Security News

Malicious npm Code Packages Built for Hijacking Discord Servers
2021-12-08 22:30

A series of malicious packages in the Node.js package manager code repository are looking to harvest Discord tokens, which can be used to take over unsuspecting users' accounts and servers. Js, which enables interaction with the Discord API. "The malware's author took the original discord.js library as the base and injected obfuscated malicious code into the file src/client/actions/UserGet.js," according to JFrog, which added, "In classic trojan manner, the packages attempt to misdirect the victim by copying the README.md from the original package."

Hacker Jailed for Stealing Millions of Dollars in Cryptocurrencies by SIM Hijacking
2021-12-01 20:50

A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the U.S. Department of Justice said. Garrett Endicott, 22, from the U.S. state of Missouri, who pleaded guilty to charges of wire fraud and aggravated identity theft following an indictment in 2019, was sentenced to 10 months in prison and ordered to pay an amount totaling $121,549.

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers
2021-11-23 07:31

Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said. If an attack was successful, their router would fall under the attacker's control, allowing the crook to open up ports to access other devices on the local network, change the LAN's default DNS settings to redirect browsers to malicious sites, reconfigure the gateway, and cause other general mischief and irritation.

Over 60,000 parked domains were vulnerable to AWS hijacking
2021-09-03 07:00

Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness.

Over 60,000 parked domains were left up for hijacking
2021-09-03 07:00

Domain registrar MarkMonitor had left more than 60,000 parked domains vulnerable to domain hijacking. The parked domains were seen pointing to nonexistent Amazon S3 bucket addresses, hinting that there existed a domain takeover weakness.

Spanish cops cuff Brit bloke accused of playing role in 2020 celeb Twitter hijacking
2021-07-21 20:54

The Spanish National Police have, at the request of America, arrested UK citizen Joseph O'Connor in Estepona, Spain, in connection with the July 2020 takeover of more than 130 Twitter accounts. The US Department of Justice said that, in addition to the alleged Twitter account joyride, O'Connor, 22, has been charged in a federal district court in northern California with computer intrusions tied to the commandeering of TikTok and Snapchat user accounts.

Microsoft's Halo dev site breached using dependency hijacking
2021-06-29 07:40

Microsoft has once again been successfully hit by a dependency hijacking attack. After publishing a public dependency by the same name, he began receiving messages from Microsoft's Halo game dev servers.

Microsoft successfully hit by dependency hijacking again
2021-06-29 07:40

Microsoft has once again been successfully hit by a dependency hijacking attack. After publishing a public dependency by the same name, he began receiving messages from Microsoft's Halo game dev servers.

Researchers Detail Exploit Chain for Hijacking Atlassian Accounts
2021-06-25 08:45

Researchers at cybersecurity firm Check Point discovered several vulnerabilities that could have been chained to take over Atlassian accounts or access a company's Bitbucket-hosted source code. The software development and collaboration tools made by Australia-based Atlassian are used by more than 150,000 organizations worldwide, which can make the company's products a tempting target for malicious actors.

Comcast now blocks BGP hijacking attacks and route leaks with RPKI
2021-05-20 19:16

One of America's largest broadband providers, has now deployed RPKI on its network to defend against BGP route hijacks and leaks. "In practical terms, it means that Comcast now both cryptographically signs route information and validates the cryptographic signatures of other networks' route information."