Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cyber Hacker. Show all posts

Classic Scam the Scammers? Epic Games Hackers Faked the Hack

epic gaming scam

Hackers stage Epic hack

A group announced earlier this week that they had successfully breached Epic Games and taken 189GB of data, including user information. They are now retracting their statements, claiming that they staged the whole event to deceive real hackers.

The group, which goes by the online handle Mogilevich, claims to have accomplished this by promising to sell potential hackers the technology needed to get access to Epic Games. Naturally, the technology and data they sent on—assuming they sent any—would be worthless if the attack had never occurred. According to Mogilevich, it sold this information to eight customers without demonstrating its ability to breach an organization such as Epic.

Epic gaming scam developments

Only a few days have passed since the "hack" was originally made public. After allegedly stealing "emails, passwords, full names, payment information, source code" from its assault on Epic, Mogilevich appeared to be attempting to ransom the data back to the business.

However, Mogilevich has since altered the narrative entirely. Since it's possible that the gang pulled off a hack and this was all misdirection, we cannot confirm whether or not their account of events is accurate. It does, however, correspond with Epic's statement that there was "zero evidence" of any hacking at all.

A Mogilevich member is said to have said, "You may be wondering why all this, and now I'm going to explain everything you need," on a page that it had previously promised would contain information from the Epic breach. "In reality, we are not a ransomware-as-a-service, but professional fraudsters."

Gang aimed to get new contacts

In explaining its methodology, Mogilevich claims that it staged the operation to make fresh connections for fraud. As per the gang, everything went as planned in this aspect, with aspiring hackers reportedly sending over tens of thousands of dollars.

"We don't think of ourselves as hackers but rather as criminal geniuses, if you can call us that", the message continues. They acknowledge that their goal was to acquire access to new "victims to scam," but ideally, users and employees of Epic Games are not among these victims.

Epic still needs to respond to this revelation.


Behind Closed Cyber Doors: 50 Ransomware Negotiations' Unexpected Insights

 


A cybersecurity expert will usually recommend that negotiators should be avoided when trying to resolve the issue of ransomware hackers. A victim recently defied conventional wisdom and attempted to negotiate with their attackers on December 30, 2020, despite their attackers attempting to kill them. 

As the victim typed the words "Help?" At one point during the compromise of the computers, a response was received from one of the hackers offering to negotiate with the victim. During the interview, the hackers admitted that they had encrypted the victim's network and data in addition to downloading internal documents and files from the victim's network. As a ransom, they requested a payment of $8,500,000 for the key to unlock the encrypted files. 

Unexpectedly, there was a misunderstanding in the negotiation that led to the breakdown of the deal. As a result, the hackers mistook the victim's wishes for the destruction of files and did not provide the decryption key to do so. In the end, the ransom demand was markedly reduced, resulting in a final amount of only $450,000 being agreed upon, thereby resulting in a 94.7% reduction from the original demand of $1 million. 

In the case of ransomware incidents, the details are usually shrouded in secrecy and made to remain out of the public domain as long as possible. Despite the secrecy, Valéry Marchive, a French journalist who specializes in cybersecurity, does not like it. This can be used as a weapon in the fight against ransomware gangs, as all these cloak-and-dagger conversations he has had with these criminal gangs provide valuable insight into how they operate and can be used by them to attack.

Marchive has been compiling a database of ransomware negotiation chats over the past few years, and as of recent made the database available to the public as part of its effort to reduce ransomware attacks. The recent research report on the data used by Cyber Threat Intelligence Analyst Calvin So focuses on how stylometric analysis (essentially, the study of writing styles) can help identify patterns and individuals based on the text dialogue they use within the report. 

The results of an analysis of negotiation transcripts of 50 trial cases from Marchive's archives show that victims who negotiate tend to pay much less than the initial ransom demand, resulting in a significant reduction in the amount asked. There has been a fair amount of negotiation between the victims and the pirates, and on average only half of the original demand was paid (52.7%). It is important to note that only one victim among the sample paid the full amount without negotiating with the con artist. 

In some interesting cases, ransomware hackers have adopted a very professional, congenial approach to communicating with victims when faced with ransomware threats. As a security vulnerability exposer, they will bill victims for their service and present themselves as a threat to your computer system. In addition to victimizing, victims sometimes engage in friendly banter with their attackers, which may suggest that their relationship with their attackers is unusual. 

There is No Set Deadline


The most common thing that victims negotiate with their lawyers is an extended deadline. When a victim appears willing to pay for the hack, it is free for the hackers, as long as they are willing to negotiate and take the victim to the table. The fact that hackers proposed reducing the ransom so long as the payment was posted as quickly as possible was a big clue that they were hacking.  

When hackers start negotiations, they often use this response as their first gesture as they want to initiate transactions as soon as possible, however, they are willing to extend this deadline as long as they feel progress is being made, or they think the victim is in the process of obtaining funds. 

