We have collected the most important cybersecurity news over the past two weeks.
- Hackers have again hacked the DeFi protocol Cream Finance.
- Another ransomware operator has ceased operations.
- Pavel Durov criticised Apple and Google for information censorship.
The DeFi protocol Cream Finance has once again fallen victim to a hacking attack
Earlier this week it emerged of an attack on the Cream Finance protocol, in which hackers stole more than $18 million, exploiting a bug in the smart contract.
The project developers promised to reimburse the losses. To this end they intend to allocate 20% of fees until the full amount of losses is repaid. Later it emerged that Cream Finance will integrate with the Moonbeam smart contract platform on Polkadot.
This is not the first breach of Cream Finance. In February, a hacker drained tokens worth $37.5 million.
Ragnarok ransomware has ceased operations
The operators behind the Ragnarok ransomware announced their shutdown, according to Bleeping Computer.
In addition, they released a tool to decrypt victims’ files.
Pavel Durov warned of loss of freedom in the digital world
The Telegram founder Pavel Durov criticised tech giants Apple and Google for information censorship, and Visa and Mastercard for restricting what goods and services people can pay for.
He said that twenty years ago the world had a decentralized internet and a relatively unrestricted banking system, but every year we yield more power and control over our lives to a handful of irresponsible corporate executives we did not elect.
Durov called smartphones “surveillance devices,” through which users “allow corporations to use their personal data for targeted content that distracts us with low-quality entertainment”.
“I wonder what will be the legacy of our generation. Will we enter history as those who allowed a free society to become a dark nightmare? Or will we be remembered as those who defended the freedoms for which previous generations fought so hard?”
The attacker stole more than 600,000 photos and videos from iCloud accounts
A resident of Los Angeles pleaded guilty to illicitly obtaining access to users’ personal data.
He offered iCloud hacking services with accomplices. Posing as Apple support representatives, they contacted victims and, once they gained access to their accounts, stole photos and videos.
According to the outlets, the FBI found more than 500,000 fraudulent emails, and credentials for about 4,700 iCloud accounts. In the defendant’s Dropbox account they found about 620,000 photos and 9,000 videos, totaling more than 1 TB.
Hackers claim to have stolen 1 GB of data from Puma
On the dark net marketplace Marketo, there is a listing offering data allegedly stolen from the sportswear manufacturer Puma.
As reported by Security Affairs, the attackers say they stole about 1 GB of data from the company. They will be sold via auction.
Code-analysing experts found evidence that the files could have been stolen as a result of a data leak at a third-party software provider.
More than 38 million Microsoft Power Apps user records exposed
UpGuard researchers found in the open that more than 38 million records of users of various organisations working with the Microsoft Power Apps platform were exposed.
As a result of the leak, a large amount of data was exposed, including personal information used to track COVID-19 contacts, Social Security numbers, employee identifiers, and millions of names and email addresses.
The company notified Microsoft, which has taken steps to mitigate the incident.
WhatsApp fined €225 million in Ireland for insufficient data-processing transparency
The Irish Data Protection Commission fined WhatsApp €225 million for insufficient transparency to users regarding how their data was processed under the GDPR.
In the regulator’s view, the messenger did not provide enough information about how collected user data were processed.
Also on ForkLog:
- Roskomnadzor blocked six VPN services.
- “Daughter” Nokia became a victim of Conti ransomware.
- Hackers stole hot wallets from Bilaxy exchange.
- Phishing attack on an NFT project yielded the hacker more than a million dollars.
- Hackers, posing as game developers, stole bitcoin wallet data in 45 countries.
What to read this weekend?
In 2021, ransomware threats entered the public discourse amid rising ransomware attacks. Read about what lies behind this wave and how it may affect Bitcoin in ForkLog’s exclusive.
Follow ForkLog’s Bitcoin news in our Telegram — cryptocurrency news, prices and analysis.