Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label security measures. Show all posts
security measures
Cyber Hackers Cyber Security CyberCrime CyberThreat Password Breach security measures

Overly Complex Passwords Could Weaken Security Measures

 


The creation and use of passwords is one of the areas where websites and mobile apps lay down rules for making them as safe as possible. However, a federal agency thinks some of the requirements do more harm than good to the industry. 

A new proposal from the National Institute of Standards and Technology (NIST) has been proposed to protect people's digital identities from fraud by developing some guidelines. One of them is banning password requirements, which cybersecurity experts have long considered obsolete. It is no longer necessary to request special characters, like "%" and "$," for instance, for some type of input. It is also no longer necessary to ask users to identify their children's favourite pet or their first pet as security questions.

First and foremost, it is important to understand why it is not only ineffective to change the password every six months but can make it more difficult to secure users' accounts. When people are forced to change their passwords every few months or so due to security restrictions, they tend to choose the path of least resistance by simply changing a couple of characters within their existing passwords to achieve maximum security. This indeed makes the user's new password easier to remember, however, it also means that hackers who have already accessed a user's system or have run into an existing password they might have used before can easily guess the new password. 

Passwords should be created with a combination of different character types, and they should be changed regularly, these are no longer best practices for password management. It is based on new guidelines that have been released by the United States National Institute of Standards and Technology (NIST), which is charged with developing and releasing guidelines that will assist organizations in keeping their data safe. It was the second public draft of the National Institute of Standards and Technology's Digital Identity Guidelines (SP 800-63-4) that appeared in September of 2024, making these guidelines the latest version that has been published.

For security purposes, it is much better to use strong, unique passwords for each account rather than rotating them as a means of achieving security. There are a variety of letters and numbers that can be used in this system, which means that not just words from the dictionary can be used, which can be picked up by an automated attack program. Furthermore, users should make sure that they don't use any variations on a specific theme in the passwords that they create; don't use variations on a theme (such as "password1" then "password2"). 

It is highly recommended that users always use passphrases instead of traditional passwords if they are really serious about their security. Passphrases are much harder for attackers to guess when compared to traditional passwords. Make sure to check out our blog on how to create a strong password by clicking here. For those who don't want to remember all of their strong unique passwords to keep their online accounts secure, it is recommended to use a password manager like NordPass. 

Because of this, it has become more straightforward to determine whether a password is effective, in comparison to complexity, by measuring its length. Under the guidelines, online services require users to create passwords that are a mix of character types, however, several analyses of breaches of password databases have found that they do not have as great an effect as initially thought. Due to the vast number of online accounts it manages, maintaining a unique password for every single one of them can still be a daunting task, even if users keep their passwords short and memorable at the same time. 

Password managers can play a very important role in preventing this from happening. In addition to this, this type of tool also achieves the goal of archiving all passwords in an encrypted vault that users can access securely, so they don't need to worry about forgetting all their passwords for every account. When a password manager is installed, the user only needs to remember one strong password to access their vault, thus streamlining their online security as well as reducing the risk associated with reusing passwords. 

The password manager is also capable of creating secure, long passwords for the user on their behalf, thereby further enhancing their level of security. It is of course vital to have robust passwords, but they are merely one of the layers of security that must be considered. There are several reasons why two-factor authentication (2FA) may be a viable authentication method. One of these is the fact that it requires a second verification method, such as a code sent to the mobile phone of the user or an authentication app, before giving the user access to their account. 

As long as a hacker has managed to get their hands on the passwords of a user, the 2FA feature is guaranteed to prevent them from gaining access to the user's account even if they manage to obtain the user's passwords. Even though some passwords are compromised, hackers will find it much more difficult to breach users' accounts as a result of this. People tend to make the mistake of selecting easy-to-guess personal information when choosing passwords during the creation process, which is one of the biggest errors they make. 

The information that they disclose could be anything from their name, birth date, or even the name of their favourite sports club they support. Many individuals make the error of using easily accessible personal information in their passwords, such as names, birthdates, or favourite sports teams. This information is often available through social media platforms or public records, making it a convenient target for cybercriminals attempting to gain access to accounts. To minimize this risk, it is highly recommended that personal details be avoided in password creation. 

Instead, users should create complex and unpredictable passwords that are significantly harder for attackers to guess, thereby providing a higher level of security. Another critical mistake is storing passwords in plain text on personal devices. Some individuals may resort to saving passwords in unprotected documents for the sake of convenience, without considering the significant security risks involved. If the device is compromised, these plain text files can be easily accessed, leaving sensitive information vulnerable to unauthorized users. 