A facade of civility conceals the fact that there are threats hidden both within and without the facade. When negotiations are at an impasse, hackers challenge their victims, taunt them, and issue ultimatums to end the negotiations. Even though negotiating with ransomware hackers is generally not recommended, a better understanding of how these negotiations happen can provide valuable insights into how to combat ransomware attacks in the future. 

Avoid Dealing With the Devil 


Even though anonymous company representatives may have come away relatively unscathed, this should not be taken as a sign that you should negotiate with ransomware groups – quite the opposite. 

It is important to remember that even though the company's sample set of transcripts did not show hackers reneging on their commitment to release the hostage data as soon as the victim paid for it, there is no guarantee that even if they release the data, they will not make a copy of it to sell it to others.   

Cybercriminal activity comes with a variety of risks, and this is just one of them. According to Max, there is no reason for the bad guys to carry out their plans since they have no incentive to do so. The money has been delivered, and that is a task completed for them, so they feel satisfied with their work.

One way to stick it to ransomware groups is to make sure you never fall prey to their ruse in the first place, but that should go without saying. As a result, most of the time, it is possible to prevent the vulnerability of individuals and companies to hackers by implementing some best practices. 

According to PCMag, the first step you should take is to implement a password policy that requires all passwords to be unique with at least 20 characters. There is an easy and essential policy that each employee with a work account should adhere to.

Furthermore, there should be a similar policy in place for all personal accounts of employees. Keeping that in mind, we strongly recommend you use a reliable password manager for managing your passwords across multiple accounts so that you can create and manage them easily. 

In addition, it is critical to ensure that all the devices installed on the work premises, such as smartphones and tablets, have security features enabled in their configurations. Ensure that you patch and update your operating system and software regularly, and be sure to perform regular backups of your data as well. For those users who are looking to protect themselves from ransomware, there is a wide variety of apps that can assist you.

Gen Digital Customers' Accounts were Breached by Hackers

 


A Norton LifeLock spokesperson has confirmed that malicious third parties are likely to have gained access to some customers' accounts, possibly even gaining access to their password vaults. 

The document describing affected customers' rights as a result of a data breach is available on the website of the Vermont attorney general's office. Using username and password login combinations, the report suggests hackers may have been able to access the accounts of Norton and Norton Password Manager users. 

According to the vendor, which is owned by Gen Digital, the login information was not obtained by breaching the IT environment of the company itself. This is due to a security breach. 

As one of the leading manufacturers of antivirus software for consumers, Gen Digital Inc. is a publicly traded company. It has been more than a year since Gen Digital, a security company founded in September, was formed when Norton LifeLock Inc. and Avast plc merged. In addition to antivirus software, Gen Digital also sells cybersecurity products that include password managers and virtual private networks tools, and some other cybersecurity products.

A report regarding the breach of some Gen Digital accounts emerged on Friday, indicating that some customers' accounts had been compromised. According to a statement released by the company the next day, it had "secured 925,000 inactive and active accounts that may have been targeted" by hackers during the attack. TechCrunch reported earlier this week that the accounts of 6,450 customers had been compromised as a result of the breach. 

In an attempt to break into Gen Digital's customer database, hackers may have accessed the names, telephone numbers, and mailing addresses of a large number of customers. The company discovered, some of the data stored in its Norton Password Manager tool may have been compromised as a result of the breach. Gen Digital says it is possible that one of the hackers was able to access the login credentials of the users that were affected in Norton Password Manager. This is a password management program. 

It has been reported that Gen Digital was not affected by the breach and that no data had been compromised. Hackers allegedly gained access to customer accounts by stuffing credentials to breach the security of the antivirus maker's systems. That is the term used to describe a type of cyberattack. In this attack, hackers compromise customers of another company by using login credentials they have stolen from one of their competitors. 

There has been no compromise of any systems, and they are safe and operational. However, threat actors are all too common in today’s world of taking credentials that they find elsewhere, like on the dark web, and using them to make automated attacks. This enables them to gain access to other unrelated accounts. According to a spokesperson for the company, the system has not been compromised.  

It was Gen Digital that first recognized the breach on December 12 after discovering an unusually high number of failed login attempts that were aimed at its customers' accounts. Earlier this month, the company identified the lack of security measures by which hackers were able to gain access to customer accounts. 

It was Gen Digital who found out about the breach and notified the affected customers and rewrote their passwords as soon as possible. To ensure that customers are protected, the company also says "additional security measures" have been implemented. 

Earlier this month, one of Gen Digital's major competitors in the password manager market, LastPass US LLP, suffered a breach of its security. This breach coincided with the launch of the company. Earlier in August, a cyberattack against the company was preceded by another breach of security. Hackers accessed LastPass' cloud storage environment using the technical information they stole during the August cyberattack in which technical information was stolen. 

During the hacking operation, hackers gained access to the usernames and billing addresses of customers. A backup copy of LastPass' password manager, which is the most widely used password management tool available, was also obtained by hackers. As per the policy of the company, the encrypted copy of account information cannot be decrypted without the password of the user's account, which was not compromised.