Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label TechCrunch. Show all posts

Hackers Stole Cryptocurrency Worth $2 Billion in Year 2023


For another year, crypto-stealing cases made headlines. However, as per crypto security firms, this was the first time since 2020, that the trend has been declining. 

Based on dozens of cyberattacks and thefts this year, hackers stole over $2 billion in cryptocurrency, according to De.FI, the web3 security company that manages the REKT database. 

The site ranks the worst-ever crypto hacks, ranging from the Ronin network breach in 2022—the largest event in history—where hackers took over $600 million in cryptocurrency—to this year's hack against Mixin Network, which brought in almost $200 million for the criminals.

DeFi, in its report, wrote, “This amount, though dispersed across various incidents, underscores the persistent vulnerabilities and challenges within the DeFi ecosystem[…]2023 stood as a testament to both the ongoing vulnerabilities and the strides made in addressing them, even as interest in the space was relatively muted by the ongoing bear market in the first half of the year.”

In an estimate, published by blockchain intelligence firm TRM, the total amount of cryptocurrency that hackers have stolen this year was also made public earlier in December. As of mid-December, the business reported that the total amounted to around $1.7 billion.

Among the other crypto thefts conducted this year, one of the worst ones was a hack against Euler Fianance, where threat actors stole $200 million. Other notable hacks include those against Multichain ($126 million), BonqDAO ($120 million), Poloniex ($114 million), and Atomic Wallet ($100 million), among hundreds of other targets.

Last year, blockchain monitoring firm Chainalysis reported that cybercriminals purloined a record-breaking $3.8 billion in cryptocurrency. Of those, the Lazarus Group, a group of North Korean government hackers who are among the most active in the cryptocurrency space, took $1.7 billion in an attempt to finance the regime's authorized nuclear weapons program.

In 2021, Chainalysis reported hacks that compromised crypto worth $3.3 billion.

It is rather not possible to predict what the figures will be in 2024, but given the failures witnessed in cyber security by several crypto and web3 initiatives, as well as the significant financial potential of both sectors—discussed at TechCrunch Disrupt earlier this year—we should anticipate that hackers will continue to target this expanding market.  

Truepill Data Breach: Navigating Healthcare's Digital Security Crisis

The recent Truepill data breach has generated significant questions regarding the security of sensitive patient data and the vulnerability of digital platforms in the rapidly changing field of digital healthcare.

The breach, reported by TechCrunch on November 18, 2023, highlights the exposure of millions of patients' data through PostMeds, a pharmacy platform relying on Truepill's services. The scope of the breach underscores the urgency for healthcare organizations to reevaluate their cybersecurity protocols in an era where digital health is becoming increasingly integrated into patient care.

Truepill, a prominent player in the digital health space, has been a key facilitator for various healthcare startups looking to build or buy telehealth infrastructure. The incident prompts a reassessment of the risks associated with outsourcing healthcare services and infrastructure. As explored in a TechCrunch article from May 17, 2021, the decision for startups to build or buy telehealth infrastructure requires careful consideration of the potential security implications, especially in light of the Truepill breach.

One striking revelation from the recent breach is the misconception surrounding the Health Insurance Portability and Accountability Act (HIPAA). Contrary to popular belief, as noted by Consumer Reports, HIPAA alone does not provide comprehensive protection for medical privacy. The article highlights the gaps in the current legal framework, emphasizing the need for a more robust and nuanced approach to safeguarding sensitive healthcare data.

The Truepill data breach serves as a wake-up call for the entire healthcare ecosystem. It underscores the importance of continuous vigilance, stringent cybersecurity measures, and a comprehensive understanding of the evolving threat landscape. Healthcare providers, startups, and tech companies alike must prioritize the implementation of cutting-edge security protocols to protect patient confidentiality and maintain the trust that is integral to the doctor-patient relationship.

As the digital transformation of healthcare accelerates, the industry must learn from incidents like the Truepill data breach. This unfortunate event should catalyze a collective effort to fortify the defenses of digital health platforms, ensuring that patients can confidently embrace the benefits of telehealth without compromising the security of their sensitive medical information.

Casepoint Investigates Alleged Breach After Hackers Claimed Theft of Government Data


US-based legal technology platform, Casepoint has apparently investigated a potential cybersecurity incident following claims of threat actors, who have hacked the platform claiming terabytes of sensitive data.

Casepoint offers legal advice for governmental organizations, businesses, and law firms in litigation, investigations, and compliance. The company has a number of well-known clients, including the U.S. Department of Defense (DoD), Marriott Hotels, the Securities and Exchange Commission (SEC), the U.S. Courts, and the Mayo Clinic.

Vishal Rajpara, the CTO and co-founder of Casepoint, released a statement in which he declined to confirm but otherwise did not seem to refute rumors that the ALPHV ransomware gang was responsible for the attack. BlackCat, the Russia-based ransomware gang claims to have stolen two terabytes of confidential data from Casepoint, which included data from the US government and “many other things you have tried so hard to keep,” the gang stated.

