Wave of Discord attacks on the NFT community, JusTalk data leak and other cybersecurity events

We have gathered the week’s most important cybersecurity news.

JusTalk user data leaked online. The app’s team claimed that all chats were end-to-end encrypted

Researchers found unencrypted personal messages data of JusTalk, a video calling and messaging app, according to TechCrunch. The JusTalk team asserts that all conversations are end-to-end encrypted.

Among the leaked data are millions of messages, their send date and time, as well as the phone numbers of the sender and recipient. They also contained call recordings made using the app.

Tor banned again in Russia

The Leninsky District Court of Saratov partially granted the prosecutor’s claim and recognised the information contained in Tor Browser as prohibited, as well as the app itself. RosKomSvoboda reported, whose lawyers are handling the case.

Attorney Ekaterina Abashina said the court agreed with Roskomnadzor, ‘which throughout the proceedings insists that the information, the application and the technology are one and the same, and therefore all of this can be deemed prohibited by a court order’.

For more on Tor, read our explainer cards.

Report: NFT projects lost $22 million since May due to attackers on Discord

Since May 2022, TRM Labs analysts have documented more than 150 compromises of NFT project Discord servers.

The NFT community has suffered more than 150 compromises targeting NFT projects’ Discord servers since May 2022. A sampling… (1/2) pic.twitter.com/cEdPaV5mQI

— TRM Labs (@trmlabs) July 25, 2022

In June, the number of phishing attacks related to NFT minting, launched through compromised Discord accounts, increased by 55% compared to the previous month.

As TRM Labs explained, after gaining control of administrator accounts, hackers send links allegedly to gifts or ‘exclusive’ NFTs, to lure people to malicious sites.

TRM Labs linked dozens of similar cases. Analysts believe that many breaches are tied to the same hacker who attacked the Discord servers of Bored Ape Yacht Club in June.

Kazakhstan expanded authorities’ powers to regulate social media and messaging apps

Kazakhstan signed amendments, providing the Ministry of Information and Public Development (МИОР) with the ability to limit the activity of foreign online platforms or messaging services.

In addition, the department can request data on the number of daily users from such services and maintain a register of ‘representatives of foreign online platforms and instant messaging services’.

Smart home camera makers from Amazon and Google confirmed the possibility of handing over data to authorities without a warrant

The Amazon-owned Ring, a smart doorbell maker with video surveillance, confirmed handing over video footage to the police in 11 cases in 2022 without user consent. Among them were cases where police did not have a warrant to access this data, reports CNet.

Under Nest, Google’s smart home camera maker, it is said that it can also hand over information to law enforcement in emergencies without user consent:

“If we believe we can prevent someone’s death or serious physical harm, we may provide information to a government agency — for example, in cases of a threat of explosion, a shooting in schools, abductions, preventing suicides or missing persons”.

Nest noted that they have never before resorted to this practice.

Manufacturers of smart home cameras, including Arlo, Eufy and Wyze, as well as Apple, which handles such video materials, have said they do not provide such data to authorities without a warrant or court order.

Also on ForkLog:

• Hacker pulled about $6 million from the Audius decentralized platform.
• Bitfinex, Tether and Hypercore unveiled an encrypted P2P video-chat application.
• Hackers attacked the Nirvana DeFi project.
• Celsius reported a leak of user data due to a compromise of Customer.io.
• Google and Apple were asked to report on measures to combat fraudulent crypto apps.

What to read this weekend?

SonicWall analysts calculated that ransomware attacks decreased by 23%. We explore what these threats entail and their implications for the crypto industry:

Read ForkLog’s Bitcoin news in our Telegram — crypto news, prices and analytics.