Friday Five 6/17
In this week’s Friday Five, read how ransomware criminals are making use of a kids’ game, how Apple devices everywhere may be affected by a hardware vulnerability, and much more.
1. MIT researchers uncover ‘unpatchable’ flaw in Apple M1 chips by Carly Page
A hardware-level vulnerability that has been deemed as “unpatchable” has been found in the pointer authentication codes (PACs) of Apple’s M1 Chips by researchers from MIT’s Computer Science and Artificial Intelligence Laboratory. A novel attack combining memory corruption and speculative execution attacks was found to be able to sidestep an M1 chip’s PAC and can even work against the kernel. Despite these concerns, however, Apple concluded that “this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.” Read the full article from TechCrunch to find out why most users may not need to be concerned.
2. Interpol seizes $50 million, arrests 2000 social engineers by Bill Toulas
Operation ‘First Light 2022,’ led by Interpol with the assistance of police from a whopping 76 countries, has led to the seizure of $50 million gathered from social engineering scams along with the arrest of thousands of people involved in said scams. Other results of the lengthy operation include:
- 1,770 locations raided worldwide
- Some 3,000 suspects identified, including a Chinese national that had defrauded victims out of $35,700,000
- Some 4,000 bank accounts frozen
Read more details on the operation in the full article from BleepingComputer.
3. Ransomware Group Debuts Searchable Victim Data by Brian Krebs
In a new tactic to force a ransom payment from victims, ransomware groups have begun publishing individual victim websites on the public internet that allows individuals to search for leaked data. “Companies will likely be more concerned about the prospect of their data being shared in this way than of simply being posted to an obscure Tor site for which barely anyone knows the URL,” said Brett Callow, a threat analyst with Emsisoft. “It’ll piss people off and make class actions more likely.” Find out more in the full article from Krebs on Security.
4. Conti’s Attack Against Costa Rica Sparks a New Ransomware Era by Matt Burgess
An unprecedented string of ransomware attacks by Conti and HIVE has sent Costa Rica into an economic spiral in recent months, crippling many of the country’s most essential services. The criminals behind the attacks have gone so far as to call on Costa Rican citizens to overthrow their government, with one post on Conti’s blogs saying, “I appeal to every resident of Costa Rica, go to your government and organize rallies.” Read the full article from Wired to get a detailed look into the timeline of the attacks, the ransomware groups responsible, and why these attacks have become more significant compared to similar attacks in the past.
5. Roblox Game Pass store used to sell ransomware decryptor by Lawrence Abrams
A new ransomware named ‘WannaFriendMe,’ a variant of Chaos Ransomware, has unusually been utilizing Roblox’s Game Pass store to sell its decyptors. Rather than having victims send ransom payments in the form of cryptocurrency, WannaFriendMe requires the use of a decryptor to recover files, which can be bought using Roblox’s in-game currency known as Robux. Read the full article from BleepingComputer to see how Roblox has responded to the unorthodox threat.