InfoSec Round-Up: Jan 29th

Play Video

TikTok Flaws, Broken Botnet & Ransomware Gang Takedown

TikTok Flaw Exposed Profile Details

The technology company ByteDance has fixed a security vulnerability in the social media platform TikTok, which could have allowed attackers to steal the personal information of its users.

Uncovered by security researchers at Check Point, the flaw could have allowed malicious actors to bypass privacy protections by exploiting the platforms ‘Find Friends’ function, enabling access to, amongst other data, unique user IDs and users’ phone numbers.

One of several vulnerabilities discovered by researchers, last year a different flaw was also disclosed which would have made it possible for attackers to effectively hijack user accounts, as well as steal personal data.

The platform, which has surpassed 2 billion global downloads, launched a private bug bounty program back in April of 2020, encouraging security researchers to find and report bugs before they could be exploited by malicious actors.

In a statement, a TikTok spokesperson noted, “The security and privacy of the TikTok community is our highest priority, and we appreciate the work of trusted partners like Check Point in identifying potential issues so that we can resolve them before they affect users”.

Emotet Botnet Disrupted

As part of a Europol effort, police from the UK, EU, US, and Canada have seized thousands of computers running the global botnet known as Emotet.

Originally designed as a banking trojan, the Emotet botnet spread through infected e-mail attachments, exploiting users by prompting them to “enable macros” once they had opened a malicious Word document.

Utilising a new and unique approach, the botnets infrastructure was taken down “from the inside”, with infected machines of victims being redirected towards law enforcement-controlled infrastructure.

According to the press release, Emotet was far more than just a malware, labelling it “one of the most resilient malwares in the wild”. Going on to explain how the software facilitated additional attacks by acting as a ‘loader’ for other forms of malware.

“The EMOTET infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorised access was established, [this was] sold to other top-level criminal groups to deploy further illicit activities such [as] data theft and extortion through ransomware.”

Netwalker Ransoms Seized

Several dark web websites associated with the Netwalker ransomware syndicate have been seized as part of an international law enforcement effort, with one Canadian national being charged for his involvement in the criminal enterprise.

Believed to have generated tens of millions in ill-gotten gains, Netwalker is what is known as a ‘ransomware-as-a-service’ (RaaS) operation, whereby affiliates distribute the ransomware in return for a 60-75% share of ransom payments.

Sebastien Vachon-Desjardins of Quebec, an affiliate of the gang, is alleged to have obtained at least $26 million as a result of his elicit involvement in ransomware campaigns.

The website seizures and subsequent arrest were a coordinated effort between the US Department of Justice and Bulgarian agencies, with law enforcement also seizing approximately $454,000 in cryptocurrency as part of the operation.

Dealing a significant blow to the Netwalker syndicate, FBI Special Agent Michael F. McPherson stated on the matter, “This case illustrates the FBI’s capabilities and global partnerships in tracking ransomware attackers, unmasking them, and holding them accountable for their alleged criminal actions”.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

Information Security Focus for 2021

Information Security Resolutions for the New Year: Part Two

Information Security Resolutions for the New Year: Part Two. Information security for 2021 blog post by Hut Six Security.

Information Security Resolutions 2021

10 Information Security Resolutions for the New Year: Part One

Information security in 2021: blog by Information security awareness training and phishing simulation provider Hut Six Security.

ISO 27001 vs SOC 2: What is the difference?

ISO 27001 vs SOC 2 Certification - Hut Six

Find out the key differences between ISO 27001 and SOC 2 and which one is best for your business. Learn about both security standards, focus areas, and the benefits of each one to make an informed decision.

Top 5 Breaches 2020

The Five Biggest Breaches and Hacks of 2020

The Five Biggest Breaches and Hacks of 2020. Information Security blog by Information Security Awareness provider Hut Six Security.

SOC 2 Compliance Security Awareness Requirements

Preparing for SOC 2 Compliance - Hut Six

Preparing for SOC 2 Compliance. What are the 5 Trust Service Principles? Security · Availability · Processing Integrity · Confidentiality · Privacy

Securing Work from Home

Top 10 Security Tips for Remote Work

Top 10 Security Tips for Remote Work. Securing Work from Home blog image by Information Security Awareness Training provider Hut Six Security.

Business Case for Security Awareness Training

Building a Business Case for Information Security Awareness Training

Building a Business Case for Information Security Awareness Training blog by Information Security Awareness Training provider Hut Six.

Zero Trust Security

How Zero Trust Works

How Zero Trust Works - Zero Trust Security blog by Information Security Awareness Training provider Hut Six Security.

Writing a Cyber Job Specification

How to Write a Cyber Job Specification

How to Write a Cyber Job Specification: Finding the Best Cybersecurity Talent. Cyber blog by Information Security Awareness solution provider Hut Six Security.

Building your Cyber Security Team

How to Build a Cyber Team

How to Build a Cyber Team - Top Points to Consider When Building Your Team. Blog by Information Security Awareness solution Hut Six Security.

Speak to us about your Cyber Awareness