{"id":78049,"date":"2023-04-29T07:00:00","date_gmt":"2023-04-29T04:00:00","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=78049"},"modified":"2025-09-11T02:42:04","modified_gmt":"2025-09-10T23:42:04","slug":"password-cracker-built-from-30-gpus-android-user-tracking-and-other-cybersecurity-events","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/password-cracker-built-from-30-gpus-android-user-tracking-and-other-cybersecurity-events\/","title":{"rendered":"Password cracker built from 30 GPUs, Android user tracking, and other cybersecurity events"},"content":{"rendered":"<p>We have gathered the most important cybersecurity news of the week.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\" id=\"block-c3b252fe-ba05-407c-ba05-704963f62a5a\">\n<li>Experts uncover Android smartphone surveillance via Qualcomm processors.<\/li>\n<li>A vulnerability has been found that could amplify DDoS attacks by 2,200 times.<\/li>\n<li>Kevin Mitnick shows password cracker built from 30 RTX GPUs.<\/li>\n<li>Telegram blocked in Brazil.<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"wp-block-heading\"><strong>Experts uncover Android smartphone surveillance via Qualcomm processors<\/strong><\/h2>\n<p>Qualcomm processors, without user knowledge, collect and transmit personal data. This was reported by researchers at Nitrokey.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/Smartphones?src=hash&#038;ref_src=twsrc%5Etfw\">#Smartphones<\/a> With Popular Qualcomm Chip Secretly Share Private Information With US Chip-Maker <a href=\"https:\/\/t.co\/Cvnw0xQPoZ\">https:\/\/t.co\/Cvnw0xQPoZ<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/privacy?src=hash&#038;ref_src=twsrc%5Etfw\">#privacy<\/a> <a href=\"https:\/\/t.co\/2np6Ak4ChU\">pic.twitter.com\/2np6Ak4ChU<\/a><\/p>\n<p>\u2014 Nitrokey.com (@nitrokey) <a href=\"https:\/\/twitter.com\/nitrokey\/status\/1650779089580568576?ref_src=twsrc%5Etfw\">April 25, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Researchers tested several smartphones and found that, regardless of whether Google services were present, devices sent data to Izat Cloud, Qualcomm&#8217;s cloud storage address.<\/p>\n<p>The transmission occurred over unencrypted HTTP, making it vulnerable to interception.<\/p>\n<p>Among the data collected were a unique device identifier, the name and serial number of the chipset, XTRA software version, country and carrier code, OS type and version, brand and model of the smartphone, processor and modem uptime, a list of installed apps, and the IP address.<\/p>\n<p>According to Nitrokey, such data collection without explicit user consent contradicts the GDPR. However, Qualcomm stated that this does not breach its privacy policy.<\/p>\n<h2 class=\"wp-block-heading\"><strong>The US Treasury imposes sanctions on OTC traders working for Lazarus Group<\/strong><\/h2>\n<p>The US Treasury identified three <span data-descr=\"over-the-counter trading\" class=\"old_tooltip\">OTC<\/span>-traders who conducted cryptocurrency trades worth tens of millions of dollars for the North Korean hacking group Lazarus Group.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">The U.S. Department of the Treasury\u2019s <a href=\"https:\/\/twitter.com\/hashtag\/OFAC?src=hash&#038;ref_src=twsrc%5Etfw\">#OFAC<\/a> has just issued more sanctions targeting North Korea\u2019s <a href=\"https:\/\/twitter.com\/hashtag\/crypto?src=hash&#038;ref_src=twsrc%5Etfw\">#crypto<\/a>-enabled sanctions evasion activity. ??<\/p>\n<p>Today OFAC sanctioned Wu HuiHui and Cheng Hung Man, China and Hong Kong-based OTC <a href=\"https:\/\/twitter.com\/hashtag\/cryptocurrency?src=hash&#038;ref_src=twsrc%5Etfw\">#cryptocurrency<\/a> brokers\u2026<a href=\"https:\/\/t.co\/bLoqlVyMYo\">https:\/\/t.co\/bLoqlVyMYo<\/a><\/p>\n<p>\u2014 Jay \u00abTechAdept\u00bb Laurence (@TechAdeptRDD) <a href=\"https:\/\/twitter.com\/TechAdeptRDD\/status\/1650517957267554310?ref_src=twsrc%5Etfw\">April 24, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>According to OFAC, the suspects from China and Hong Kong provided material support to the hackers and converted digital assets into fiat. They also helped procure certain goods for North Korea, including American software, devices and tobacco products.