Weekly Cybersecurity Recap April 22

  • By Patrick Ryan
  • Apr 22, 2022

From ransomware attacks to phishing scams, spyware, malware, and beyond, businesses in the United States and elsewhere were slammed by digital offenses of every type in the third week of April.  You can do your part to prevent a potentially devastating digital attack by updating your digital defenses.  Below, we provide a recap of the week's most notable attacks. 

UK Government Struck by NSO Spyware

The NSO hacking collective appears to have successfully hacked the United Kingdom's federal government. The hackers placed spyware on phones and other computing devices used by UK federal officials.  The details of the attack were recently revealed by Citizen Lab,a team of cyber security professionals at the University of Toronto. 

The digital offensive against the UK government commenced in 2020 and has continued through the spring of the new year.  The initial attack centered on the use of Pegasus spyware that compromised computing devices at the UK's Foreign and Commonwealth Office as well as those used in Prime Minister Boris Johnson's office.  The spyware placed on the devices relayed sensitive information to the hacking collective.  

It is alleged that the NSO Group forwarded the stolen information to Israel's federal government.  As a result, the European Union is pushing for a blanket ban on software used by the NSO Group.

Zegna Attack

The menswear company Zegna was breached by a ransomware attacker.  The Italian fashion house fell victim to the RansomExx hacking collective.
RansomExx digital criminals broke the law when obtaining access to the company's financials.  The hackers released the stolen data to the internet, setting the stage for other criminals to use the information for manipulation and personal gain.  There is also a high likelihood that the stolen financial information will make its way to Zegna's competitors.  

It is interesting to note that Zegna's brass refused to pony up the funds to satisfy the ransom demand. Furthermore, Zegna's leadership also highlighted the fact that the attack occurred in August yet was not revealed to the public until this week.

UEFI Firmware Compromises Millions of Lenovo Laptops

Unified Extensible Firmware Interface (UEFI) firmware is jeopardizing the safety of Lenovo laptops used by consumers and businesses.  The firmware implants alter firmware drivers, ultimately making the computers that much more vulnerable.  If the weakness is exploited, there is the potential for a cybercriminal to disable the laptop's SPI flash protections and plant malware that remains on the system even after a reboot of the operating is performed.  UEFI flaws are a major issue as they are launched when the laptop boots and before shifting control to the operating system, meaning the threats can bypass safeguards that are put in place to thwart the execution of OS payloads.

Axie Infinity Hacked

Axie Infinity has been hacked by the Lazarus hacking group.  The digital attack resulted in a loss of more than $500 million.  Lazarus is also the hacking collective responsible for other digital security breaches of companies in the chemicals space. Though $540 million was initially taken from Axie Infinity, the hackers ended up getting away with less than 20% of the funds.  The final tally resulting from the hack was a loss amounting to slightly less than $100 million.  

The hackers moved the Ethereum and United States Dollar Coins through a conduit of the cross-chain variety.  This conduit set the stage for crypto holders to transfer the digital money to a new network by hacking the private keys necessary to perform withdrawals. The United States Dollar Coins were then exchanged for crypto through a decentralized exchange to prevent interference from governing bodies.
 

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.