A safer alternative is to use password management software, which securely stores passwords while also encrypting them. This adds an essential layer of security and ensures that even if the device is breached, the stored passwords remain protected. It is also crucial for users to pay attention to security notifications issued by websites and online services. These alerts are often triggered by unusual or suspicious activity and serve as an early warning system for potential security breaches. Unfortunately, such warnings are frequently ignored or overlooked, which can leave accounts exposed to further exploitation.

By promptly addressing these notifications, individuals can take immediate action, such as changing passwords or enabling additional security measures, to mitigate the threat before it escalates. Lastly, neglecting to regularly update software and applications can lead to unnecessary security vulnerabilities. Software updates frequently contain critical security patches designed to address newly discovered threats.

By failing to install these updates promptly, individuals leave themselves susceptible to attacks that could have been prevented. Maintaining up-to-date software is an essential practice for ensuring the latest security features are in place, reducing the chances of a successful cyberattack.
Read more »
security measures
breach recovery CrowdStrike CrowdStrike outage Cyber Security IT Security ransomware restoration security measures

Lessons from the CrowdStrike Falcon Sensor Defect: Enhancing Ransomware Recovery and Business Continuity

 


In recent times, a significant IT disruption was caused by a defect in a content update for CrowdStrike’s Falcon sensor, affecting approximately 8.5 million PCs across diverse sectors. This issue, which disrupted organizations ranging from small businesses and global conglomerates to government agencies and hospitals, highlighted severe vulnerabilities in how entities handle large-scale IT failures. The impact was widespread, leading to delayed flights, transaction failures at gas stations and grocery stores, and significant delays in emergency services such as police and fire departments. 

The scale of this disruption serves as a critical reminder of the importance of robust ransomware recovery and business continuity plans (BCPs). Although the immediate cause of the disruption was not a ransomware attack, the parallels between handling this IT issue and responding to ransomware are striking. This event underscores the need for organizations to evaluate and improve their preparedness for various types of cyber threats. One of the key lessons from this incident is the importance of efficient detection. The mean time to detect (MTTD) is a crucial metric that measures how swiftly an organization can identify a security breach. 

The quick identification of the Falcon sensor defect was vital in managing its effects and preventing further damage. Organizations should focus on strengthening their detection systems to ensure they can quickly identify and respond to potential threats. This includes implementing advanced monitoring tools and refining alert mechanisms to reduce response times during a real cyber incident. Recovery and restoration processes are equally critical. After the Falcon sensor issue, organizations had to mobilize their BCPs to recover systems and restore normal operations from backups. This situation emphasizes the need for well-documented, regularly updated, and thoroughly tested recovery plans. 

Businesses must ensure their backup strategies are reliable and that they can quickly restore operations with minimal disruption. Effective recovery plans should include clear procedures for data restoration, system repairs, and communication with stakeholders during a crisis. The incident also highlights the importance of continuous assessment and improvement of an organization’s cybersecurity posture. By analyzing their response to the Falcon sensor defect, organizations can identify gaps in their strategies and address any weaknesses. This involves reviewing incident response plans, updating communication protocols, and enhancing overall resilience to cyber threats. 

Furthermore, the disruption reinforces the need for comprehensive risk management strategies. Organizations should regularly evaluate their exposure to various types of cyber threats, including ransomware, and implement measures to mitigate these risks. This includes investing in cybersecurity training for employees, conducting regular security audits, and staying informed about the latest threat intelligence. 

In conclusion, the CrowdStrike Falcon sensor defect offers valuable lessons for enhancing ransomware recovery and business continuity planning. By learning from this event, organizations can improve their ability to respond to and recover from cyberattacks, ensuring they are better prepared for future threats. Regular updates to BCPs, enhanced detection capabilities, and robust recovery processes are essential for safeguarding against disruptions and maintaining operational resilience in today’s increasingly complex digital landscape.
Read more »
security measures
Account security AT&T Customer Data Cybersecurity measures Data Breach data security Data Theft security measures

AT&T Data Breach: Essential Steps for Victims to Protect Themselves

 

Telecom giant AT&T recently disclosed a massive data breach affecting nearly all of its approximately 110 million customers. If you were a customer between May 2022 and January 2023, there is a high chance your data, including call and text message records, was accessed through an illegal download from a third-party cloud platform. Customers should watch for contact from AT&T or check their accounts for notifications. First, change your password. 

