SOC 2: What is the difference?

ISO 27001 vs SOC 2 Certification

ISO 27001 vs SOC 2 Certifications - what's the difference? SOC 2 is a type of audit report focusing on security controls. ISO27001 is a compliance standard focused on high level information security.

InfoSec Round-Up: Jan 10th

InfoSec Round-Up: Jan 10th - Hut Six

Assange Extradition, Vaccine Scams, App Bans & SolarWinds Hack - InfoSec Round-Up Jan 10th

InfoSec Round-Up: December 20th

InfoSec Round-Up: December 20th - Hut Six

Inside Attacker Jailed, GDPR Fines Twitter & Trump’s Twitter Password - InfoSec Round-Up Dec 20th

Top 5 Breaches 2020

The Five Biggest Breaches and Hacks of 2020

The Five Biggest Breaches and Hacks of 2020. Information Security blog by Information Security Awareness provider Hut Six Security.

InfoSec Round-Up: December 13th

InfoSec Round-Up: December 13th - Hut Six

Foxconn Ransomware, FireEye Hacked & Google Fined €100M - InfoSec Round-Up Dec 13th

SOC 2 Compliance Security Awareness Requirements

Preparing for SOC 2 Compliance - Hut Six

Preparing for SOC 2 Compliance. What are the 5 Trust Service Principles? Security · Availability · Processing Integrity · Confidentiality · Privacy