Updated: Oct 22, 2021
In this week’s Cyber Weekly Digest read about how attackers are stealing crypto wallets using malicious NFTs and the 2.4 Tbps DDoS attack mitigated by Microsoft. Keep reading to stay up to date on the latest cyber security stories from across the globe.
Researchers have discovered a vulnerability in the OpenSea platform which could allow attackers access to user accounts and steal the associated cryptocurrency wallets. OpenSea is the world’s largest marketplace for buying, selling, and auctioning non-fungible tokens (NFTs) and other digital assets and collectibles. The attack method is as simple as creating an NFT with a malicious payload and waiting for a victim to view the NFT. Multiple users reported empty cryptocurrency wallets after receiving gifts on the OpenSea marketplace, a marketing tactic known as “airdropping” used to promote new assets.
Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix yet another zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. This vulnerability, tracked as CVE-2021-30883, is a critical memory corruption bug in the IOMobileFrameBuffer allowing an application to execute commands on vulnerable devices with kernel privileges. Apple has not released details of how the vulnerability was used in attacks, however reports it is being actively exploited.
This week Sunderland University reports it has been hit by "extensive IT disruption" which appears to be a cyber-attack. Although the university’s face to face lectures were continuing where possible, the telephone, website and IT systems are down meaning that all online lectures have been cancelled. The suspected cyber-incident follows a surge of attacks targeting schools, universities and colleges during the COVID-19 crisis, most notably the attack on Newcastle University last year.
Microsoft on Monday revealed that its Azure cloud platform mitigated a 2.4 Tbps DDoS attack in the last week of August targeting an unnamed customer in Europe. The attack is said to have originated from a botnet of approximately 70,000 compromised devices primarily located across the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as the US. Microsoft said it observed three short-lived bursts, each ramping up in seconds to terabit volumes, the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.
In a joint advisory on Thursday, US government agencies disclosed that US Water and Wastewater Systems Sector facilities have been breached multiple times in ransomware attacks during the last two years. The most recent being in August this year in which malicious actors used the Ghost variant ransomware against a California-based WWS facility. Other breaches of water treatment facilities over the past two years include attacks in New Jersey, Nevada and Maine. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide potable water by effectively managing their wastewater.