Security News > 2023 > February

A Federal grand jury in the District of Oregon has indicted four Russian nationals founders of Forsage decentralized finance cryptocurrency investment platform for allegedly running a global Ponzi and pyramid scheme that raised $340 million. The defendants, Vladimir Okhotnikov, Olena Oblamska, Mikhail Sergeev, and Sergey Maskalov, face charges of running aggressive false advertisements on social media, pushing misleading investment and business opportunities related to Forsage to aspiring investors.

DOUG. Crypto company code captured, Twitter's pay-for-2FA play, and GoDaddy breached. DOUG. Well, let's bring things into the modern, and talk about GoDaddy.

The Computer Emergency Response Team of Ukraine says Russian state hackers have breached multiple government websites this week using backdoors planted as far back as December 2021. CERT-UA spotted the attacks after discovering a web shell on Thursday morning on one of the hacked websites that the threat actors used to install additional malware.

Game developer Valve has announced that it permanently banned more than 40,000 accounts for using cheating software to gain an unfair advantage over other players in the Dota 2 game. The cheat gave players access to internal client app information that is not visible during normal gameplay, thus obtaining a competitive advantage.

A hole in a Department of Defense email server operated by Microsoft left more than a terabyte of sensitive data exposed less than a month after Office 365 was awarded a higher level of US government security accreditation. According to security researcher Anurag Sen, who discovered the issue and shared it, the openly accessible server was part of an internal mailbox system hosted on Azure Government Cloud and used by the DoD for a variety of purposes - including the processing of security clearance paperwork.

Security researchers discovered a cryptomining operation targeting macOS with a malicious version of Final Cut Pro that remains largely undetected by antivirus engines. From the first generation, the malware used an i2p network layer for command and control communications to anonymize traffic.

A Russian malware developer accused of creating and selling the NLBrute password-cracking tool was extradited to the United States after being arrested in the Republic of Georgia last year on October 4. "The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords," the Justice Department said in a press release on Wednesday.

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. "This malware makes use of the Invisible Internet Project to download malicious components and send mined currency to the attacker's wallet," Jamf researchers Matt Benyo, Ferdous Saljooki, and Jaron Bradley said in a report shared with The Hacker News.

The fake OpenAI pages serving malware have been set up on a variety of domains, and we can expect others still to pop up. Users wanting to try out ChatGPT are advised to go directly to the source, i.e., to look for relevant information on OpenAI's official page.

Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023. Tracked as CVE-2022-47966, the remote code execution flaw allows a complete takeover of the susceptible systems by unauthenticated attackers.