We have gathered the week’s most important cybersecurity news.
- Uzbek authorities restored access to several social networks.
- Security researchers reported a phishing campaign targeting MetaMask wallet users.
- Taiwan faced a wave of cyberattacks after US House Speaker Nancy Pelosi’s visit.
Uzbekistan restores access to several social networks
The Agency for Information and Mass Communications under the presidential administration said it had unblocked Twitter, WeChat and VKontakte within the country. The agency stated that ‘blockages hinder development’.
Earlier, the country restricted the operation of several social networks due to a violation of the data protection law in 2021.
Experts warn of phishing attack targeting MetaMask users
Cybersecurity firm Halborn flagged a phishing campaign targeting MetaMask wallet users.
Attackers are sending emails masquerading as the MetaMask team. They ask users to verify their wallets — by clicking a link and entering their secret phrase. Halborn highlighted the main signs of the fraud:
- the sender name and email address contain a mistake: “Metamaks” instead of “MetaMask”;
- a fake domain metamaks.auction;
- no personalization — the email does not address the user by name or include any information unique to their account.
Experts recommended always checking the URL before following a link, enabling 2FA and keeping it up to date.
Taiwan becomes target of cyberattacks after Nancy Pelosi’s visit
Immediately after the visit by U.S. House Speaker Nancy Pelosi, numerous Taiwanese companies and institutions were subjected to cyberattacks, Reuters reports.
Among the victims are government websites, railway infrastructure and a large 7-Eleven network. The attacks did not cause substantial harm to their operations.
Accenture researchers noted that this looked ‘more like a theatrical performance than a threat’. The firm added that previously there were more powerful cyberattacks that forced several financial institutions in Taiwan to suspend transactions.
Hackers gain access to 140,000 Wiseasy payment terminals
Unknown attackers gained access to the dashboards used to remotely manage and control thousands of Wiseasy credit-card payment terminals, TechCrunch reports.
Wiseasy manufactures Android-based terminals used in restaurants, hotels, retail points and schools across the Asia-Pacific region. Through its cloud service, the company can remotely manage, configure and update them.
BugGuard researchers found Wiseasy employee passwords, including the administrator account, on the dark web. BugGuard said the hackers compromised two cloud management panels, neither of which was protected by two-factor authentication. As a result, the attackers gained access to nearly 140,000 Wiseasy payment terminals worldwide.
Australian man charged with creating spyware bought more than 14,000 times
Australian authorities charged a man with creating and distributing spyware.
Police say the suspect created the Trojan when he was 15. The software, named Imminent Monitor, was sold to more than 14,500 people in 128 countries. It allowed full access to the victim’s computer, theft of data and remote surveillance via a webcam and microphone.
It is claimed that the suspect distributed spyware from 2013 to 2019, when he was taken into custody.
Also on ForkLog:
- Hackers hacked around 8,000 Solana-based wallets and siphoned off millions of dollars. Later the Solana team linked the large breach to the wallet provider Slope — it sent seed phrases to a centralized server, where they were stored unencrypted.
- Chainalysis estimated the damage from cross-chain hacks since the start of the year at $2 billion.
- From the wallets of the Bitcoin exchange ZB, $4.8 million were withdrawn. Experts did not rule out a hack.
- Unknown hacked the Nomad cross-chain protocol. The developers offered the hackers who withdrew around $190 million from the project’s smart contracts to return the stolen assets for a 10% bounty.
What to read this weekend?
ForkLog explains what end-to-end encryption is, why authorities in many countries are trying to crack down on it, and whether it could be banned.
Read ForkLog’s Bitcoin news on our Telegram — cryptocurrency news, prices and analysis.