Since your password is likely compromised, update it on both your AT&T account and any other accounts where it was used. While it’s inconvenient, using different passwords for each service is essential. Numerous tools can create secure, randomly generated passwords, and password managers can help you remember them. Also, activate two-factor authentication on your account and any other accounts using the same password. Combining two login methods enhances security. Given the nature of this leak, consider changing your cell phone number as well. Prepare for an increase in spam calls, but the bigger concern is potential scammers.

Be extra cautious about giving out personal details such as banking information or your address over the phone, as these could be cleverly disguised phishing schemes. Stay vigilant online, as even anonymous phone number information can be pieced together by scammers to identify individuals. Treat every email from unfamiliar addresses as suspicious. Additionally, inform your bank about the breach. They can monitor for any suspicious transactions and introduce new security measures to ensure you are contacting your bank, not an imposter.  

Lastly, protect yourself further by using one of the best VPNs to secure your online data. VPNs not only spoof your IP address location but also securely encrypt your data. There are even free VPN plans like ProtonVPN. Many VPNs also include antivirus elements. For instance, NordVPN has its Threat Protection Pro system, which is effective against phishing. A Surfshark One subscription includes dedicated antivirus software and an Alternative ID feature, which allows you to sign up for services online with randomly generated details, including a decoy phone number. With an Alternative ID, you can create accounts for less trustworthy services (or those frequently attacked, like AT&T) with peace of mind. 

This way, you can minimize spam and rest assured that if your details get leaked, you haven’t actually been compromised. Hackers will have nothing to piece together; you can simply disconnect that ID, generate another random identity, and move on securely.
Read more »
security measures
Apps Security Cyber Safety Alert Cyberattacks CyberCrime Cyberflaw Cybersecurity Microsoft MOVEitm Vulnerabilities and Exploits security measures

Android App Security Alert: Proactive Measures to Prevent Unauthorized Control

 


Approximately a billion Android users have been threatened by a new malware infection. The latest security alert comes from Microsoft's team who discovered a new vulnerability that may give hackers complete control of your smartphone. The latest security alert is triggered by the discovery of a new security flaw which can allow hackers complete access to users' devices. 

Security vulnerabilities in multiple Android apps discovered last week by Microsoft could be exploited to gain access to apps and sensitive information on a mobile device without the user's permission. As it turns out, the security flaw is not caused by the system code itself but instead by developers who improperly use the system, leading to loopholes that can be exploited by malicious actors. 

It is important to note that Google has been made aware of this flaw, and it has taken steps to inform the Android app developer community about the issue. This flaw is caused by improper use of Android's content provider system, which facilitates the sharing of structured data sets among different applications via a mechanism called the content provider system. 

To prevent unauthorized access, data leaks, and path traversal attacks, this system incorporates data isolation, URI permissions, and path validation security measures. Earlier this week, Microsoft Threat Intelligence published a post on its Security Blog stating, “Microsoft discovered a path traversal vulnerability pattern related to multiple popular Android apps. 

This vulnerability can be exploited to overwrite files located within the home directory of vulnerable Android applications.” Additionally, the researchers noted that the vulnerability was found in several apps on Google Play with over four billion installations in total, revealing an important fact about the vulnerability. It is possible to bypass these security measures when custom intents, which are messaging objects that facilitate communication between components across multiple Android apps, are implemented incorrectly. 

Intents that are incorrectly implemented include trusting unvalidated filenames and paths, using the 'FileProvider' component incorrectly, and ignoring path validations properly. A malicious application can use Dirty Stream to send manipulated files to another app using a custom intent, but this method requires a custom intent to be used. A malicious application is tricked into trusting a filename or path and executes or stores the file in a critical location after being fooled into believing it.

A common OS-level function can be transformed into a weaponized tool when it is manipulated between two Android apps and may result in unauthorized code execution, data theft, or another malicious outcome resulting from the manipulation of the data stream. 

To secure data exchange between different applications on a smartphone, the content provider system on Android is designed to protect data when a developer incorrectly uses it. Several security measures are used to prevent unauthorised access to the application by apps as well as by anyone else who may be trying to break into the app. These measures include data isolation, URI permissions, and path validation, among others. 

There is one major issue related to the implementation of the system, however, and that is the custom intents component of the system. The various messaging objects in the app are what enable the app to communicate with each other two-way to accomplish their goals. As long as this vulnerability exists, apps can ignore the security measures introduced to prevent data theft, allowing other apps (or hackers under their control) to access sensitive information stored inside of them. Dirty Stream's deviousness comes from how it manipulates the system to exploit it in such a devious way. 

It has been found that hackers have been able to create custom intents to bypass these security measures via messaging objects, which enable communication between components across Android apps, which are distributed across different apps. A malicious app being able to exploit this loophole allows it to send files to another app using a custom intent, allowing harmful code to be sent disguised as legitimate files to sneak into the system. 

Upon a hacker succeeding in fooling a vulnerable app into overwriting critical files within its private storage space, they can then cause the app to be compromised - and the consequences can be devastating. Dirty Stream allows bots to hijack apps, execute unauthorized code, steal data, and even hijack apps without the user being aware of any of this, according to BleepingComputer, which describes it as an OS-level attack tool that can behave like a normal one.  

Xiaomi's File Manager application, which has more than a billion installations worldwide, and WPS Office, which has more than 500 million installs, are two apps which have been highlighted within Microsoft's report as being vulnerable to Dirty Stream attacks. Both companies responded to the findings and collaborated with Microsoft to deploy patches to mitigate the risks posed by the vulnerabilities that had been discovered. 

Through an article published on the Android Developer's website, Microsoft shared its findings regarding similar vulnerabilities with the Android developer community to prevent the disclosure of similar flaws in future releases. Google has recently revised its app security guidelines to underscore prevalent implementation errors within the content provider system, which could potentially facilitate security breaches. 

Regarding end users, while their proactive measures may be limited, there are still actionable steps they can take to bolster their security posture. Primarily, users should prioritize maintaining the latest versions of the applications they utilize, as updates often include patches for known vulnerabilities. Furthermore, users must exercise caution when sourcing applications, avoiding downloading APKs from unofficial third-party app repositories and other inadequately vetted sources. By adhering to these precautions, users can significantly reduce their exposure to security risks associated with app usage on the Android platform.
Read more »
security measures
Cyber Attacks Cybersecurity Breach data security Hotel Chains Ransomware attack Restaurant Chain security measures

Panera Bread and Omni Hotels Hit by Ransomware Outages: What You Need to Know

 

In a tumultuous turn of events, Panera Bread and Omni Hotels were thrust into the chaos of ransomware attacks, unleashing a cascade of disruptions across their operations and customer services. 

Panera Bread, celebrated for its culinary delights and pioneering loyalty programs, found itself in the throes of a massive outage that paralyzed its internal IT infrastructure, communication channels, and customer-facing platforms. The ransomware strike, striking on March 22, 2024, encrypted critical data and applications, plunging employees and patrons into disarray amidst the ensuing turmoil. 

Among the litany of grievances, Panera Sip Club members were left disheartened by their inability to savour the benefits of their subscription, notably the tantalizing offer of unlimited drinks at a monthly fee of $14.99. The frustration reverberating among members underscored the profound repercussions of cyber incidents on customer experience and brand loyalty. 

As of January 23, 2024, Panera Bread and its franchise network boasted an extensive presence with 2,160 cafes sprawled across 48 U.S. states and Ontario, Canada. However, the ransomware onslaught cast a shadow over the company's expansive footprint, laying bare vulnerabilities in cybersecurity defenses and underscoring the imperative for robust incident response protocols. 

In tandem, Omni Hotels grappled with a parallel crisis as ransomware-induced IT outages wreaked havoc on reservation systems and guest services. The bygone week witnessed a flurry of disruptions, from protracted check-in delays averaging two hours to resorting to manual interventions to grant access to guest rooms. 

The financial fallout of these cyber calamities remains nebulous, yet the toll on customer trust and brand reputation is palpable. The opacity shrouding the attacks has only exacerbated apprehensions among employees and patrons alike, accentuating the exigency for fortified cybersecurity measures and transparent communication strategies.

Amidst the evolving threat landscape, organizations must fortify their cybersecurity defenses and hone proactive strategies to avert the pernicious impact of cyber threats. From regular data backups and comprehensive employee training to the formulation of robust incident response blueprints, preemptive measures are pivotal in blunting the impact of cyber onslaughts and fortifying resilience against future incursions. 

The ransomware assaults on Panera Bread and Omni Hotels serve as poignant reminders of the pervasive menace posed by cyber adversaries. By assimilating the lessons gleaned from these incidents and orchestrating proactive cybersecurity initiatives, businesses can bolster their resilience and safeguard the interests of stakeholders, employees, and patrons alike.
Read more »
security measures
Cyber Security cybersecurity incidents Malware Attack Malware prevention steps Security Guidelines security measures

Insights into Recent Malware Attacks: Key Learnings and Prevention Strategies

 

In an era where cybersecurity threats loom large, recent malware attacks have underscored the critical need for robust protective measures. Understanding the modus operandi of these attacks and learning from them can empower individuals and organizations to bolster their defenses effectively. 

