We have compiled the most significant cybersecurity news of the week.
- €94,000 in cryptocurrencies seized from the darknet marketplace Nemesis Market.
- A flaw in Apple’s chip threatens the security of encrypted data.
- A vulnerability has been revealed that allows hotel and private home doors to be unlocked.
- Plans to censor Telegram have been announced in Ukraine and Russia.
€94,000 in Cryptocurrencies Seized from Nemesis Market
On March 20, the BKA seized the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania, disrupting its operations. The police confiscated digital assets worth €94,000.
Founded in 2021, the platform traded in drugs, stolen data, credit cards, and cybercriminal services, including ransomware, phishing, and DDoS. Payments were accepted in Bitcoin and Monero.
At its peak, Nemesis Market had over 150,000 user accounts and 1,100 vendor accounts worldwide, with about 20% located in Germany.
The investigation into the darknet marketplace began in October 2022.
The BKA did not specify whether the server administrators or platform operators were identified or arrested. However, the seized data will aid law enforcement in identifying them.
Apple Chip Flaw Threatens Encrypted Data Security
A group of American scientists discovered an “unpatchable” vulnerability in Apple’s M series chips that allows hackers to access secret keys and encrypted data on Mac computers.
They named the flaw GoFetch, identifying it as a side-channel exploit when Apple’s chips execute widely used cryptographic protocols.
According to the scientists, the issue lies at the microarchitecture design level, making it “unfixable.” Using third-party cryptographic software can significantly reduce the performance of Apple’s M series chips.
The exploit works seamlessly in the user environment and requires only standard privileges similar to regular applications.
Vulnerability Allows Hotel and Home Doors to Be Unlocked
Researchers from the US have publicly disclosed for the first time a technique to hack several models of locks with RFID keys from the Saflok brand, manufactured by Swiss company Dormakaba. This was reported by Wired.
The group of vulnerabilities, named Unsaflok, allows the reading of an original key card to determine the necessary data to unlock the lock and forge a working master key consisting of two cards.
Any RFID duplicator, including Proxmark3 or Flipper, and even an Android smartphone with NFC, can be used to create the forgery.
When exploiting the vulnerability, the first card rewrites the lock’s data, and the second opens it.
Saflok systems are installed in 13,000 hotels and homes in 131 countries worldwide.
Researchers first discovered the vulnerability in September 2022 during a closed hackathon in Las Vegas. They shared these findings with Dormakaba without public disclosure.
Despite the supplier’s quick response and the start of a global device update, over 64% remain vulnerable.
GitHub Introduces AI Tool for Fixing Code Vulnerabilities
GitHub’s new AI-based feature allows for the automatic fixing of code vulnerabilities.
Code Scanning Autofix operates on GitHub Copilot and CodeQL, capable of handling over 90% of alert types in JavaScript, Typescript, Java, and Python. It then provides potential fixes in the code with minimal or no editing.
GitHub warns that the tool’s suggested edits may only partially address the security vulnerability or not preserve the intended functionality of the code. Developers are advised to thoroughly review them.
In the coming months, GitHub will add support for C# and Go languages.
Code Scanning Autofix is in public beta and is automatically enabled in all private repositories for GitHub Advanced Security clients.
Plans for Telegram Censorship Announced in Ukraine and Russia
Ukrainian MP Mykola Kniazhytskyi has initiated a bill to regulate Telegram and other messengers.
His proposals include:
- A ban on distributing illegal materials, including justifying Russian aggression;
- A requirement to disclose the ownership structure and funding sources of Telegram channels upon request;
- If this information is not disclosed, a ban on using the messenger by government bodies and financial institutions processing Ukrainian data.
Kniazhytskyi is currently gathering signatures for his initiative.
Meanwhile, the Russian ROCIT sent an appeal to Pavel Durov about the need for Telegram to combat fake news.
To achieve this, they request:
- Adding a “Disinformation” category to the complaint mechanism for Telegram channel content;
- Requiring support services to prioritize these messages and implement measures against systematic violators;
- Introducing a “Fake News” label that will be forcibly displayed next to the channel name, and a ban on forwarding content published in it.
The organization also reminded Durov of the need to comply with the so-called “landing law,” threatening “enforcement measures” that could “inconvenience Russian Telegram users.”
Ukrainian Police Arrest Hackers of Over 100 Million Emails and Instagram Accounts
Police in the Kharkiv region halted the activities of three hackers who sold access to accounts they compromised. Over a year, they used brute force to hack more than 100 million emails and Instagram profiles. These accounts were later used for fraud.
The cybercriminals operated from different cities, receiving instructions from their leader.
During searches, 70 computers, 14 phones, bank cards, and cash were seized.
The suspects are charged with unauthorized interference in information systems. They face up to 15 years in prison.
Additionally, the police will investigate whether the hackers used the stolen accounts in the interests of Russia.
Also on ForkLog:
- Kyrgyzstan’s Four Dragons Bitcoin exchange shared details of a hack.
- A vulnerability in the IFTTT auto-posting service led to the hacking of crypto influencers on X.
- A white hat hacker exploited the Telegram game Super Sushi Samurai for $4.6 million.
- AirDAO reported a $1 million platform hack.
- UN: Half of North Korea’s foreign currency income comes from cyberattacks.
- Media: Ethereum Foundation received a confidential request from an unnamed government agency.
- X accounts of Trezor and TON blockchain were hacked to promote scams.
- Tornado Cash developer accused of laundering $1.2 billion.
- Bloomberg: Binance urged prime brokers to tighten client checks.
- Nigeria requested Binance data on all users from the country.
- The “Red Admin” of WEX case verdict is now final.
- Milady founder reported a hack of NFT wallets.
- The creator of meme coin Slerf accidentally burned all airdrop and LP tokens.
- Russia to create a platform for confiscated cryptocurrencies.
- DeFi protocol Mozaic Finance lost $2 million in a hack.
Weekend Reading Suggestions
Participants of the Privacy Day 2024 conference shared with ForkLog how the European regulation will impact the artificial intelligence industry as a whole.