<\/p>\n<p>Chainalysis researchers found that in their trades the traders used cryptocurrency mixers and decentralized exchanges.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"846\" height=\"1024\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1-846x1024.png\" alt=\"Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1\" class=\"wp-image-205711\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1-846x1024.png 846w, https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1-248x300.png 248w, https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1-768x930.png 768w, https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1-1268x1536.png 1268w, https:\/\/forklog.com\/wp-content\/uploads\/Graph_asset-v2_bip122_000000000019d6689c085ae165831e93_native_Copy_of_OFAC_SDN_Huihui_Wu_1986rYHc_2023_04_24-1-1691x2048-1.png 1691w\" sizes=\"auto, (max-width: 846px) 100vw, 846px\" \/><figcaption>Data: Chainalysis.<\/figcaption><\/figure>\n<p>\u0412 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0444\u0438\u0433\u0443\u0440\u0430\u043d\u0442\u043e\u0432 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0421\u0428\u0410 \u0438 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438, \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0430\u0441\u044c \u0447\u0430\u0441\u0442\u044c \u0441\u0434\u0435\u043b\u043e\u043a, \u0432\u0432\u0435\u0434\u0435\u043d\u044b \u0441\u0430\u043d\u043a\u0446\u0438\u0438. \u0418\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u043d\u044b\u0435 \u0430\u0434\u0440\u0435\u0441\u0430 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 <span data-descr=\"List of specially designated nationals and blocked persons\" class=\"old_tooltip\">SDN<\/span> list.<\/p>\n<h2 class=\"wp-block-heading\"><strong>A vulnerability discovered that can amplify DDoS attacks by 2,200 times<\/strong><\/h2>\n<p>Researchers from Bitsight and Curesec uncovered a vulnerability in the Service Location Protocol (SLP) that could enable mass DDoS attacks with an amplification factor of 2,200.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Great coverage of @Bitsight\u2018s research finding a new vulnerability in a legacy protocol. SLP Vulnerability Allows DoS Attacks With Amplification Factor of 2,200 \u2014 https:\/\/t.co\/2P95m1ePgh via @SecurityWeek<\/p>\n<p>\u2014 Bitsight (@BitSight) <a href=\"https:\/\/twitter.com\/BitSight\/status\/1651253837871689729?ref_src=twsrc%5Etfw\">April 26, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Using the 1997-era SLP, computers, printers, routers and other devices discover one another within local networks.<\/p>\n<p>The vulnerability allows attackers to register arbitrary services on the SLP server, manipulating content and response size to achieve the maximum amplification \u2014 up to 2,200 times (the third-largest amplification in history).<\/p>\n<p>According to the researchers, more than 2,000 organisations and 54,000 servers could be targeted.<\/p>\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/vulnerable-IPs-by-Sector.webp\" alt=\"vulnerable-IPs-by-Sector\" class=\"wp-image-205710\"\/><figcaption>Data: Bitsight.<\/figcaption><\/figure>\n<p>Among the vulnerable devices are VMware ESXi hypervisors, Konica Minolta printers, IBM IMM equipment and Planex routers. The majority are located in the United States, the United Kingdom, Japan, Germany, Canada, France, Italy, Brazil, the Netherlands and Spain.<\/p>\n<p>Experts warned of a substantial uptick in SLP-based DDoS attacks in the coming weeks.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Kevin Mitnick shows password cracker built from 30 RTX GPUs<\/strong><\/h2>\n<p>The famed hacker, author, and information-security expert Kevin Mitnick shared on Twitter photos of a system designed to crack passwords.