Friday Five: TikTok's Congressional Hearing, New Malware, & Concerns Over Chinese Cyberespionage
Read up on TikTok CEO Zi Chew’s largely unsuccessful testimony, a concerning series of stealthy Chinese hacks, the arrest of a malware creator, and more in this week’s Friday Five!
FIVE BRUTAL HOURS FOR TIKTOK: CEO RAKED OVER COALS AMID PRIVACY, SECURITY CONCERNS BY TONYA RILEY
TikTok CEO Zi Chew addressed the social media platform's privacy and propaganda concerns this past week in a hearing with the House Energy and Commerce Committee. Chew attempted to build support for a $1.5 billion plan — known as Project Texas — that relies on tech giant Oracle to operate the app’s American technical infrastructure and build a firewall between U.S. TikTok users and Beijing but was largely unsuccessful. Read why lawmakers remain concerned about the app's security and privacy in a full breakdown of the hearing from CyberScoop.
STEALTHY HACKS SHOW ADVANCEMENTS IN CHINA’S CYBERESPIONAGE OPERATIONS, RESEARCHERS SAY BY AJ VICENS
According to researchers studying a string of cyber intrusions into unnamed Middle Eastern telecoms, the attacks indicated that a years-long Chinese-aligned cyberespionage operation--known as Operation Soft Cell--has been actively updating its abilities using a series of modifications to a widely used credential theft software package. The operation has reportedly been linked to various Chinese-aligned hacking efforts focused on telecom targets around the world, but it's believed that Gallium was involved. Read more about the threat actors and who else may be involved in such campaigns.
MALWARE CREATOR WHO COMPROMISED 10,000 COMPUTERS ARRESTED BY CHRISTOPHER BOYD
The creator of a Remote Access Trojan (RAT), responsible for compromising more than 10,000 computers, was arrested by law enforcement this past week in Ukraine. The RAT is reportedly capable of taking control of devices and commanding them to download and upload files, install and uninstall programs, take screenshots, capture sound from microphones, and capture video from cameras, after which account theft and withdrawal of electronic funds is possible. Learn more about how the malicious files may be distributed and how to avoid them in the full story from Malwarebytes Labs.
EMOTET MALWARE NOW DISTRIBUTED IN MICROSOFT ONENOTE FILES TO EVADE DEFENSES BY LAWRENCE ABRAMS
Emotet, a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros, is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets. Once the malware is downloaded to a device, it can download payloads that provide initial access to the corporate network, allowing threat actors to conduct cyberattacks against the company, which could include ransomware attacks, data theft, cyber espionage, and extortion. Read more on why threat actors have switched to OneNote and what you can do to block the malicious documents.
NEW ‘HINATABOT’ BOTNET COULD LAUNCH MASSIVE 3.3 TBPS DDOS ATTACKS BY BILL TOULAS
Originally discovered by researchers at the beginning of the year, a new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS (distributed denial of service) swarm with the potential for massive attacks. The malware is reportedly distributed by brute-forcing SSH endpoints or using infection scripts and RCE payloads for known vulnerabilities. Researchers estimated that with 1,000 nodes, the UDP flood could generate roughly 336 Gbps, while at 10,000 nodes, the attack data volume would reach a whopping 3.3 Tbps.