Brazil Blocks X, Infostealer Targets Ethereum Wallets, and Other Cybersecurity Events

We have compiled the most significant cybersecurity news of the week.

Brazil Blocks X

The social network X, owned by Elon Musk, has been blocked in Brazil by court order due to the absence of a legal representative of the company in the country, reports The New York Times.

The standoff with local authorities lasted several months, with the platform accused of spreading misinformation. On Friday, August 30, Musk refused to delete certain accounts at the judge’s request, calling the order “illegal.”

Free speech is the bedrock of democracy and an unelected pseudo-judge in Brazil is destroying it for political purposes https://t.co/eqbowALCeu

— Elon Musk (@elonmusk) August 30, 2024

“Free speech is the bedrock of democracy, and an unelected pseudo-judge in Brazil is destroying it for political purposes,” he wrote.

Fines of 50,000 reals ($8,900) are imposed for bypassing the X block in Brazil, according to BBC.

US Offers $2.5 Million for Belarusian Hacker

The US Department of State and the Secret Service announced a reward of $2.5 million for information on the whereabouts of hacker Vladimir Kadariya (aliases Stalin, Eseb, baxus), accused of electronic and computer fraud.

According to authorities, the 38-year-old Belarusian citizen distributed various malware online from October 2013 to March 2022, including the Angler Exploit Kit. Kadariya was an accomplice of Maxim Silnikov.

The suspect used multiple monetization channels, including selling “logs” of stolen data to other cybercriminals and selling direct access to systems compromised by the Angler Exploit Kit.

Meduza Infostealer Attacked Russian Corporations’ Crypto Wallets

Researchers at BI.ZONE discovered the hacker group Stone Wolf using the commercial infostealer Meduza to attack Russian organizations.

The malware spreads through phishing emails from a legitimate company in the industrial automation sector.

Once on the victim’s computer, it collects system information: OS version, device name, external IP, screen resolution, time, processor, RAM, and graphics adapter details.

Meduza also has the capability to steal credentials from Outlook, browsers, cryptocurrency wallets (Coinomi, Exodus), Telegram and Steam sessions, Discord tokens, password managers, and can read the list of active processes and installed applications.

The stealer has been sold on hacker forums since June 2023, priced from $199 for a month of use.

Zuckerberg Reveals Facebook Was Pressured into Censorship by the White House

Meta CEO Mark Zuckerberg admitted that the Biden-Harris administration pressured Facebook to censor content on the platform, particularly regarding the COVID-19 pandemic. He disclosed this in a letter to House Judiciary Committee Chairman Jim Jordan.

Zuckerberg also wrote about the suppression of the Hunter Biden laptop story.

When Facebook disagreed with the censorship, the presidential administration expressed strong disappointment. However, ultimately, the decisions to remove content were made by the social network’s team, added the head of Meta. 

“With the benefit of hindsight and new information, we would not make some of those decisions today. I believe the government’s pressure was wrong, and I regret that we did not speak more openly about it,” wrote Zuckerberg. 

USDoD Hacker Gives Interview After Doxxing

The hacker behind the massive leak of social security numbers from National Public Data and the breach of the FBI’s InfraGard portal, known as USDoD, revealed his identity as 33-year-old Brazilian citizen Luan Ji. An interview with him was published by Hackread.

NEW: The infamous #USDoD hacker behind the FBI’s InfraGard and National Public Data breaches, leaking 3.2 billion SSNs, reveals his identity as a Brazilian citizen.#CyberSecurity #CyberCrime #Brazil

Read: https://t.co/jwqisNbtHU

— Hackread.com (@HackRead) August 23, 2024

According to USDoD, cybersecurity company CrowdStrike was involved in his doxxing, recently in the news due to a global Windows device outage caused by its software update. 

Luan Ji also spoke about his desire to leave the world of cybercrime and do something beneficial for Brazil. Local media provided a detailed account of the perpetrator’s story.

Czech Hackers Created Virus for Cloning Bank Cards and Stealing Funds

Specialists from ESET discovered the NGate virus for Android, which transmits NFC information from the victim’s payment cards to the attacker’s device. These data are then used to emulate the original card and withdraw money from an ATM.

The group operated from November 2023 in the Czech Republic. Bait messages for installing the malware were sent to random phone numbers and targeted clients of three local banks. NGate was never uploaded to the official Google Play store.

The phishing activity ceased after a suspect’s arrest in March 2024. He was found with 160,000 Czech korunas (~$6,500) stolen from the last three victims. Investigators believe the total damage is much higher.

Russian Telecom Operators Banned from Speeding Up YouTube

The “Main Radio Frequency Center” under Roskomnadzor demanded that telecom operators refrain from using technologies that “distort, fragment, or substitute internet traffic,” which make prohibited information in Russia accessible. This was reported by Kommersant, which reviewed the corresponding letter.

Previously, several providers resorted to various methods to speed up the YouTube video hosting service.

The regulator intends to prevent interference with the operation of technical means to counter threats and requires operators to report on the measures taken by September 2.

Also on ForkLog:

• A cryptocurrency scammer who underwent plastic surgery was arrested in South Korea.
• Since the beginning of the year, the crypto industry’s losses from hacks and fraud have exceeded $1.2 billion.
• The daughter of a Russian billionaire lost bitcoins worth 112 million rubles.
• The closed Inferno Drainer resumed activity amid a bull market.
• A user made a 4330-fold profit on a fake MBAPPE token.
• The TON team faced repeated blockchain failures.
• The WSJ learned about the hacking of Durov’s iPhone by the authorities of France and the UAE.
• Russia will spend 10.6 billion rubles on de-anonymizing bitcoin holders.
• The SEC charged the creators of a $60 million bitcoin pyramid scheme.
• Media: Binance blocked some client accounts from Palestine.
• The former head of Heartland Tri-State was convicted of stealing $47 million to buy cryptocurrency.
• Discord channels of Avalanche and ZKsync were hacked to promote scams.
• Tether helped law enforcement recover 108 million USDT since 2014.
• Telegram Wallet users lost funds due to phishing.

What to Read Over the Weekend?

We discuss the future of neurotechnologies and their dark side.