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">This is my new bad ass password cracker.<br \/>I have 24 4090\u2019s + 6 2080\u2019s all clustered running Hashtopolis. <\/p>\n<p>Thanks to the awesome team at <a href=\"https:\/\/twitter.com\/KnowBe4?ref_src=twsrc%5Etfw\">@KnowBe4<\/a> that set up and configured the servers for me.<\/p>\n<p>Now to go crack some hashes :-))))))) <a href=\"https:\/\/t.co\/SZLFH2OtKL\">pic.twitter.com\/SZLFH2OtKL<\/a><\/p>\n<p>\u2014 Kevin Mitnick (@kevinmitnick) <a href=\"https:\/\/twitter.com\/kevinmitnick\/status\/1649421434899275778?ref_src=twsrc%5Etfw\">April 21, 2023<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The four-server setup comprises 24 NVIDIA GeForce RTX 4090 cards on the Ada Lovelace architecture and six RTX 2080 cards on the Turing line. The system will be used by the red team.<\/p>\n<p>The assembly was conducted by KnowBe4, where Mitnick serves as Chief Hacking Officer.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Media reports China is developing a satellite hijacker<\/strong><\/h2>\n<p>China is developing a cyberweapon capable of seizing control of adversary satellites, rendering them useless for data transmission and reconnaissance in wartime. The Financial Times reports, citing a U.S. intelligence assessment.<\/p>\n<p>According to the outlet, the system would be able to imitate signals that enemy satellites receive from their operators, allowing either full hijack or triggering a fault at a critical moment.<\/p>\n<p>The report states that such satellite takeover would render the satellites \u201cineffective in supporting communications, weaponry or intelligence, surveillance and reconnaissance.\u201d<\/p>\n<p>The document viewed by journalists was <a href=\"https:\/\/forklog.com\/en\/news\/pentagon-leak-sex-traffickers-in-a-family-tracking-app-and-other-cybersecurity-events\">part of the leak<\/a>, for which the FBI previously arrested 21-year-old U.S. Air National Guard airman Jack Teixeira.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Telegram blocked in Brazil<\/strong><\/h2>\n<p>The Brazilian Supreme Court ordered Telegram\u2019s operations suspended in the country for refusing to hand over data about neo-Nazi groups. Local media reported.<\/p>\n<p>Authorities requested information as part of the investigation into the shooting at a school in Aracruz, in which four people were killed. According to them, a 16-year-old defendant interacted with anti-Semitic groups on Telegram.<\/p>\n<p>Police were interested in the exact personal data of administrators and members of neo-Nazi channels, but the messenger did not comply.<\/p>\n<p>Local providers will receive a letter ordering the suspension of Telegram\u2019s operations. The app will also be required to be removed from local versions of Google Play and the App Store.<\/p>\n<p>Commenting on the situation, Telegram founder Pavel Durov said the company\u2019s mission is to \u201cpreserve privacy and freedom of speech worldwide.\u201d<\/p>\n<p><script async=\"\" src=\"https:\/\/telegram.org\/js\/telegram-widget.js?22\" data-telegram-post=\"durov\/209\" data-width=\"100%\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cWe sometimes have to leave markets where local laws run counter to this mission or impose technically unfeasible requirements. The court in Brazil asked for data that is technically impossible to obtain\u201d, said Durov.<\/p>\n<\/blockquote>\n<p>Telegram intends to appeal the ruling.<\/p>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">5 May 2023 | 16:34<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>Three days later the decision to block the messenger was overturned. The judge deemed a full suspension of Telegram across Brazil \u201cunreasonable, given its broad impact on the freedom of communication of thousands of people.\u201d<\/p>\n<p>Meanwhile the company remains obliged to pay a daily fine of 1 million reais for failing to provide all data on administrators and members of neo-Nazi channels.