Wave of attacks on the NFT community on Discord, JusTalk leak and other cybersecurity events

Wave of attacks on the NFT community on Discord, JusTalk leak and other cybersecurity events

Splash of attacks on the NFT community on Discord, JusTalk leak and other cybersecurity events

We have collected the most important cybersecurity news of the week.

  • Researchers have discovered a JusTalk user data leak. The developers assured that all information is protected by end-to-end encryption.
  • The Court of the Russian Federation declared “information in the Tor Browser application” prohibited.
  • TRM Labs has reported a wave of attacks on the NFT community via Discord.

JusTalk user data leaked online. The app team claimed that all communications are end-to-end encrypted 

Researchers have uncovered unencrypted private messages data from users of the JusTalk video calling and messaging app, writes TechCrunch. At the same time, the JusTalk team claims that all user correspondence is protected by end-to-end encryption.

Among the leaked data are millions of messages, the date and time they were sent, as well as the phone numbers of the sender and recipient. They also contained records of calls that were made using the application.

Tor was again banned in the Russian Federation

The Leninsky District Court of Saratov partially satisfied the claim of the prosecutor's office and recognized it as prohibited information contained in the Tor Browser, as well as the application itself. This was reported by «RosKomSvoboda», whose lawyers are conducting the case.

Lawyer Yekaterina Abashina said that the court agreed with Roskomnadzor, «which insists throughout the process that information, application and technology are one and the same, so all this can be recognized as prohibited by the court».

Read more about what Tor is in our flashcards.

Report: Since May, NFT projects have lost $22M due to Discord attackers

Since May 2022, TRM Labs analysts have recorded more than 150 compromises of NFT project Discord servers.

In June, the number of NFT minted phishing attacks deployed via compromised Discord accounts , increased by 55% compared to the previous month.

According to TRM Labs, after gaining control over administrator accounts, hackers send links to ostensibly gift or “exclusive” NFTs so that people go to malicious sites.< /p>

TRM Labs has linked dozens of similar cases. Analysts believe that many of the hacks are related to the same hacker who attacked the Bored Ape Yacht Club Discord servers in June.

Kazakhstan expanded the powers for the authorities to control social networks and instant messengers

Kazakhstan signed amendments giving the Ministry of Information and Social Development (MIOR) the ability to restrict the activities of foreign online platforms or messengers.

In addition, the agency can request data from such services on the number of users per day, as well as maintain a register of «representatives of foreign online platforms and instant messaging services».

Camera manufacturers for «smart home» from Amazon and Google confirmed the possibility of transferring data to the authorities without a warrant

Amazon-owned developer of «smart doorbells» with video surveillance, Ring confirmed the transmission of video footage to the police on 11 occasions in 2022 without the consent of users. Among them were situations where the police did not have a warrant to access this data, writes CNet.

The terms of use of Nest, a company that makes video intercoms and owned by Google, says that it can also transfer information to law enforcement officers in emergency cases without user consent:

“If we believe we can prevent someone from dying or causing serious physical harm, we may provide information to a government agency – for example, in the case of bomb threats, school shootings, kidnappings, suicide prevention, or missing people.”

Nest, however, noted that they have never used this practice before.

Smart home camera manufacturers, including Arlo, Eufy and Wyze, as well as Apple, which processes similar videos, assured that they do not provide the authorities with such data without a warrant or court order. 

Also on ForkLog:

  • A hacker withdrew about $6 million from the Audius decentralized platform.
  • Bitfinex, Tether and Hypercore introduced an encrypted P2P video chat application.
  • Nirvana's DeFi project was attacked by hackers.
  • Celsius Reports User Data Leak Due to Customer.io Compromise
  • Google and Apple Required to Report on Anti-Rogue Crypto Apps.

What read on the weekend?

SonicWall analysts estimate that ransomware attacks have dropped by 23%. We talk about what these threats are and what are the consequences of their spread for the crypto industry:

«Ransomware pandemic»: what is the wave of hacker attacks and how it will affect bitcoin

Read ForkLog bitcoin news in our Telegram — cryptocurrency news, rates and analytics.