Last Week In Blockchain and CyberSecurity News - April 2, 2019

Crypto Exchange Bithumb Reportedly Hacked of Almost $19 Million in EOS, XRP 

On March 29th Bithumb’s monitoring system alerted company officials regarding abnormal withdrawals within the exchange. In an updated blog post, Bithumb stated the incident is an “accident involving insiders.” More than 3 million EOS (about $12.5 million) and 20 million Ripple (about $6.2 million) has been stolen from the exchange. Bithumb pointed out that all the funds which have been stolen were those of the exchange, and that user balances are safely stored in a cold wallet. They state that it is their fault that “they only focused on defense of outside attack[s] and “lacked verification of internal staff.” This marks the second hack Bithumb has experienced in under a year. Bithumb is currently investigating the incident along with the cyber police agency and other cybersecurity companies.  

Read more

Toyota Announces Second Security Breach in The Last Five Weeks 

For the second time in the past five weeks, Toyota has experienced another data breach. In the most recent incident, Toyota says in a statement hackers gained unauthorized access to data for several of its sales subsidiaries based in Tokyo. The servers stored sales information on up to 3.1 million Toyota and Lexus customers. The data accessed included names, addresses, birthdays, employment information, and more. As Toyota has not provided more details regarding the hacks, many raise the question of how they are handling the incident. The hack last month brought down Toyota Australia’s ability to manage sales and deliver new cars.  

Read more here

Singapore-Based Crypto Exchange DragonEx Hacked 

DragonEx experienced a hack that took place on March 24.  According to their blog post, DragonEx suffered an APT attack. An APT (Advanced Persistent Threat) attack is a “broad term used to describe an attack campaign in which an intruder, or team of intruders, establishes an illicit, long-term presence on a network in order to mine highly sensitive data (Incapsula). Attackers were able to get away with $7.09 Million (based on when it was hacked). The lost funds include 135 Bitcoins, 2,738.12 Ether, 247,000 XRP, 1,464,319.32 USDT, 64,121.00 XEM, and 426,314.70 EOS, among others. DragonEx is attempting to track and retrieve the stolen funds; however, it seems unlikely they will be successful in their attempts. To compensate affected users “DragonEx will issue 7 million USDT value of DB, Dragon Bond which is 1:1 with USDT. The stolen assets of users will be calculated at the price when it was hacked, DragonEx will compensate 10% of the stolen assets as original currencies, and the other 90% will be compensated with DB.” They will also seek outside financing which would allow them to purchase back all stolen assets for users.  

Get more information here

Office Depot rigged PC Malware Scans to Sell Unneeded $300 Tech Support 

According to the Federal Trade Commission, Office Depot and a partner company deceived customers into buying unnecessary tech support. Office Depot and the partner company would offer a free virus scan that claims the customer's computer is infected with malware even if it wasn’t. According to the FTC, Office Depot scammed customers out of millions of dollars for computer repair services between 2009 and November 2016. When a customer would conduct a scan, they would be “asked if they experienced PC problems such as repeated crashes or slowness. Any “yes” answer in that survey guaranteed that the program would flag a problem with the user's computer.” Many of the repair services from Office Depot and other stores could cost up to $300. Office Depot has agreed to pay $25 million, and their partner company Support.com has agreed to pay the additional $10 million.  

Read more here
 

ASUS Software Updates Unknowingly Used to Spread Malware 

According to researchers at cybersecurity firm Kaspersky Lab, ASUS, one of the world's largest computer makers, was used to distribute malware to about 1 million computers unknowingly. The malware was disguised as a “critical” software update and signed using a real ASUS certificate, making it appear to be valid. The campaign has been estimated to have run between June and November 2018.  While it is not clear what the hackers were particularly after, some specific ASUS customers were targeted as the malware had special instructions for 600 systems. By targeting individual MAC addresses, hackers would detect and install more malicious programs to further infect those systems. Kaspersky labs state the methods used against ASUS matches those against CCleaner and the ShadowPad supply chain attack from 2017 that affected NetSarang. Dubbed ShadowHammer, Kaspersky Kaspersky also provides an offline utility and an online web checker for users who want to check if Operation ShadowHammer has impacted their computer. 

Read more here