Some of the data stolen, according to TechCrunch, included private information from a Georgia-based hospital, a legal document, a state-sponsored ID and an internal document apparently issued by the FBI. However, the FBI is yet to confirm the allegations made by TechCrunch.

Following Casepoint’s acknowledgment of the investigation, ALPHV updated on the issue in a statement published on May 31. The firm also shared what seems to be the login details for the company’s software.

Rajpara published a statement on the issue, saying “Casepoint remains fully operational and have experienced no disruption to our services[…]the third-party forensic firm that we have engaged is currently running scans and deploying advanced endpoint detection monitoring tools and will be looking for signs of suspicious activity.” “We are early on in our investigation and are committed to keeping our clients informed as we learn more.”

However, Rajpara declined to comment on whether the business has technological resources to identify the data that was accessed or exfiltrated or whether it has been contacted by the ALPV ransomware organization with any communications, such as a ransom demand. 

ALPHV Gang

The ALPHV gang has previously claimed to have attacked NextGen Healthcare, a U.S.-based maker of electronic health record software, and Ring, a video surveillance firm owned by Amazon. Despite the hackers' denials that they were connected to the gang, data obtained from Western Digital was also hosted on ALPHV's leak site.

Some other known victims of the ALPHV gang include Bandai Namco, Swissport, and the Munster Technological University in Ireland.  

 Crucial US military Emails was Publicly Available

A US Department of Defense exposed a server that was leaking private internal military emails online Security researcher Anurag Sen discovered the unprotected server, which was "hosted on Microsoft's Azure federal cloud for Department of Defense customers," according to a TechCrunch report.

The vulnerable server was housed on Microsoft's Azure federal cloud, which is available to Department of Defense clients. Azure uses servers that are physically isolated from other commercial customers so they can be utilized to share private but sensitive government information. The exposed server was a component of an internal mailbox system that included around three terabytes of internal military emails, a lot of them regarding the USSOCOM, the US military organization responsible for carrying out special military operations.

Nevertheless, due to a misconfiguration, the server was left without a password, making it possible for anyone with access to the internet to access the server's IP address and view the server's important mailbox data.

The server was filled with old internal military emails, a few of which contained private information about soldiers. A completed SF-86 questionnaire, which is filled out by government employees seeking a security clearance and contains extremely sensitive personal and health information for screening people prior to being cleared to handle classified information, was included in one of the disclosed files.

As classified networks are unreachable from the internet, TechCrunch's scant data did not appear to be any of it, which would be consistent with USSOCOM's civilian network. In addition to details regarding the applicant's employment history and prior living arrangements, the 136-page SF-86 form frequently includes details about family members, contacts abroad, and psychiatric data.

A government cloud email server which was accessible through the web without a password was made public and the US government was notified about it. Using just a web browser, anyone could access the private email data there.






FTC Bans Support King, That is Linked to a New Phone Spying Operation


A TechCrunch investigation has shown that a notorious phone spying company, SpyFone, is back in its business, a year after the Federal Trade Commission banned it.  

Apparently, a groundbreaking FTC order banned the stalkerware app, SpyFone, along with its parent company Support King, and its chief executive Scott Zuckerman from the surveillance industry. The regulator's five sitting commissioners unanimously approved the order, which also required Support King to retrieve the phone data it had wrongfully obtained, and inform victims that its software had been covertly placed on their devices.  

What are Stalkerware? 

Stalkerware, or spouseware, refers to apps that are covertly installed by someone with physical access to a person's phone, frequently in the pseudonym of family tracking or child monitoring. However, these apps are created to remain hidden from home screens, silently uploading a person's phone's contents, including their text messages, photos, browsing history, and precise location information, while also pretending to be family tracking or child monitoring apps.  

However, several stalkerware apps, such as KidsGuard, TheTruthSpy, and Xnspy, possess certain security flaws that expose the private data of thousands of people to greater risks. 

These apps as well include SpyFone, whose unprotected cloud storage server leaked the private information taken from more than 2,000 victims' phones, leading the FTC to launch an investigation and ensuing ban on Support King and its CEO Zuckerman from providing, distributing, promoting, or in any other way, aiding the sale of spy apps. 

TechCrunch, since then has received further data tranches, that include the data from internal servers of the stalkerware programme SpyTrac, which is being operated by programmers that are associated with Support King.  

Instagram bug showed stories of strangers






A bug on Instagram has affected the story tray which shows stories from people the users’ follow, but this bug has violated the privacy policy for some of the users’ by displaying the stories from people whom they don’t even follow. 

The Facebook owned company confirmed the existence of the technical glitch to TechCrunch, in the meantime they claimed that the glitch was resolved in a few hours.

According to the company, the bug "caused a small number of people's Instagram Stories trays to show accounts they don't follow." 

It did not displayed the full stories if the accounts were private, but it showed the whole stories if the accounts were public. 

The company believes that only small portion of the users’ were impacted by this glitch. However, there are nearly 500 million users’, and even the small fraction of affected users’ could have a great impact. 

A Twitter @internetryan drew everyone’s attention when he first reported the problem on the social tweeting about the bug,  'Hey @Instagram/@facebook, people who I don't follow (with private accounts) are showing up in my Stories.’