Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Hackers (Page 1 of 9)

Maryland health department hit by cyberattack


Maryland authorities are investigating a cyberattack that took the state Department of Health offline this past weekend, as they determine if any information has been stolen.”The Maryland Security Operations Center…

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Joseph Choi

Someone is hacking receipt printers with ‘antiwork’ messages


Hackers are attacking business receipt printers to insert pro-labor messages, according to a report from Vice and posts on Reddit. “Are you being underpaid?”, reads one message and “How can the McDonald’s in Denmark pay their staff $22 an hour and still manage to sell a Big Mac for less than in America?”, another states. 

Numerous similar images have been posted on Reddit, Twitter and elsewhere. The messages vary, but most point readers toward the r/antiwork subreddit that recently became popular during the COVID-19 pandemic, as workers starting demanding more rights.

Some users suggested that the messages were fake, but a cybersecurity firm that monitors the internet told Vice that they’re legit. “Someone is… blast[ing] raw TCP data directly to printer services across the internet,” GreyNoise founder Andrew Morris told Vice. “Basically to every single device that has port TCP 9100 open, and print[ing] a pre-written document that references /r/antiwork with some workers rights/counter capitalist messaging.”

The individual[s] behind the attack are using 25 separate servers, according to Morris, so blocking one IP won’t necessarily stop the attacks. “A technical person is broadcasting print requests for a document containing workers rights messaging to all printers that are misconfigured to be exposed to the internet, and we’ve confirmed that it is printing successfully in some number of places,” he said.

Printers and other internet-connected devices can be notoriously insecure. In 2018, a hacker hijacked 50,000 printers with a message telling people to subscribe to PewDiePie, of all the random things. The receipt printer hack, by contrast, has a much more focused set of targets and messages. 

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Steve Dent

Robinhood Hack Compromises Millions of Customer Email Addresses and Names


Someone recently hacked and attempted to extort Robinhood, the popular investment and trading platform, gaining access to millions of customers’ email addresses and full names in the process.

Read more…

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Lucas Ropek

Hacker Reveals Twitch Source Code In “Part One” of Massive Gigaleak

The Twitch logo on a gradient background.Twitch

In an effort to “foster more disruption and competition in the online video streaming space,” an anonymous hacker has leaked the entirety of Twitch’s source code and creator earnings. The leak also contains info on an unreleased Steam competitor and data related to Twitch’s security tools. And unfortunately, this is just “part one” of an ongoing gigaleak.

Wrapped in a 125GB torrent, this leaked data was first shared on a 4chan thread the morning of October 6th. Trusted sources have verified its authenticity to Video Games Chronicle and The Verge, and Twitch confirms that it suffered a data breach (it hasn’t verified the leak’s authenticity). Some files in this leak were last modified on October 4th, a sign that Twitch may have been hacked just a few days ago.

All of Twitch’s source code is included in this leak, and that includes source code for the platform’s mobile, desktop, and console clients. Shockingly, this source code is so complete that it contains full “commit history” from the company’s developers—that is, notes made to indicate changes made to the Twitch backend.

We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.

— Twitch (@Twitch) October 6, 2021

Internal Twitch moderation tools also appear in the leak. The most notable (so far) is Twitch’s “red teaming system,” which allows moderators to pretend that they’re hackers. Oh, and evidence that the “golden kappa” that users randomly receive is manually handed out by moderators. We still don’t know if any damaging security tools are tucked in this leak.

And if you’ve ever wondered how much your favorite streamer makes, you’ll probably find out on social media. This leak contains three years of payout data for Twitch creators. Some streamers have already verified that this leaked financial data matches their earnings, although we’re still not sure if this data is all-inclusive or only focuses on a fraction of Twitch streamers.

There are a few oddities here, too. Because this leak contains all properties owned by Twitch, such as CurseForge, it reveals some unreleased projects. The most notable is called Vapor, a games marketplace with a working title that clearly references Steam.

Some Vapeworld assets, including some 3d emotes with specular and albedo maps
I don’t have whatever version of unity installed that they used, so I’m limited in what assets i can get caps of with stuff like blener and renderdoc.
There’s custom unity plugins in here for devs too.

— Sinoc (@Sinoc229) October 6, 2021

Early analysis of the Vapor data shows that Twitch is working on something called Vapeworld—fortunately (or unfortunately, depending on your priorities), this game has nothing to do with smoking cessation. It’s a VR chat client full of weird 3D Bob Ross emojis. We’re not sure if Vapeworld is an abandoned project or a work in progress, but its files were last modified this week.

The hacker who shared this data clearly did it for altruistic reasons, citing Twitch as a “disgusting cesspool” that hampers competition in the “video streaming space.” As such, the leak doesn’t include a ton of personal data (aside from streamers’ earnings). It seems that the hacker intentionally omitted this data to protect users.

But any data breach is dangerous, and some analysts say that encrypted user passwords are a part of this leak (though these claims are unverified). Not to mention, hackers could use the Twitch source code to find vulnerabilities in its security system, and we’re still waiting for “part two” of this leak, which could target Twitch users instead of targeting the company.

I strongly suggest changing your Twitch password and enabling two-factor authentication on your account. And if you want to be extra safe, I suggest doing the same to your Amazon account, which may be linked to Twitch depending on how you signed up.

Source: VGC, The Verge, PC Gamer

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Andrew Heinzman

Hacker Steals a U.S. Navy Facebook Account to Livestream ‘Age of Empires’

A screenshot of the hacked page. The livestreamed video is captioned "Hahahahaha."Malwarebytes

A lone hacker decided to take on the U.S. Navy this week, and all things considered, he had a pretty good run. The Navy confirms that a hacker hijacked the official USS KIDD Facebook page to livestream Age of Empires playthroughs for four days in a row. Evidently, the Navy had to bargain with Facebook to secure the USS KIDD warship’s account back.

On October 3rd, the hijacked USS KIDD page livestreamed Age of Empires for four hours. The stream was captioned with the word “Hahahahaha,” which is exactly what I would say if I stole a warship (or its Facebook page).

But I would’ve played Age of Empires a bit better. The 20-year-old strategy game is all about building civilizations from scratch. But as reported by Task and Purpose, the hacker never made it past the damn stone age! Several of the comments left on his livestream tell him that he sucks—“somebody teach this guy how to play,” said one Facebook user.

Screenshots of the hacker's livestreams with captions like "play game," "fffff," "hi everyone," and "POSC."Task and Purpose

Despite the negative comments, our hacker continued to stream Age of Empires on the USS KIDD page. He even changed the USS KIDD’s account type to “Gaming Video Creator.” But on the morning of October 8th, the jig was up. The U.S. Navy finally convinced Facebook to resolve its problem. It also deleted all of the game streams, unfortunately.

In an October 7th conversation with Task and Purpose, Commander Nicole Schwegman stated that “the official Facebook page for USS Kidd (DDG 100) was hacked … We are currently working with Facebook technical support to resolve the issue.” Keep in mind that the page was first hijacked on October 3rd—did it take the Navy four days to realize what happened?

Some people speculate that the USS KIDD page wasn’t hacked. Like last year’s Fort Bragg porn-posting incident, someone with legitimate access to the USS KIDD Facebook account may have simply forgot to log out. But this theory doesn’t make sense, given the U.S. Navy’s statement and its inability to access the USS KIDD page.

Source: Task and Purpose via Malwarebytes

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Andrew Heinzman

Anonymous Claims to Have Stolen Huge Trove of Data From Epik, the Right-Wing’s Favorite Web Host


Members of the hacktivist collective Anonymous claim to have hacked web registration company Epik, allegedly stealing “a decade’s worth of data,” including reams of information about its clients and their domains.

Read more…

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Lucas Ropek

A Complete Guide to Not Getting Hacked


As safe as you might feel sitting at your laptop, happily typing and posting and scrolling, we all know the truth: the internet is actually a giant hellscape full of spies, criminals, ransomware, and all kinds of other dangerous shit.

Read more…

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Lucas Ropek

T-Mobile’s Data Breach Is Real And Worse Than You Imagined

T-Mobile storefrontAlastair Pike/AFP/Getty Images

Earlier this week, T-Mobile confirmed news and reports that the company had been hacked and experienced a wide customer data breach. And while the company’s findings show not all 100+ million customers are affected, it’s still bad news, and the details are going from bad to worse.

After confirming over 40 million customers’ user data was compromised, on Friday, the mobile carrier reported that hackers illegally accessed customer names, dates of birth, phone numbers, social security numbers, addresses, and even IMEI numbers for customer devices. This includes current, former, and potential customers, as well as postpaid users.

T-Mobile also said it had identified an additional 667,000 accounts of former customers that were accessed. This is bad news as hackers can easily use that info for identity theft, SIM swapping attacks to intercept secure two-factor logins, and other harmful activities.

So far, the number of affected customers is over 50 million. In a press release, the company said it’s taking immediate steps to help protect affected customers and is coordinating with law enforcement.

“We take our customers’ protection very seriously and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack,” said the company. “While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve.”

The company has now opened a dedicated webpage full of information for customers. Here, T-Mobile users can find information on how to change their PIN or passwords or sign up for a complimentary 2-years of McAfee ID Theft Protection services. T-Mobile recommends postpaid customers change their PIN and have already alerted many users or reset it themselves.

via The Verge

Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Cory Gunther

« Older posts