Advantex Weekly Threat Report – April 1st, 2019

A round-up of the latest cybersecurity threats and vulnerabilities online.

In this weeks ‘Advantex Weekly Threat Report’, we reveal how over a million ASUS laptops are at risk of a cyber attack, how crypto exchange Bithumb was hacked for $13 million, and how one hacker stole over $100 million from Facebook and Google.

This report is aggregated from recent open source reports online.



Over a Million ASUS Laptops Are at Risk

It has been revealed that the Live Update tool provided by ASUS has been hacked and users who have previously downloaded the software could be vulnerable to harmful malware.

The attack, which has since been branded as Operation Shadowhammer, was deployed to millions of ASUS laptops in an effort to target a small number of users, on which were then identified by their network adapters’ MAC addresses.

This type of attack is what we call a ‘supply chain’ attack, where in this case, hackers hijacked ASUS’ update server(s) and replaced the legitimate software with an infected and malicious version.

Due to the infected version being almost identical to the legitimate update, the hack went unnoticed for a worryingly long time.

However, since the attack was brought to the attention of ASUS, an official update has been released to patch any vulnerabilities and have taken steps to ensure it won’t happen again, including “multiple security verification mechanisms to prevent any malicious manipulation” and “an enhanced end-to-end encryption mechanism.” with ASUS also going on to say:

“At the same time, we have also updated and strengthened our server-to-end-user software architecture to prevent similar attacks from happening in the future,”

If you own an ASUS laptop and think you might be at risk, the folks at Kaspersky have created this free tool on which you can check if your device was targeted.



Crypto Exchange Bithumb Hacked for $13 Million in Suspected Insider Job

South Korean based crypto exchange, Bithumb has been subject to an EOS Cryptocurrency theft of around $13 million, and reports indicate it could be an inside job.

In a statement on Saturday afternoon, Bithumb confirmed the hack and said they noticed an “abnormal withdrawal” of the cryptocurrency through their monitoring system at 22:00 local time on Friday, March 29th.

All exchange withdrawals and deposits were suspended, with Bithumb stating:

“All the [stolen] cryptocurrency is owned by the company, and all members’ assets are under the protection of a cold wallet.”

It is reported Bithumb lost around $13 million and have confirmed there was no evidence of an external exploit, indicating it was an inside job.

The news comes nearly a year after Bithumb was hacked for nearly $30 million worth of cryptocurrencies. It was reported the exchange lost 2,016 bitcoin, 2,219 ether and various other currencies, but later claimed to have retrieved $14 million worth of the hacked funds back.



Hacker Steals More Than $100 Million from Facebook and Google

A Lithuanian man pleaded guilty last week to charges that he helped orchestrate and execute a scheme that defrauded more than $100 million from Facebook and Google.

Evaldas Rimasauskas, set up a fake business and sent numerous phishing emails to employees of both Facebook and Google, resulting in the multibillion-dollar companies being duped out of more than $100 million in total between 2013 and 2015. 

It’s reported that Rimasauskas defrauded Google out of $23 million and Facebook out of $99 million with the funds being deposited into a fake company and bank account in Latvia.

The scam used was “business email compromise,” on which hackers/fraudsters ask for money using phoney emails that target large companies who work with overseas suppliers or regularly make wire transfers, making it a lot easier for payments to signed-off or slip through the net.

So the next time you get an email asking for money and you’re not sure what it’s for, check with your colleagues and or finance department before you submit a payment – better to be safe than sorry.



Don’t get caught out, protect your users, data, and technology!

Send us your details below and get a FREE Cybersecurity Consultation!.

We’ll carry out a FREE no-obligation consultation at your business and examine your existing infrastructure and security network(s). As well as examine what you’re currently doing, we will advise on how you can best protect your data – and help prepare you and your business for the imminent threat of a cyberattack.

Don’t take the risk, get in touch today!