UK police arrest 7 people in connection with Lapsus$
Ranging in age between 16 and 21, the hackers were arrested and then released by City of London Police, following an investigation which is still ongoing. Bloomberg had reported that a teenager based in Oxford was suspected of being the group’s mastermind. Bloomberg was able to track him down after his personal information was leaked online by rival hackers. According to Brian Krebs, the teenager purchased Doxbin last year, a site where people can share or find personal information on others, before leaking the entire Doxbin data set to Telegram. The Doxbin community retaliated by doxxing him.
North Korean hackers exploit Chrome zero-day weeks before patch
North Korean state hackers exploited a zero-day, remote code execution vulnerability in Google Chrome web browser for more than a month before a patch became available, using it for attacks against news media, IT companies, cryptocurrency, and fintech organizations. The vulnerability in question is the recently patched CVE-2022-0609. Google’s Threat Analysis Group (TAG) attributed two campaigns to two separate groups backed by the North Korean government, one of which has been identified as the Lazarus Group. Google TAG discovered the campaigns on February 10 and addressed the vulnerability in an emergency Google Chrome update four days later.
Anonymous claims to have hacked the Central Bank of Russia and stolen 35,000 documents
In this most recent attack on Russian infrastructure, the group announced on Wednesday that the files would be released in 48 hours, which would be today, Friday. The group has also declared that it will be going after companies that have decided to continue to operate in Russia by paying taxes to the Russian government.
GitHub explains the cause behind the past week’s outages
GitHub says its recent service outages were caused by “resource contention issues in their primary database cluster.” Four service outages caused by these problems occurred on March 16th, March 17th, March 22nd, and March 23rd. The “resource contention” issues were with their primary MySQL cluster called ‘MySQL1.’ Resource contention occurs when multiple processes/requests compete for the same resources, such as memory, CPU, or disk utilization, or access to a database table. When too many requests happen too quickly, the server rejects further requests until there is room for more.
Thanks to our episode sponsor, Varonis
Microsoft help files disguise Vidar malware
Trustwave SpiderLabs has revealed a new phishing attack designed to plant the Vidar infostealer on target machines. Writing in a report published Thursday, the researchers state that this is done by concealing complex malware behind a Microsoft Compiled HTML Help (.CHM) file, a little-used proprietary file format made by Microsoft for help documentation saved in HTML. The malware is distributed by a phishing email.
Mustang Panda hacking group takes advantage of Ukraine crisis
Researchers from ESET announced recently that the Chinese cyberespionage group Mustang Panda, also known as TA416, RedDelta, and Bronze President has been spreading a new Korplug/PlugX Remote Access Trojan (RAT) variant. ESET has named this new sample Hodur. To get around, Mustang Panda uses phishing methods that include news items or messages related to the Ukraine invasion. “The group has managed to successfully infiltrate research organizations, internet service providers (ISPs), and systems belonging to European diplomatic initiatives across countries including Mongolia, Vietnam, Myanmar, Greece, Russia, South Africa, and Cyprus.”
(ZDNet)
CEA sees future in waferscale quantum computing chips
According to The Register, “Paris-based quantum computing startup C12 Quantum Electronics is working on the multi-qubit chips in conjunction with CEA, the government-backed French research institution.” Qubits, short for quantum bits, are the basic components of quantum computers, and are extremely difficult to manufacture. C12 says this new work is “building from a breakthrough in manufacturing quantum chips on 200mm silicon wafers,” which some experts see as a “leap forward toward the goal of commercializing quantum computing and manufacturing chips at scale.”