Italians might be losing “dough” over this

Feb 06 2023

Gone Phishing Banner

Welcome to the first edition of Gone Phishing your daily newsletter that’s got more thirst quenching stories than a bottle of Prime.

Today’s hottest cyber security stories:

  • Italy is ransom weary
  • Kim Jong Un is on the run
  • Petrol’s back in fashion

Today’s top cyber security news story is undoubtedly the ransomware attack that was detected in Italy and other European countries over the weekend.

The hack has made international mainstream news, and for good reason! Thousands of servers are reportedly infected with the malware which effectively locks away files and data on a massive scale and holds them for ransom.

In other news, North Korea’s wanted by the FBI for another crypto heist and electric car charging points could potentially charge users’ credit cards as well as their cars thanks to a shocking (couldn’t resist!) system vulnerability. Time to switch back to petrol?

WILL RANSOMWARE MAKE ITALIAN SERVERS AN OFFER THEY CAN’T REFUSE IN LATEST WIDESCALE ATTACK?

Yesterday (Sunday), Italy’s National Cybersecurity Agency (ACN) revealed that thousands of servers had been compromised in a ransomware attack targeting VMware.

Ransom-what? There could be a lot of “dough” stolen here.

Ransomware has been in the news quite a bit recently, given the recent attack on ION Trading (more on this tomorrow!).

For those who don’t know, it’s when criminals install malware on computers or servers which prevents users from accessing their files and data. Once this has been achieved, the hackers offer to unlock the files but only after a hefty sum of money has been paid to them. How nice of them, eh?

Affected companies are then faced with the agonising decision of whether or not to fork out the often tens (or even hundreds!) of millions of pounds to the villains behind the hacks to regain access to their files.

And that’s assuming these criminals do the decent thing and hold up their end of the bargain which is hardly guaranteed, given their nature!

Okay… But who’s VMware?

So that explains ransomware but what of VMware? VMware is one of those funny Silicon Valley-based tech companies that you may never heard of but that you probably indirectly interact with every day.

It’s not a consumer facing business but its software runs on Microsoft Windows, Linux, and macOS.

Additionally, VMware’s enterprise software hypervisor is an operating system that runs on basically all server hardware. So yeah, they’re kind of a big deal…

So, what does this mean? In short: nobody’s safe. This software is used either directly or indirectly by pretty much every man, woman, company, and their dog in the developed world.

And the attack isn’t limited to Italy; reports indicate that servers have been compromised in France, Finland, the US, and Canada. #prayfortheUK

KIM JONG-ON THE RUN! FBI PURSUES NORTH KOREA OVER £80 MILLION CRYPTO HEIST

Cryptocurrency stories are often fun and this one’s no exception; though, perhaps not so much for the hundreds, if not thousands victimised by the latest crypto heist.

£80 million went missing from California-based crypto exchange Harmony in the most recent heist. The FBI has its sights set firmly on the North Korean government. Could it be that when Kim Jong Un isn’t busy carrying out illegal nuclear weapons tests, he’s instructing his minions to target crypto exchanges in California? We wouldn’t put it past him – would you?

N. Korea’s crypto loot could fund nuclear program for three years.

Last month’s stickup is the latest in a series of digital heists that US officials worry Pyongyang will use to fund its aforementioned illicit nuclear and ballistic weapons program. Scary stuff, huh?

North Korean hackers have stolen the equivalent of billions of pounds in recent years by raiding cryptocurrency exchanges, according to the UN.

Billions may be peanuts to old Uncle Sam, but for North Korea, the amount of crypto stolen in 2022 (£1.4 billion) equates to nearly a tenth of its economy! And enough to fund its nuclear program for three years. Uh-oh.

ELECTRIC CARS MAY BE GETTING CHARGED IN MORE WAYS THAN ONE THANKS TO EV CHARGING POINT HACK

Shocking vulnerabilities have come to light within computer systems utilized by thousands of electric car charging points, the world over.

To date, it appears that the vulnerabilities haven’t been exploited by criminals and as such, electric car users needn’t swap their Tesla’s for Mazda’s just yet. Indeed, it’s actual good news that this weakness has been discovered

Charged in more ways than one!

However, the systems’ weaknesses (exposed by Israel-based SaiFlow) allow for two rather scary scenarios:

Firstly, a classic denial-of-service (DoS) condition wherein the charging connection is closed. Hardly earthshattering for the individual users but annoying nonetheless and potentially devastating for charger manufacturers in terms of potential disruption.

The second is rather more concerning for the individuals as it involves (you guessed it!) data theft. Criminals could potentially gain access to the cars’ computers, leaving drivers’ personal information vulnerable to interception.

Indeed, in worst case scenarios, electric car owners could get more charge than they bargained for: a car charge, along with a most unwelcome credit card charge. No thanks!

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles