We have collected the most important cybersecurity news of the week.
- Uzbekistan authorities have unblocked a number of social networks.
- Specialists reported a phishing campaign targeting users of the MetaMask wallet.
- Taiwan was subjected to a wave of cyber attacks after the visit of Nancy Pelosi.
< strong>A number of social networks have been unblocked in Uzbekistan
The Agency for Information and Mass Communications under the Administration of the President of Uzbekistan announced the unblocking of Twitter, WeChat and Vkontakte in the country. The department said that «blocks harm development».
Recall that a number of social networks were restricted in the country due to violations of the law on personal data in 2021.
Experts have warned of a phishing attack on MetaMask users
Halborn cybersecurity experts have documented a phishing campaign targeting MetaMask wallet users.
Attackers send emails masquerading as the MetaMask command. In them, users are asked to verify wallets – for this you need to follow the link and enter your secret phrase. Halborn pointed out the main signs of fraud:
- the sender name and email address contain an error: Metamaks instead of MetaMask;
- metamaks.auction fake domain;
- lack of personalization – the email does not include the username or any other information that would be unique to their account.
Experts recommended always checking the URL before clicking on the link, setting up 2FA and updating it regularly.
Taiwan targeted by cyberattacks after Nancy Pelosi's visit
Immediately after the visit of the speaker of the US House of Representatives Nancy Pelosi, many companies and structures in Taiwan were subjected to cyber attacks, Reuters writes.
Among the victims are government websites, railway infrastructure and a large 7-Eleven chain of stores. The attacks did not cause any significant harm to their work.
Accenture commented that it looks “more like a theatrical performance than a threat.” The company stressed that more powerful cyber attacks were previously recorded, forcing several financial institutions in Taiwan to suspend transactions.
Hackers gained access to 140,000 Wiseasy payment terminals
Unidentified individuals gained access to dashboards used to remotely manage and control thousands of Wiseasy credit card payment terminals. TechCrunch writes about it.
Wiseasy makes Android-based terminals that are used in restaurants, hotels, retail outlets and schools in the Asia-Pacific region. Through its cloud service, the company can manage, configure and update them remotely.
Buguard discovered the passwords of Wiseasy employees, including the administrator account, on the dark web. Buguard said the hackers compromised two cloud-based control panels, neither of which was protected by two-factor authentication. As a result, attackers gained access to almost 140,000 Wiseasy payment terminals around the world.
Australian was accused of creating spyware that was bought more than 14,000 times
Australian authorities have charged a resident of the country with creating and distributing spyware.
According to law enforcement officers, the accused created the Trojan when he was 15 years old. He developed software called Imminent Monitor and sold it to more than 14,500 individuals in 128 countries. With it, it was possible to gain full access to the victim's computer, steal data and monitor the victims remotely using a webcam and microphone.
It is alleged that the accused distributed spyware from 2013 to 2019, when he was neutralized .
Also on ForkLog:
- Hackers broke into about 8,000 Solana-based wallets and withdrew millions of dollars. Later, the Solana team linked a large-scale hack to the Slope wallet provider – it sent seed phrases to a centralized server, where they were stored in unencrypted form.
- Chainalysis estimated the damage from cross-chain protocol hacks since the beginning of the year at $ 2 billion.
- $4.8 million was withdrawn from the wallets of the ZB bitcoin exchange. Experts did not rule out a hack.
- Unidentified persons hacked the Nomad cross-chain protocol. The Nomad team offered hackers who withdrew about $190 million from the project's smart contracts to return the stolen assets for a reward of 10%.
What to read on the weekend?
What is end-to-end encryption, why the authorities of many countries are trying to fight it and is it possible to ban it, ForkLog figured out.
End-to-end encryption at risk? How and why governments require access to our communications
Read ForkLog bitcoin news in our Telegram — cryptocurrency news, rates and analytics.