Ransomware Recap – February

Share This Post

Welcome to February’s Ransomware Recap! In this monthly series, we discuss a few of the biggest ransomware stories. Let’s jump in.

Hackers Find Bug in PayPal’s Google Pay Integration

Hackers have found a bug in the Google Pay integration with PayPal, and are now using it to perform unauthorized transactions. Most transactions have taken place at stores in the US, especially Target stores across New York. Many of the victims are German users.

German security researcher Markus Fenske pointed out a similar bug to PayPal this time last year, but PayPal did not prioritize fixing it. According to ZDNet, ” The researcher said there could be three ways in which an attacker could get a virtual card’s details. First, by reading the card details from a user’s phone/screen. Second, programmatically, by using malware that infected a user’s device. Third, by guessing it.”

PayPal told ZDNet on 2/25 that they have addressed the issue.

Source: ZDNet https://www.zdnet.com/article/paypal-accounts-are-getting-abused-en-masse-for-unauthorized-payments/

Puerto Rico’s Government Falls Victim to Phishing Scam

Puerto Rico’s government lost $2.6 million after being hit with an email phishing scam. According to a police statement, the transfer took place on January 17 after the department received an email indicating a move to a bank account linked to remittance payments.

According to TNW, ” Laboy kept mum about the details of the cyber heist, so it remains unclear how the agency discovered the swindle or whether someone has been let go following the incident. He did, however, say the agency is conducting an internal investigation to determine if someone was negligent or did not follow proper protocol.”

Thankfully, no citizen data was leaked in the process.

Source: The Next Web https://thenextweb.com/security/2020/02/13/puerto-rico-phishing-scam/

Hack of MGM Resorts Exposes Data of 10 Million+ Guests

10.6 million guests of MGM Resorts had personal information released on a hacking forum last week. MGM reported that most of the data included already-public information such as names, phone numbers and email addresses. Additionally, 1,300 guests were notified that more sensitive information was released.

According to BBC News, “A further 52,000 customers were told that less sensitive personal information was exposed. This was only a portion of those impacted. MGM said its notification to customers followed state laws. Most US states do not require companies to tell customers if data which is already public has been exposed during a hack.”

Celebrities such as Justin Bieber and Jack Dorsey were reportedly included in the breach.

Source: BBC News https://www.bbc.com/news/technology-51568885

Defense Information Systems Agency (DISA) Data Breach

The DOD DISA, the agency that handles IT and telecommunications support for the White House and military, disclosed a possible data breach from the summer of 2019 to employees. DISA reports that during this period, employee personal information, including social security numbers, was revealed but did not say how many had been affected.

According to ZDNet, “The DOD agency did not provide any other details about the breach, however, it did add that it had no evidence to suggest that employees’ personal data was misused prior to sending the notification letter. “

See the letter here in a tweet by @bitsdigits.

Source: ZDNet https://www.zdnet.com/article/dod-disa-discloses-data-breach/

More To Explore