You might need peripheral vision to spot this

Feb 08 2023

Gone Phishing Banner

Welcome to Gone Phishing your daily newsletter that’s got bigger stories than the Burj Khalifa

Today’s hottest cyber security stories:

  • Lexmark is printing money, but offers ‘laughable’ bounty to researcher
  • Exclu-sively for criminals? Encrypted messaging app Exclu cracked; 45 arrested, €5.5m seized
  • UK-based Vesuvius experiences stock price meltdown following cyber attack

YOU MIGHT NEED PERIPHERAL VISION TO SPOT THIS – LEXMARK OFFERS ‘LAUGHABLE’ BOUNTY TO RESEARCHER

A company of Lexmark’s size is no-doubt generating eye-watering revenues daily, and yet offered a researcher peanuts (or should we say they couldn’t ink a deal big enough!) for the glaring vulnerabilities he clued them up to. 

Indeed, our poor old cybersecurity researcher was left feeling like Dickens’ Oliver Twist. But instead of gingerly imploring “please sir, I want some more”, he took disruptive action. And can you blame him? The information he unearthed could, in the wrong hands, have caused mayhem for Lexmark, and cost millions to boot!   

Lexmark probably wishes it forked out a few bob for researcher Peter Geissler’s efforts once they caught wind that he’d tweeted out a link to a GitHub repository containing the sensitive information. 

So why did Geissler leak the info? He said he wanted to highlight how the Pwn2Own contest is “broken” in some regards, as shown when low monetary rewards are offered for “something with a potentially big impact” – such as an exploit chain that can compromise over 100 printer models. 

What’s Pwn2Own? 

Pwn2Own was created by Zero Day Initiative (ZDI) to encourage the reporting of vulnerabilities privately to the affected vendors by financially rewarding diligent researchers with essentially a bounty.  

Think Dog the Bounty Hunter or Boba Fett from Star Wars… but rocking a neckbeard and an ill-fitting Iron Maiden t-shirt (JUST KIDDING!! Calm down). 

At the time, some people in the information security industry viewed those who make it their business to find vulnerabilities as malicious hackers looking to do harm. To be frank, some still feel that way… 

However, whilst skilled, malicious attackers do exist, they remain a small minority of the total number of people who actually discover new flaws in software. 

Our verdict:  

It’s a cool idea but evidently (judging by the case of Peter Geissler, at least) it requires the aforementioned ‘affected vendors’ to play ball and offer a decent amount of compensation. 

Geissler’s verdict: 

“In my experience, patching efforts by the vendor are greatly accelerated by publishing turnkey solutions in the public domain without any heads up whatsoever.”  

“Lexmark might reconsider partnering with similar competitions in the future and opt to launch their own vulnerability bounty/reward program.” 

So Lexmark if you’re listening, next time put your hand in your bloody pocket! 

EXCLU APP CRACKED – THERE WAS MORE SWEAT WENT IN TO THIS OPERATION THAN AN 80S RAVE

Raves fell silent across Europe yesterday after police seized a whopping 300,000 ecstasy pills thanks to four-year operation centred around messaging app Exclu!

The dodgy European end-to-end encrypted messaging app was smashed by police in an international organised crime bust that saw (get this!):

  • 45 people arrested across Belgium and the Netherlands
  • 79 locations raided
  • 300,000 ecstasy tablets seized
  • 20 firearms seized
  • 200 phones seized

It’s not just users of the app that are in hot water either. The team behind the app are under fire too. It seems as though the Exclu app was specifically created to facilitate the sale and distribution of illicit drugs and weapons.

Surprisingly (but fortunately for the purposes of this article!) the website is still live at time of writing which means we can investigate just what was being offered.

Ex-tortionate!

We couldn’t believe the cost of the services offered! For a measly three-month licensing key, would-be users of Exclu would have to fork out a mahoosive €500. But don’t worry, if you purchase six months, they knock a oner off and it’s just… Nine. Hundred. Euros.

Exclu’s website boasts: “Our communication platform has integrated the most sophisticated encryption protocols in the world to ensure no one gets access to your data.”

Yeah, doesn’t look like it, does it boys? Should have stuck with WhatsApp or Telegram if you wanted to be extra safe.

Credit where credit’s due though… The lads at Exclu managed to evade capture and keep jaws swinging and eyes dilated across Europe for quite some years seeing as the investigation started all the way back in 2019. Ah yes, it was a lockdown to remember!! 

And seeing as 300,000 pills is just what the coppers got their greasy mits on, we’re fairly sure the EDM will be pumping out of speakers a while longer. So don’t throw out the glowsticks just yet!

UK-BASED VESUVIUS EXPERIENCES STOCK PRICE MELTDOWN FOLLOWING CYBER ATTACK

Vesuvius, the molten metal flow engineering company, has revealed it was hit by a cyber-attack this week. Vesuvius issued a rather vague alert stating that it was “currently managing a cyber incident.”

For now, the details remain scant. There is no indication yet of the scale of the problem, or which systems may have been affected by the attack at the company which manufactures ceramics for the steel industry.

There’s also no description of the nature of the attack (although given the last few months nobody would be surprised if it turned out to be ransomware!), and whether the company has received any form of communication from attackers.

Ransomware attacks were reported across Europe and North America in the recent VMware ransomware attack and also here in the UK via the recent ION Trading attack wherein they (allegedly!) paid the ransom!

Watch this space for more info on the cyberuption (geddit?) at Vesuvius!

So long and thanks for reading all the phish!

footer graphic cyber security newsletter

Recent articles