Telegram data-theft malware, ongoing Log4j bugs, and other cybersecurity developments

We round up the weeks most important cybersecurity news.

The Log4Shell saga continues: researchers uncover new bugs

Within the Log4j logging library, researchers found another vulnerability, related to a denial-of-service. In response, experts released version 2.17.0 with fixes.

This week, in Belgiums Ministry of Defence stated a cyberattack exploiting the Log4j vulnerability.

Cybersecurity specialists from agencies around the world prepared guidance on how to respond to the Log4j bugs. The United States Cybersecurity and Infrastructure Security Agency (CISA) unveiled a scanner for detecting remote code-execution vulnerabilities (CVE-2021-44228 and CVE-2021-45046).

were widely discussed last week. Experts have already released urgent updates to address the bugs.

Hackers spread data-theft malware through a Telegram channel devoted to cryptocurrencies

SafeGuard Cyber researchers discovered the malicious Echelon software that propagates via a Telegram channel focused on crypto trading.

Using Echelon, actors can steal credentials for Discord, OpenVPN, Microsoft Outlook, Telegram and other platforms, as well as a number of crypto wallets including AtomicWallet, Exodus, Jaxx and others.

Officials noted that the malware is likely not part of a coordinated campaign, but aimed at “new or naïve” Telegram channel users.

DuckDuckGo will launch its own desktop browser

The privacy-focused search engine DuckDuckGos team announced work on a desktop browser.

It is intended to help prevent companies from spying on users searches and browsing history. Early testing suggested the browser would be considerably faster than Google Chrome, the team said.

According to The Verge, the browser is currently in closed beta for macOS, with a Windows version also in development.

British authorities handed Have I Been Pwned more than 585 million compromised passwords

The UK’s National Crime Agency transferred over 585 million leaked passwords to the Have I Been Pwned service. More than 225 million of them were unique, founder Troy Hunt said.

Now the number of passwords in the Pwned Passwords section exceeds 847 million.

Have I Been Pwned previously entered into such a partnership with the FBI — the agency can upload compromised data to Pwned Passwords immediately after it is discovered in investigations.

Microsoft Teams bug bounty finds several vulnerabilities

Positive Security researchers have reported four vulnerabilities in Microsoft Teams. They allow access to internal Microsoft services, spoofing link previews, and Android users face IP address leaks.

Researchers alerted Microsoft to the flaws in March, but so far the company has fixed only one.

Media: Clop hackers stole confidential police data in the UK

The Clop hacking group stole confidential data from Britain’s police and published part of it on the dark web, according to Daily Mail.

Allegedly, the attackers gained access through Dacoll, which provides access to police computers. They attacked Dacoll in October with ransomware and demanded a ransom that the firm refused to pay.

As a reminder, in June Ukraines cyberpolice reported that it identified Clop hackers and blocked channels for laundering cryptocurrency obtained criminally.

However, according to a ForkLog source, searches were conducted on OTC traders through which the ransomware operators moved Bitcoin, not on the hackers themselves.

Later, the Binance exchange confirmed its involvement in the Ukrainian law enforcement operation to identify individuals who washed Clop hackers funds.

At the same time, after Ukrainian authorities reported identifying Clop members, the hackers published a new stolen batch of data.

Also on ForkLog:

• Hakers stole $1.3m from NFT project Monkey Kingdom users.
• The Russian court for the first time imposed on Google a turnover-based fine of 7.2 billion rubles; Meta faced a nearly 2 billion ruble fine.
• Attackers hacked the DeFi platform Grim Finance and stole $30 million.
• FBI confiscated illegally obtained 3879 BTC from a cold wallet.
• A user of Amazon Web Services was billed $45,000 due to Monero miners.
• Hackers withdrew more than 8 million VISR tokens from the DeFi protocol Visor.
• Fraudsters circulated hidden miners via a pirated Spider-Man version.

What to read this weekend?

In 2021, central banks around the world pressed ahead with developing their own digital currencies. Read how such assets could help authorities monitor and censor transactions, as well as enable mass surveillance, in ForkLog.

Follow ForkLogs bitcoin news in our Telegram — crypto news, markets and analysis.