Weekly Recap August 12, 2022
Table of Contents
- By Steven
- Aug 11, 2022
From email marketing companies to law firms, healthcare companies, and beyond, organizations of all types are being hit by online attacks at an increasing frequency nearly across the board. Though recent reports indicate health industry data breaches have decreased from the record high set in 2021, the head of every organization and even regular computer users have every reason to be concerned. Let's take a quick look at some of the most notable hacks that business managers, owners, and everyday people should be aware of and guard against with the industry's latest digital security solutions.
An Uptick in Decentralized Phishing
There has been a significant spike in phishing attacks performed by way of decentralized approaches. Such a decentralized attack occurs through an IPFS network. The spam campaign consists of thousands of email messages containing IPFS phishing URLs that function as attack vectors. IPFS, short for InterPlanetary File System, serves as P2P, an abbreviation for peer to peer. The network permits seamless file storage and sharing, using cryptography hashes instead of URLs or filenames used in regular client servers.
The strategy described above aims to create a file system that guarantees information is stored on multiple machines. However, this approach also presents an opportunity for phishing attacks using IPFS links, as has occurred at a higher frequency in recent months.
BitMart Hack Spurs $150 Million Loss
BitMart, a trading platform for crypto, endured a harmful digital breach toward the end of 2021. The security breach resulted in issuing a security update to reassure customers that the platform is safe to use. However, the hack ultimately resulted in a loss of about $150 million. BitMart paused crypto withdrawals, enhanced its digital security, and reimbursed customers for losses. It appears as though hot wallets connected to the web are part of the underlying digital security weakness that allowed the attack to occur in the first place.
150 Million Raychat Records Leaked
Raychat users should be on the lookout for potential identity theft. The popular social and business app was breached by hackers, resulting in the data of hundreds of millions of users being exposed to digital miscreants. A misconfigured server is likely the cause of the data leak.
Poly Network Attack Causes $600 Million Loss
The breach of Poly Network resulted in a loss of $600 million of crypto. The DeFi platform was compromised through a weakness within a smart contract that transmitted tokens between blockchains. It appears as though a bug was exploited though the hacker who claimed credit for the attack did not identify the specific weakness within Ply Network's systems. The hackers also highlighted his use of an email address and IP address that Poly network could not trace.
UNM Health Breached
UNM Health suffered a significant data breach in which hackers plucked the information of 700,000 people. The attack was highlighted in the second half of last year, yet the fallout of the breach has the potential to last for years or decades in the form of identity theft. A third party weaseled its way into the UNM network and then exfiltrated files with protected patient health information. The hacker likely sold the stolen information to criminals on the dark web.