Ledger data leaked online; malware masquerading as Cyberpunk 2077 and other cybersecurity developments

We have gathered the most important cybersecurity news of the week.

Ledger data of millions of users exposed

The Ledger hardware-wallet user database was exposed publicly. It contains email and home addresses, as well as phone numbers.

The data breach occurred in June — an unknown actor gained access via an API key. In October, on a forum, it was purchased by an unknown user under the nickname hyperdrill. The alleged price was 5 BTC.

However, the database resurfaced again — sold by another person at lower prices.

Ledger users later reported a phishing attack demanding an urgent update. In December, hackers sent new notifications to customers with phishing links on behalf of Ledger CEO Pascal Gauthier.

Gauthier, commenting on the large data leak, said that users should not expect compensation.

Users themselves are already receiving threats of physical harm via email.

Freedom Finance client data leaked online

Information on more than 16 thousand clients of FreedomFinance leaked online. The seller of the database asserts that some of them are accredited investors.

The published sample of the database contains passport data, residential addresses, bank statements with account numbers and balances.

ACLU seeks FBI data on phone hacking in court

The American Civil Liberties Union (ACLU) filed a court request to the U.S. Department of Justice and the FBI regarding technologies enabling access to information on locked devices, and the unit that handles this.

Our privacy and security are at stake. https://t.co/TMSAKBMm5g

— ACLU (@ACLU) December 22, 2020

According to ACLU, the FBI’s Electronic Devices Analysis Unit (EDAU) has purchased or plans to purchase software to unlock and decrypt information on mobile devices.

In response to ACLU requests, the FBI gave what is known as a “Glomar response” — i.e., refused to confirm or deny the information.

«Now is the time to take cybersecurity seriously and put an end to any plans to weaken encryption», said the ACLU.

Russia among top three for surveillance cameras

Russia ranked third in the world for surveillance cameras, trailing behind China and the United States.

According to TelecomDaily, Russia has a total of 13.5 million cameras — 93.2 per thousand people.

Most (59%) are installed by organisations for security, nearly 33% funded by the state, and 8% installed by individuals.

Microsoft- and McAfee-led group to tackle ransomware

Nineteen cybersecurity companies and organisations will join the Ransomware Task Force. Together they will consider solutions to defend against ransomware attacks.

Microsoft and McAfee will lead the new coalition.

Malware spread via fake Cyberpunk 2077 Android beta

Kaspersky Lab specialists discovered ransomware masquerading as a beta version of the Android game Cyberpunk 2077.

The malware spread via a site designed to resemble Google Play. After installation, the app requested access to files. When granted, the next screen displayed a ransom note demanding $500 in Bitcoin.

Subsequently, experts found that files could be recovered without the attackers’ help.

The authors also distribute fake Cyberpunk 2077 with ransomware for Windows. In this case, specialists could not recover the encrypted files themselves.

Firefox to add anti-tracking protection

The new Firefox 85, due in January 2021, will include Network Partitioning. It aims to protect against tracking users as they move across sites.

SolarWinds breach: continuing fallout

The scale of the SolarWinds hack, described as the largest breach of U.S. systems in the last decade, continues to grow.

Victims of the attack include numerous companies, hospitals, banks, universities and many more. Among them were Cisco, Intel, Deloitte, Nvidia, Fujitsu, Rakuten and Check Point.

As Senator Ron Wyden stated, hackers compromised dozens of U.S. Treasury email accounts.

«The time has come to take cybersecurity seriously and put an end to any plans to weaken encryption», — said the ACLU.

President-elect Joe Biden pledged to respond to the cyberattack.

“This attack constitutes a grave risk for our national security,” President-elect Biden says about the massive Russian cyberattack on the U.S. pic.twitter.com/yPFAUYjb8n

— CNBC (@CNBC) December 22, 2020

Also on ForkLog:

• EXMO exchange was hacked.
• Nexus Mutual founder revealed details of an $8 million hack.
• Hackers attacked 1,000 computers belonging to fragrance producer Symrise.
• Owner of BitGrail suspected of hacking his own Bitcoin exchange.
• Human Rights Foundation discussed how Bitcoin helps protect people’s rights and freedoms.

What to read this weekend?

Clearview AI had long remained largely secret. Yet its facial recognition system was used by hundreds of law enforcement agencies in the United States and private organisations, including well beyond the United States.

ForkLog investigated the Clearview story and found out what risks to civil liberties are associated with facial-recognition systems.

Subscribe to ForkLog’s news on Telegram: ForkLog Feed — full news feed, ForkLog — the most important news and polls.