Back in January 19th...
Normally, the North Koreans wouldn't hit the news at all, but this time it's game related!
Quote:T-Mobile...disclosed in a financial filing Thursday that the company is investigating another breach that impacted as many as 37 million users.
A malicious actor was able to gain access to an internal system allowing them to steal account information including names, billing addresses, emails, phone numbers, dates of birth and account numbers. The bad actor was not able to access Social Security numbers, driver’s licenses, passwords/PINs, or other financial information, according to the filing.
...
The bad actor appeared to first breach an application programming interface around Nov. 25, 2022, and T-Mobile discovered the intrusion on Jan. 5. The company states that it has notified federal agencies about the incident and is working with federal law enforcement.
...
This is T-Mobile’s sixth major breach since 2018. T-Mobile suffered a breach of 50 million accounts in 2021, sparking an investigation by the FCC. The results of that investigation have not been made public, but it could lead to significant fines for the company.
Quote:Cybercriminals duped federal employees into downloading remote monitoring and management software and then used it to execute scams to steal money from victims’ bank accounts, top cybersecurity officials said Wednesday.
In an alert warning agencies about the malicious use of remote management software, in this case ConnectWise Control and AnyDesk, officials said that while the specific activity “appears to be financially motivated and targets individuals, the access could lead to additional malicious activity against the recipient’s organization—from both other cybercriminals and [advanced persistent threat] actors.”
...
Additionally, the alert said help desk-themed phishing emails were sent since at least June 2022 to multiple federal civilian agencies. CISA detailed the two instances of suspected malicious activity discovered in October using the federal intrusion detection program known as EINSTEIN. In mid-June, a federal civilian agency received a phishing email and the victim called a phone number contained in the message and led them to a malicious domain. In mid-September, CISA identified traffic flowing between an agency network and a malicious domain.
The campaign continued until at least early November, the alert said. The hackers impersonated help desk services such as Geek Squad Services, general tech support owned by Best Buy, as well as Norton, Amazon, McAfee and PayPal in order to dupe victims. Once the hackers had access to the victims’ machines, they could potentially sell any network access to other cyber criminals or APT groups, according to the alert.
...
The report warned that, generally, remote management software does not trigger antivirus or anti-malware defenses and that hackers can use legitimate RMM software in a portable executable which can “bypass administrative privilege requirements and software management control policies.”
Quote:fter seven months spent lurking inside a notorious ransomware group’s networks, swiping decryption keys for its victims, the FBI and international partners seized infrastructure behind Hive ransomware attacks.
Since June 2021, Hive has targeted more than 1,500 victims globally, including disrupting health care providers during the height of the COVID-19 pandemic. Victims paid more than $100 million in ransom to the group, which attacked a U.S. victim in Florida as recently as 15 days ago, according to Attorney General Merrick Garland.
The successful international operation against the group, considered a top-five ransomware threat by the FBI, is a major victory for the ongoing and frustrating battle against the scourge or ransomware that costs victims hundreds of million of dollars annually.
While staking out Hive’s network, the FBI disrupted multiple attacks, including ones against a Louisiana hospital, a food services company and a Texas school district. The investigation led to two servers in Los Angeles that FBI agents took down with a court order Wednesday night. Law enforcement from the Netherlands and Germany contributed to the operation.
Normally, the North Koreans wouldn't hit the news at all, but this time it's game related!
Quote:North Korean hackers known for cryptocurrency heists are expanding their targets to include education, government and healthcare, according to researchers tracking the group. The activity could be a sign that the group, which is suspected in two high-profile cryptocurrency hacks in 2022, may have even bigger plans for 2023.
Researchers at the cybersecurity firm Proofpoint observed in early December a massive wave of phishing emails from a cluster of North Korea-related hacking activity linked to TA444, the firm’s name for the group. The latest campaign, which blasted more emails than researchers attributed to that group in all of 2022, tried to entice users to click a URL that redirected to a credential harvesting page.
...
To help avoid phishing detection tools, TA444 uses email marketing tools to engage with targets.
...
TA444 has overlapped with Lazarus, a group of North Korean hackers to which the FBI attributed a record $600 million dollar cryptocurrency attack on Ronin Bridge, the infrastructure that connected the Axie Infinity video game with the Ethereum blockchain. The FBI on Monday attributed a separate $100 million hack of the Harmony Bridge to the group after the hackers recently tried to launder $60 million worth of currency stolen in the heist.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE