Advantex Weekly Threat Report – October 14th, 2019

A round-up of the latest cybersecurity threats and vulnerabilities online.

In this weeks ‘Advantex Weekly Threat Report’, we reveal all on the Volusion server hack, how a ransomware victim took revenge by hacking his hackers, and how TOMS shoes mailing list was hacked tell users to go outdoors.

This report is aggregated from recent open source reports online.

 


 

TOMS Shoes’ Mailing List Hacked to Tell Users to Log Off

More often than enough, hackers utilise their skills to obtain your hard-earned money, bring things to a standstill or for some form of political protest. However, in this case, this hacker just wanted the world to go outdoors.

An email with the subject line of ‘TOMS hacked by nice man’ hit the inbox of thousands of customers of the popular shoe brand TOMS on October 6th.

Alarmed customers would have most likely been in a frenzy with a subject line like that, but would have been even more shocked to read the contents of the email.

Instead of demanding the usual bitcoin transfer, the hacker simply wanted users to put down their devices, walk away from their computers and go outside:

Toms hacked email

TOMS confirmed the incident, stating that some form of “unauthorised activity” took place via the company’s email and social media.

It’s not very often we report of a good outcome of a hack, but being told to go outside doesn’t seem all that bad, BUT, its still a cause for concern that TOMS’ database was even hacked in the first place.

 


 

The Ultimate Cybersecurity Guide

‘The Ultimate Cybersecurity Guide’ is the go-to guide to help keep your business secure online in 2019.


In the guide you’ll learn:

  • What the risks are
  • What to look out for
  • The consequences of a cyber breach
  • Learn the difference between a cyberattack and a cyberbreach
  • How to boost your cybersecurity

 

Download Your Free Copy

 


 

Up to 20,000 Ecommerce Websites at Risk of Magecart

A Magecart attack on a company that supplies over 6,500 online stores with cloud infrastructure has been hacked, exposing the data and payment details of thousands.

Volusion’s servers were hacked and malicious code was placed onto various of its customers’ sites which scrape the credit card details entered on the payment page.

Thousands of sites have been affected, including the popular children’s TV show, Seasame Street’s online merchandise store.

A full list of affected sites can be found here, and if you wish to check if your email has been compromised on any site online, check it here on have i been pwned?

 


 

Ransomware Victim Who Paid Ransom Gets Revenge

A ransomware victim that paid a Bitcoin ransom to unlock his files has sought, and accomplished, a bittersweet vengeance on his attackers by hacking them right back.

Alongside free decryption software, German computer programmer, Tobias Frömel (known online as “battleck”) released around 3,000 decryption keys to assist others hit by the Muhstik ransomware.

battleck hack post

If you have the skills and knowledge to hack, the thought of vengeance might seem appealing, giving hackers a taste of their own medicine, however, it is still illegal, plus, two wrongs don’t make a right.

 


 

Don’t get caught out, protect your users, data, and technology!

 

FREE 14-Day Trial

Advanced Cybersecurity Technologies Logo

With Advantex’s ACT suite, we can educate, protect and restore your business from any vulnerabilities online – giving you maximum protection and ultimately empowering you and your workforce into making better and safer day-to-day decisions online.

Send us your details below and we’ll get you started on your FREE no-obligation trial of the Advantex ACT suite.

Don’t take the risk, get in touch today!