Attacks on DeFi projects, 30 billion rubles for a ‘sovereign Runet’ and other cybersecurity events

We have gathered the most important cybersecurity news of the week.

Russian authorities propose allocating more than 30 billion rubles for the ‘sovereign Runet’

For funding the maintenance of the Russian Internet segment by 2024, authorities plan to allocate more than 30 billion rubles, according to the draft federal budget law for 2022 and the planned period for 2023 and 2024, РБК.

The government approved the draft this week and it will be submitted to the State Duma by October 1.

Mozilla criticizes Chrome’s new feature over potential privacy violations

This week, Chrome developers unveiled its new version. One of the updates drew criticism from some experts who considered it potentially violating privacy.

It concerns Idle Detection, which provides sites with information about a user’s inactivity.

Leading Mozilla web standards expert Tantek Celik believes that Idle Detection violates user privacy because it would allow tracking of physical behaviour, “recognising daily rhythms (for example, lunchtime) and using this for active psychological manipulations (hunger, emotions, choices)”.

Media reveal FBI concealed possession of decryption key for REvil-compromised files

The US FBI possessed the decryption key for nearly three weeks for files compromised by REvil hackers before sharing it with affected companies, according to The Washington Post.

Law enforcement obtained the key through access to the hackers’ servers. They planned to conduct an operation to dismantle REvil and hid the fact of possession of the key to avoid disclosing investigation details to the hackers.

However, on July 13, the REvil dark net sites suddenly went offline. As The Washington Post reports, without US government intervention.

Having not carried out the operation, the FBI shared the key with the Kaseya software developer, previously attacked by REvil ransomware. The company noted that it would provide the decryptor to affected clients on request. However, the delay caused by the FBI’s actions resulted in substantial losses for many victims, the publication notes.

Earlier this week, Bitdefender published a universal tool for decrypting files affected by REvil attacks up to July 13.

Several DeFi projects were hit by hacker attacks

On September 19, it emerged that the cross-chain DeFi protocol pNetwork suffered a breach. The hacker exploited a code vulnerability and withdrew 277 BTC (about $11.4 million at the time of writing).

The developers offered the hacker a reward for returning the funds and said they had prepared a patch.

A few days later the attack hit the lending platform Vee.Finance. The attackers withdrew crypto assets from the platform worth about $35 million.

Roskomnadzor has begun forming a registry of social networks

Roskomnadzor has begun forming a registry of social networks to monitor compliance with Russian law.

Currently, it includes Facebook, Twitter, Instagram, TikTok, Likee, YouTube, VKontakte and Odnoklassniki.

From February 1, a law has come into force in the Russian Federation obliging social networks to independently identify and block illegal content.

For failing to delete content deemed illegal in Russia, many social networks have already been fined. In September, representatives of Moscow’s Tagansky Court stated that Google and TikTok are the only foreign companies that voluntarily pay the prescribed fines.

Also on ForkLog:

• Zcash developers will improve the scalability and privacy of Filecoin and Ethereum.
• Unknown actors gained access to the Bitcoin.org site and posted a fraudulent cryptocurrency airdrop advertisement.
• The BlackMatter group demanded $5.9 million in cryptocurrency from a United States food company.
• The Russian Prosecutor General called on colleagues to coordinate the fight against hacker attacks and the criminal circulation of cryptocurrencies.

What to read this weekend?

Lawyers explained what content social networks are required to track under Russian law and how companies should implement it.

Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.