Stay a step ahead of threat actors with our latest coverage in cybersecurity. This week’s news brings both troubling developments and new tools in online security. We’ll take a look at the EasyPark data breach, the cyberattack on Ohio Lottery, the GTA V source code leak, and details of the new Python project that can help you detect Bluetooth spam attacks. Let us get into it.
EasyPark Reveals Data Breach Potentially Affecting Millions of Users
The EasyPark app developer shared a notice informing us of a data breach. The breach was discovered on 10 December 2023.
EasyPark is a Swedish organization that is known for its mobile and web applications. These applications help in parking space location, booking, and finding EV charging points. The organization was hit by the breach which has affected a portion of its European users. They mentioned that the names, phone numbers, residential addresses, emails, and digits of their credit/debit cards were stolen in the breach.
Such crucial information can be used by threat actors to carry out spear phishing attacks against the organization’s users. They have not disclosed the details of the breach or how it took place. However, if you’re impacted by the breach, you will receive personalized notices via in-app messages, notifications, SMS, or email.
The application is accessible and working normally and the Swedish, British, and Swiss data protection authorities have been notified about the breach. For the sake of your security, it’s advisable to reset any passwords that you’ve reused. Additionally, implementing a robust spear phishing prevention solution can provide an extra layer of defense.
Image sourced from nordvpn.com
DragonForce Ransomware Targets Ohio Lottery in Cyberattack
The Ohio Lottery had to shut down its key systems after suffering a cyberattack on Christmas Eve.
The incident is still under investigation but the lottery is working now. The state lottery has not linked the attack to any known threat actor groups but it was claimed by DragonForce ransomware. The threat actors say they have encrypted devices and stolen data in the attack and also have access to SSNs (Social Security Numbers) and birth dates.
DragonForce added a new entry to their data leak site hinting that the stolen files contain information related to Ohio Lottery customers and employees. The site shows that they have access to names, emails, residential addresses, and winning amounts of over 3,000,000 people who entered the lottery. The size of the data is over 600 GB. Meanwhile, if you’ve won a prize, visit here to claim the winnings.
We know little about the DragonForce ransomware gang as they are a new operation. However, their tactics, style of negotiation, and data leak site indicate there’s an experienced group behind it.
GTA 5 Source Code Allegedly Leaked Online One Year After Rockstar Hack
Another alarming news hit the cybersecurity world on Christmas Eve when the source code for GTA 5 was leaked. This incident underscores the importance of implementing robust phishing protection measures, as leaks of this nature can often stem from successful phishing attempts.
Many links to download the source code were shared on multiple channels on Discord, the dark web, and a GTA leak channel on Telegram. The owner of the Telegram channel is a person named “Phil,” and he paid homage to the LAPSUS$ hacker who leaked the videos of the upcoming GTA 6.
The actor behind the GTA 6 video leak is Arion Kurtaj, who has been sentenced to an indefinite hospital stay as a result of his Rockstar Games and Uber hack. Rockstar was hacked in 2022 by LAPSUS$ and the Discord leaker says that the source code was received by him in August 2023. The leaked code shows a lot of information about unreleased titles and secret alternate endings that the developers did not use.
LAPSUS$ is known for its social engineering and SIM swapping attacks and extorting organizations in exchange for not leaking stolen data.
‘Wall of Flippers’ Identifies Bluetooth Spam Attacks on Flipper Zero
There is a new Python project in the market called “Wall of Flippers” that can detect Bluetooth spam attacks launched by Flipper Zero and Android machines.
If you can detect the attack, you will be able to take targeted measures to protect yourself, making this a huge win. Techryptic was the first one who demonstrate how Flipper Zero portable wireless pen-testing and hacking tool can be used to launch Bluetooth LE spam attacks.
The attack can allow threat actors to spam Apple devices with fake Bluetooth connection notifications. This later developed into a custom Flipper Zero firmware that could launch spam against Android and Windows devices, too. It was then turned into an Android app using which the attack could be carried out.
The Wall of Flippers is a project that can detect the attackers of the Bluetooth LE spam attack and respond. It runs continuously and detects potential threats.
You can easily capture the MAC address and the signal strength and use these things to determine how far away the threat is and the device they’re using. And Flipper will get updates as it is still a work in progress. Here’s how to download it.