Let's delve into the biggest takeaways from these incidents and explore preventive strategies to safeguard against future threats. One of the striking revelations from recent malware attacks is the evolving sophistication of malicious actors. Advanced techniques such as polymorphic malware, which can change its code to evade detection, pose significant challenges to traditional security protocols. This highlights the importance of investing in next-generation cybersecurity solutions capable of adaptive threat detection and mitigation. 

Furthermore, the rise of ransomware attacks has been particularly alarming. These attacks encrypt valuable data and demand a ransom for its release, often causing substantial financial losses and operational disruptions. Implementing a multi-layered defense strategy encompassing regular data backups, network segmentation, and employee training on phishing awareness can mitigate the risk of falling victim to ransomware extortion. 

Additionally, the proliferation of supply chain attacks has raised concerns about the interconnected nature of modern digital ecosystems. Attackers target third-party vendors and service providers to infiltrate their primary targets indirectly. Vigilance in vetting and monitoring supply chain partners, along with implementing robust access controls and encryption protocols, is paramount to mitigating this threat. Moreover, the exploitation of software vulnerabilities underscores the importance of timely patch management and software updates. 

Neglecting to patch known vulnerabilities provides attackers with an entry point to exploit systems and compromise sensitive data. Establishing a proactive patch management framework that prioritizes critical vulnerabilities and expedites the deployment of patches can significantly enhance cybersecurity posture. Social engineering tactics remain a prevalent avenue for malware dissemination, emphasizing the crucial role of user education and awareness. Phishing emails, fraudulent websites, and deceptive messages continue to lure unsuspecting individuals into inadvertently downloading malware or divulging sensitive information. 

Educating users on recognizing and reporting suspicious activities, coupled with implementing email filtering and web security solutions, can mitigate the effectiveness of social engineering attacks. Furthermore, the emergence of fileless malware represents a significant paradigm shift in cyber threats. By residing solely in system memory without leaving a footprint on disk, fileless malware evades traditional antivirus detection mechanisms. Deploying endpoint detection and response (EDR) solutions capable of behavior-based anomaly detection and memory analysis can effectively identify and neutralize fileless malware threats. 

In conclusion, recent malware attacks serve as potent reminders of the evolving threat landscape and the imperative of proactive cybersecurity measures. By staying abreast of emerging threats, investing in cutting-edge security technologies, fostering a culture of cybersecurity awareness, and adopting a multi-faceted defense approach, individuals and organizations can fortify their resilience against malicious actors. As the digital landscape continues to evolve, continuous vigilance and adaptation are essential to staying one step ahead of cyber adversaries.
Read more »
Tips
Cyber Security Cybersecurity Defense hack Microsoft Prevention proactive Protection safeguard security measures Tips

Protect Yourself: Tips to Avoid Becoming the Next Target of a Microsoft Hack

 

The realm of cybersecurity, particularly within the Microsoft 365 environment, is in a constant state of evolution. Recent events involving major tech firms and cybersecurity entities underscore a crucial truth: grasping security best practices for Microsoft 365 isn't synonymous with effectively putting them into action.

According to Kaspersky, 2023 witnessed a significant 53% surge in cyber threats targeting documents, notably Microsoft Office documents, on a daily basis. Attackers increasingly employed riskier tactics, such as surreptitiously infiltrating systems through backdoors. 

For instance, in one scenario, a non-production test account lacking multifactor authentication (2FA/MFA) fell victim to exploitation, while in another case, a backdoor was implanted into a file, initiating a supply chain attack. These incidents serve as stark reminders that even seemingly low-risk accounts and trusted updates within Microsoft 365 can serve as conduits for security breaches if not adequately safeguarded and monitored.

Despite the profound expertise within organizations, these targeted entities succumbed to advanced cyberattacks, highlighting the pressing need for meticulous implementation of security protocols within the Microsoft 365 realm.

The domain of artificial intelligence (AI) has experienced exponential growth in recent years, permeating nearly every aspect of technology. In this era dominated by AI and large language models (LLMs), sophisticated AI models can enhance cloud security measures. AI is rapidly becoming standard practice, compelling organizations to integrate it into their frameworks. By fine-tuning AI algorithms with specialized domain knowledge, organizations can gain actionable insights and predictive capabilities to preemptively detect and address potential security threats. These proactive strategies empower organizations to effectively safeguard their digital assets.

