-
Hacker Returns $26 Million Worth of Ethereum Back to Hacked Company
The money was sent back in two tranches. The hacker sent the first one in September last year when he returned 10,000 ETH ($8.7 million) and a second round last Friday when he returned another 20,000 ETH ($17.45 million).
The hacker did not return all funds, though, keeping over 13,400 ETH ($11.7 million) from the 43,400 ETH ($37.9 million) CoinDash believes the hacker stole.
Hack took place last year
minutes after CoinDash launched its ICO, a funding round meant to raise Ethereum funds for CoinDash’s main product, a social trading platform.
The hacker hijacked the company’s official website and replaced the Ethereum address at which users could send money to buy CoinDash tokens for the official CoinDash ICO. CoinDash said it’s still working with Israel’s Counter Cyber Terrorist Unit to track down the hacker
-
Apple’s iBoot Source Code for iPhone Leaked on Github
Apple source code for a core component of iPhone’s operating system has purportedly been leaked on GitHub, that could allow hackers and researchers to discover currently unknown zero-day vulnerabilities to develop persistent malware and iPhone jailbreaks.
The source code appears to be for iBoot—the critical part of the iOS operating system that’s responsible for all security checks and ensures a trusted version of iOS is loaded.
In other words, it’s like the BIOS of an iPhone which makes sure that the kernel and other system files being booted whenever you turn on your iPhone are adequately signed by Apple and are not modified anyhow.
The iBoot code was initially shared online several months back on Reddit, but it just resurfaced today on GitHub (repository now unavailable due to DMCA takedown). Motherboard consulted some security experts who have confirmed the legitimacy of the code.However, at this moment, it is unclear if the iBoot source code is completely authentic, who is behind this significant leak, and how the leaker managed to get his/her hands on the code in the first place.The leaked iBoot code appears to be from a version of iOS 9, which signifies that the code is not entirely relevant to the latest iOS 11.2.5 operating system, but some parts of the code from iOS 9 are likely still used by Apple in iOS 11.
-
How to Shield Against IoT Security Threats
IoT exposes companies and consumers alike to a wide range of security threats.In fact, according to a survey conducted by Altman Vilandrie & Company, nearly half of US-based firms using IoT have been hit by a recent security breach. So, how can we shield against these emerging threats? The number of IoT devices is growing at a breathtaking pace, from 2 billion in 2006 to an estimated 200 billion by 2020 (see Intel report). Therefore, IoT must be considered part of a broader attack surface that requires protective measures. While consumer IoT devices like Amazon Alexa, Google Home, Nest Labs home automation systems, and smart wearables get all the headlines, the largest proportion of IoT devices aren’t used in homes, but in manufacturing plants, retail businesses, and the healthcare industry.
Cyber Shield Act of 2017, which was introduced by Senator Edward J. Markey, and has been endorsed by the Institute for Critical Infrastructure Technology, is a good first step towards creating a standardized approach to cyber security for IoT. The bill is designed to establish a voluntary program to identify, verify, and label compliant IoT devices with strong cyber security standards. More specifically, the proposed legislation would require IoT vendors to follow “security-by-design” best practices in accordance with National Institute for Standards and Technology (NIST) Special Publication 800-160 and receive a certification that would rate their product, allowing buyers to assess the associated risks and drive their technology decision process.
Since these initiatives are likely years from fruition, organizations concerned with IoT threats should apply the following minimum safeguards:
● Deploy IoT devices based on standards-friendly hub-and-spoke networking protocols, which are less vulnerable to attacks.
● Apply mature identity and access management measures to secure not just applications, workstations, and servers, but also IoT devices.
● Expand the penetration testing scope to include IoT devices.
4.Another massive DDoS internet blackout could be coming your way
Check your DNS, people. And please, make it redundant.
5.Germany says its government computers secure after ‘isolated’ hack from Russian hacker group
On Wednesday hackers had breached its government computer network with an isolated attack that had been brought under control and which security officials were investigating.
A spokesman for the German Interior Ministry said the affected government agencies had taken appropriate measures to investigate the incident and protect data.
“The attack was isolated and brought under control within the federal administration,” which oversees government computer networks, he said in a statement, adding that the authorities were addressing the incident “with high priority and significant resources”.
The spokesman said he could give no further details immediately due to security and analysis measures that were still under way.
He did not comment on German
media reports that the attack was launched by Russian hacker group APT28, which had already attacked the German parliament in 2015.
The head of the German domestic intelligence agency last year said such attacks had not occurred, but the risk of interference remained until a new government is in place.
Germany’s Social Democrats are voting by postal ballot on an agreement to form another “grand coalition” with Chancellor Angela Merkel’s conservatives, with the results to be made public on Sunday. If they reject the tie-up, Germany could face new elections or the formation of a minority government for the first ti
me in its post-war history.
Western governments and security experts have linked the hacking group known as APT28 or Fancy Bear to a Russian spy agency, and have blamed it for operations including an attack on the Democratic National Committee ahead of the 2016 U.S. elections and the German lower house of parliament in 2015.
German officials have blamed APT28 for the May 2015 hack of the German lower house of parliament, the Bundestag, and other cyber attacks aimed at political groups, Merkel and other individuals, or institutions.
Moscow has previously denied in any way having been involved in cyber attacks on the German political establishment.
Top German intelligence officials have urged lawmakers to give them greater legal authority to “hack back” in the event of cyber attacks from foreign powers.
6. IsraBye is a Anti-Israel Data Wiper Disguised as Ransomware
An anti-Israel & pro-Palestinian data wiper called IsraBye has been discovered that pretends to be a ransomware. Unfortunately, even though the lock screen implies that the files can be recovered, the contents of the files are actually replaced with an anti-Israel message.
Discovered first by Avast security researcher Jakub Kroustek at the end of July, I missed seeing this tweet, until other researchers such as Ari Eitan and Ido Naor started tweeting about it. As it looked interesting, I decided to take a look and create a video demonstrating the functionality of IsraBye.
The timing surrounding IsraBye’s appearance isn’t an accident. The wiper was spotted shortly after the onset of the Al Aqsa crisis; a political incident set off by Israel officials installing new security measures at the Al Aqsa mosque in Jerusalem, which Palestinians considered an intrusive expansion of control over one of Islam’s holiest sites.
Signing out,
Stay safe and secure!
Cyber Journal 