Weekly Cybersecurity Recap March 11

  • By David Lukic
  • Mar 11, 2022

The temperatures are finally rising after a grueling winter. People are spending less time indoors on their computers. However, the transition to spring does not mean digital attacks are dissipating. The war in Eastern Europe has ramped up cyber-attacks around the world. Here's a quick look at some of the most notable digital breaches publicized in the past week.

The Google Play Store is hit by TeaBot Trojan

The Google Play Store has been infiltrated by a covert trojan referred to as TeaBot. The trojan is hidden within apps available in the popular store. The trojan is designed in a manner to avoid detection by virus-scanning tools. To be more specific, the trojan is contained within software updates.

TeaBot is best described as a type of malware that obtains SMS messages and user credentials from Android devices. The malware proceeds to steal highly sensitive and valuable information ranging from contact information to bank account information, phone messages, and private data.

Samsung is Struck by Lapsus$

Ransomware attack has struck Samsung. The breach culminated in the release of Samsung employee credentials to the internet. The attack comes one week after a similar Lapsus$ infiltration of NVIDIA. Samsung officials noted the attack also has the potential to leak the company's keys that would jeopardize the integrity of its devices' TrustZone environment. The TrustZone environment is meaningful as it has sensitive data ranging from biometrics to login credentials and more.

Amazon Devices Struck by a new Hack

Amazon Echo devices are susceptible to a new type of attack dubbed Alexa vs. Alexa. The attack weaponizes the smart machine, generating the potential for it to self-hack. The end result of this threat is a release of user information as well as control over the user's home devices connected to the Echo device. 
The attack merely requires that a laptop is within range of the target Echo device to obtain access. Hackers can also use internet-based radio stations to access Echo devices.

Dayslong DDoS Attack with Ransom Note

A cyber-attack described as a dayslong DDoS threat has emerged. This threat is somewhat unique in that it contains a ransom note transmitted before a computer/network is compromised, likely in an effort to encourage the target to sidestep potential problems with the timely payment of the ransom. One company has already been targeted by the attack, yet it has not been named. If digital security forensics specialists are correct, REvil hackers are responsible for the attack.

Linux Kernel Dirty Pipe Addressed

A permission flaw in Linux Kernel dubbed "dirty pipe" has been patched. The privilege escalation vulnerability permitted the full takeover of a target device. 
Though the weakness has been patched, there is still the potential for hackers to find a workaround that necessitates another update or patch.

The initial flaw made it possible for hackers to obtain control over a computer, read through user messages, and even obtain privileges at the administrator level. The patch is designed to prevent hackers from injecting code into targeted read-only files. We will find out if the patch proves effective in the ensuing days. 
Stay tuned.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

New York Healthcare Provider Notified 600k Following Network Cyberattack

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address