However, the proliferation of AI also heightens the necessity for robust cloud security. Just as ethical practitioners utilize AI to advance technological frontiers, malicious actors leverage AI to unearth organizational vulnerabilities and devise more sophisticated attacks. Open-source LLM models available online can be utilized to orchestrate intricate attacks and enhance red-team and blue-team exercises. Whether wielded for benevolent or malevolent purposes, AI significantly influences cybersecurity today, necessitating organizations to comprehend its dual implications.

Ways to Enhance Your Security

As digital threats grow increasingly sophisticated and the ramifications of a single breach extend across multiple organizations, the imperative for vigilance, proactive security management, and continuous monitoring within Microsoft 365 has never been more pronounced.

One approach involves scrutinizing access control policies comprehensively. Orphaned elements can serve as goldmines for cybercriminals. For example, a departing employee's access to sales-related data across email, SharePoint, OneDrive, and other platforms must be promptly revoked and monitored to prevent unauthorized access. Regular audits and updates of access control policies for critical data elements are indispensable.

Moreover, reviewing delegations and managing permissions consistently is imperative. Delegating authentication credentials is vital for onboarding new programs or personnel, but these delegations must be regularly assessed and adjusted over time. Similarly, ensuring segregation of duties and deviations is crucial to prevent any single individual from wielding excessive control. Many organizations grapple with excessive permissions or outdated delegations, heightening the risk of cybersecurity breaches. Emphasizing delegation and segregation of duties fosters accountability and transparency.

Maintaining oversight over the cloud environment is another imperative. Solutions supporting cloud governance can enforce stringent security policies and streamline management processes. When selecting a cloud governance provider, organizations must exercise discernment as their chosen partner will wield access to their most sensitive assets. Security should be viewed as a layered approach; augmenting layers enhances governance without compromising productivity or workflows.

Given the alarming frequency of security breaches targeting Microsoft 365, it's evident that conventional security paradigms no longer suffice. Gone are the days when basic antivirus software provided ample protection; technological advancements necessitate significant enhancements to our defense mechanisms.

Implementing rigorous security measures, conducting regular audits, and upholding governance can markedly fortify an organization's defense against cyber threats. By remaining vigilant and proactive, it's feasible to mitigate security risks and shield critical data assets from potential breaches before they inflict harm on organizations or their clientele.
Read more »
security measures
Axie Infinity co-founder crypto community cryptocurrency theft Cyber Security Cybersecurity Breach Digital Assets Hackers personal accounts security measures

Hackers Steal Nearly $10 Million from Axie Infinity Co-founder’s Personal Accounts

 

A significant amount of cryptocurrency, valued at nearly $10 million, has been reported stolen from personal accounts belonging to Jeff "Jihoz" Zirlin, one of the co-founders associated with the video game Axie Infinity and its affiliated Ronin Network.

According to reports, Zirlin's wallets were compromised, resulting in the theft of 3,248 ethereum coins, equivalent to approximately $9.7 million. Zirlin took to social media to confirm the incident, stating that two of his accounts had been breached. 

However, he emphasized that the attack solely targeted his personal accounts and did not affect the validation or operations of the Ronin chain or Axie Infinity,as reiterated by Aleksander Larsen, another co-founder of the Ronin Network.

The method through which the intruders gained access to Zirlin's wallets remains unclear. The Ronin Network serves as the underlying infrastructure for Axie Infinity, a game renowned for its play-to-earn model based on ethereum, particularly popular in Southeast Asia. 

Notably, the system had previously fallen victim to a $600 million cryptocurrency heist in March 2022, an attack attributed by U.S. prosecutors to the Lazarus Group, a cybercrime operation allegedly backed by North Korea.

Analysts tracking the recent theft traced the stolen funds to activity on Tornado Cash, a cryptocurrency mixer designed to obfuscate the origin of funds. It's worth noting that Lazarus had previously utilized this mixer to launder proceeds from the 2022 hack. The U.S. government, in response, had separately imposed sanctions on Tornado Cash.

Blockchain investigator PeckShield described the incident as a "wallet compromise," indicating a breach in security measures. Despite the breach, Zirlin assured stakeholders of the stringent security protocols in place for all activities related to the Ronin chain.
Read more »
Subscribe to: Posts (Atom)