06.09.2022

The 6th of September, Cyber News

russia/belarus

belarusian Hackers Have Hacked the Website of the BelAZ Company

On September 5, the website of Zhodyn OJSC «BelAZ» stopped opening. belarusian hackers of the Joint Headquarters of the Minsk Resistance announced an attack on the company’s websites.

The work of the sites was disrupted, and the information sheet of the JHMR is posted on the main page. It says that BelAZ, like many other state-owned enterprises of the country, is «captured by the lukashenko «family». JHMR opposes the use of BelAZ and other belarusian enterprises as a tool for obtaining russian loans on the subject of import substitution. 1

The 6th of September, Cyber News

HackersHaveBlockedtheWebsiteandMobileApplicationofCityParkingLotsinKrasnodar

The website parkingkrd.ru and the mobile application «Krasnodar City Parking», where you can pay for parking, work with interruptions, the press service of the city administration reports.

It is clarified that the temporary restrictions are caused by hacker attacks.

For now, motorists can pay for parking only through parking meters. 2

World

WindowsHackersAreUsingPhotosfromtheJamesWebbSpaceTelescopetoSpreadMalwareonWindows

According to Securonix, hackers are sending out phishing emails containing a Microsoft Office document that contains an «infected» image of deep space. It contains malicious Base64 code.

Once infected, the software allows hackers to control the victim’s system. 3

The 6th of September, Cyber News

Hackers Have Hacked TikTok — Data of 2 Billion Users Stolen (or Not?)

On specialized forums and social networks, a message appeared over the weekend about a large-scale hack of the American division of TikTok. The hacker claims to have accessed 2 billion records from the database. However, the analysis of the published part of the information makes experts doubt the fact of theft.

The first reports of the alleged breach appeared on the Breach Forums on September 3. A user with the nickname AgainstTheWest published screenshots of the TikTok and WeChat hacks and said that the attackers were considering selling or publishing the data obtained. Two samples of the stolen information and a confirmation video were also released. On the same day, AgainstTheWest claimed on Twitter that it had stolen the source code of TikTok’s backend from Alibaba’s cloud server.

Troy Hunt of haveibeenpwned has dedicated a Twitter thread to verifying the published data. His conclusion, after extensive analysis, is that the evidence is «so far rather inconclusive». Hunt claims that some of the data about internal processes could have been taken from public access. According to him, some data may be test and not show real information.

Hacker News has suggested that the data looks like it was not taken from TikTok, but from a third party that works with the company in the field of marketing. At the moment, the question of the alleged hacking of TikTok accounts remains open – experts have not found clear evidence. The company itself shared the following statement: «Our security team has looked into this statement and determined that the code in question is completely unrelated to TikTok’s backend source code». 4

Samsung Reported that Hackers Broke into Its Servers and Stole User Data

The company declined to say how many users could ultimately be affected by the attack and why the manufacturer did not notify consumers for so long. The South Korean company Samsung officially announced that its servers were hacked in July, and hackers stole users’ personal data. The statement of the technological giant is posted on the Samsung website. The company reported the incident, noting «illegal access to user data on some American Samsung servers by an unauthorized third party».

A Samsung representative explained that by demographic data the company understands information used for marketing purposes. However, he explained exactly what types of data are included. He added that user registration data provided by Samsung customers to access technical support and warranty service includes information on the purchase date of a particular product, device model, and device ID numbers.

At the same time, he refused to say how many Samsung users could eventually be affected by the hacker attack on the company’s servers, and also did not comment on why the manufacturer did not inform its consumers for so long. 5