Reading Time: ~ 2 min.
Nintendo Accounts Breached
Stemming from a cyber-attack back in April, Nintendo
has just announced that roughly 300,000 user accounts have been compromised,
though most belong to systems that are now inoperable. From the excessive
unauthorized purchases, the attackers likely used credential-stuffing methods
to access accounts and make digital purchases through PayPal accounts that were
already logged in. Nintendo has since contacted the affected customers and has
begun pushing out mandatory password resets.
Kingminer Botnet Locks Down Entry Points Behind Them
After nearly two years of operation, the owners of the Kingminer
crypto jacking botnet have taken up a new tactic of patching the very
vulnerabilities they used to illicitly access systems. This implementation is
likely being used to block any other malicious campaigns from accessing the
compromised systems and net them larger profits. By using the EternalBlue
exploit and patching it behind themselves, they can brute force their way into
any vulnerable system and then keeping their own crypto mining scripts active
for an increased amount of time before being discovered.
Honda Shuts Plants After Ransomware Attack
plants around the world have recently closed due to a ransomware attack that
has targeted several manufacturing systems. The shutdown came only hours after
a new Snake ransomware sample was uploaded to Virus Total and was seen
attempting to contact an internal site belonging to Honda. Currently, officials
for Honda are still working to determine exactly what parts of their systems
were affected and if any personally identifiable information was compromised.
Scammers Created Fake SpaceX YouTube Channels to Steal Cryptocurrency
Multiple malicious YouTube accounts have changed their names
to keywords relating to SpaceX
in order to scam viewers out of Bitcoin cryptocurrency donations. While it
should be obvious that these channels are not the legitimate SpaceX account
based solely on the number of subscribers, the fake channels have also been
livestreaming old recorded SpaceX interviews with Elon Musk, to improve their
legitimacy. Unfortunately, during the livestreams, the channels promote
cryptocurrency scams in the chat section to entice other viewers to send in a
small amount of cryptocurrency with the promise of a significant amount more
being sent back.
Florence, Alabama Pays Ransom Demand
In the last week, officials for Florence,
Alabama have been working to negotiate with the authors of the DoppelPaymer
ransomware attack that took down the city’s email systems. Though the initial
ransom amount was 38 Bitcoins, or the equivalent of $378,000, the security team
that was brought in was able to drop the demand to 30 Bitcoins, or $291,000,
which the city has decided to pay. It is still unclear exactly what information
may have been stolen or accessed, the Mayor of Florence concluded that it was
best to just pay the ransom and hope their information is returned and their
systems are decrypted.