<\/p>\n<\/div>\n<p>Also on ForkLog:<\/p>\n<ul class=\"wp-block-list\">\n<li>KuCoin <a href=\"https:\/\/forklog.com\/en\/news\/kucoin-identified-the-user-behind-thousands-of-meme-tokens\">identified<\/a> the meme-token issuer.<\/li>\n<li>The court ordered the organizer of a Bitcoin pyramid Mirror Trading <a href=\"https:\/\/forklog.com\/en\/news\/court-orders-mirror-trading-organiser-to-pay-3-4-billion\">to pay $3.4 bn<\/a>.<\/li>\n<li>Media reports <a href=\"https:\/\/forklog.com\/en\/news\/media-reports-raid-at-home-of-former-ftx-executive\">about a search<\/a> at the home of a former FTX top executive.<\/li>\n<li>Phishing ads for Lido, DefiLlama and Zapper led to <a href=\"https:\/\/forklog.com\/en\/news\/phishing-ads-for-lido-defillama-and-zapper-led-to-theft-of-over-4-million\">losses of more than $4 mln<\/a>.<\/li>\n<li>An expert found <a href=\"https:\/\/forklog.com\/en\/news\/expert-uncovers-address-that-created-114-fraudulent-meme-tokens\">an address<\/a> that created 114 \u201cfraudulent\u201d meme-tokens.<\/li>\n<li>Spanish police uncovered <a href=\"https:\/\/forklog.com\/en\/news\/spanish-police-uncover-110-million-cryptocurrency-fraud-scheme\">a crypto scam<\/a> worth $110 mln.<\/li>\n<li>The Gibraltar court <a href=\"https:\/\/forklog.com\/en\/news\/gibraltar-court-freezes-assets-on-binance-and-other-exchanges-in-pursuit-of-43-million\">froze assets at Binance<\/a> and other exchanges in search of $43 mln.<\/li>\n<li>DEX Merlin on zkSync Era <a href=\"https:\/\/forklog.com\/en\/news\/merlin-on-zksync-era-hacked-for-1-82-million-after-certik-audit\">was hacked<\/a> for $1.82 mln. Later the platform vowed to <a href=\"https:\/\/forklog.com\/en\/news\/merlin-dex-and-certik-pledge-2m-restitution-to-victims-of-the-hack\">return funds<\/a> to victims.<\/li>\n<li>In South Korea, co-founder of Terraform Labs faced criminal charges.<\/li>\n<li>Google Authenticator update put users\u2019 crypto assets under threat.<\/li>\n<li>US authorities will install <a href=\"https:\/\/forklog.com\/en\/news\/us-authorities-will-install-a-tracker-on-sam-bankman-frieds-phone\">a tracker on the phone of SBF<\/a>.<\/li>\n<li>lawyers for Do Kwon asked to <a href=\"https:\/\/forklog.com\/en\/news\/do-kwons-lawyers-seek-dismissal-of-sec-charges\">drop<\/a> SEC charges.<\/li>\n<li>UniSat wallet for Bitcoin Ordinals <a href=\"https:\/\/forklog.com\/en\/news\/unisat-wallet-for-bitcoin-ordinals-halts-operations-after-attacks\">stopped working<\/a> due to attacks.<\/li>\n<li>KuCoin hacker accessed a cryptocurrency exchange\u2019s Twitter account.<\/li>\n<li>Trust Wallet team <a href=\"https:\/\/forklog.com\/en\/news\/trust-wallet-team-fixes-vulnerability-in-the-wallets-core-codebase\">patched a vulnerability<\/a> in the wallet\u2019s codebase.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><strong>What to read this weekend?<\/strong><\/h2>\n<p>In the Kryptorium education section, we explain how deliberate manipulation of Google&#8217;s algorithms creates problems for recommendation systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have gathered the most important cybersecurity news of the week.<\/p>\n","protected":false},"author":1,"featured_media":78050,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1238,1233],"class_list":["post-78049","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"16","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/78049","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=78049"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/78049\/revisions"}],"predecessor-version":[{"id":78051,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/78049\/revisions\/78051"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/78050"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=78049"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=78049"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=78049"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}