By Waqas
Investigations are still ongoing, and concrete evidence regarding the extent and nature of the Nickelodeon data leak is yet to be confirmed.
This is a post from HackRead.com Read the original post: Potential 500GB Nickelodeon Data Leak: Unreleased Shows and Scripts at Risk

**According to @GhostyTongue, a Twitter account sharing exclusive information about the alleged Nickelodeon data leak, two individuals apparently involved in the leak have reportedly faced action from law enforcement.**

Nickelodeon is adored by millions across the globe but lately, rumors circulating on the internet suggest that the renowned children’s entertainment network has fallen victim to a significant data breach or leak.

According to several internet forums and tweets, approximately 500GB of data, including unreleased television shows, scripts, and other materials, have been compromised.

Reportedly, Nickelodeon’s legal team has taken swift action, aggressively pursuing Digital Millennium Copyright Act (DMCA) takedowns. Merely mentioning the contents of the leak has resulted in severe consequences for the individuals involved.

Allegedly, the leaked data is said to have originated from Nickelodeon’s “consumer products and experience” portal. An authentication issue within the system allowed unauthorized users to gain access to the Nickelodeon animation department’s sensitive content.

Although the leak was initially observed in January 2023 on Discord, Nickelodeon has since addressed the vulnerability and patched the portal.

On June 29th, a Twitter user with the handle @GhostyTongue disclosed details about the alleged leak in Nickelodeon’s animation department. According to @GhostyTongue, two individuals involved in the leak, known by their Discord usernames as “BowDown” and “IncidentalSeventy,” have reportedly faced action from either law enforcement or Nickelodeon itself.

Adding to the claims, @GhostyTongue stated on July 2nd that a private Discord server had recently circulated a URL to download an entirely new leak. This time, it allegedly contained the source code for all Nickelodeon Flash Games.

Nickelodeon flash games and video content as shared by @GhostyTongue

In a separate development, a user on 4chan claimed to possess insider information regarding the breach. The user asserted that Nickelodeon’s internal database had been compromised for over a year, potentially impacting all current productions.

According to their account, numerous private communities have been sharing portions of the leaked files, with trusted members having access to more extensive leaks containing assets such as PSDs, scripts, and animation files.

The user estimated that the breached data amounts to over 500GB and includes thousands of files from various shows, including high-profile series like SpongeBob.

It is also worth noting that the claims of 4chan user match with the list of leaked content shared by @GhostyTongue on their Twitter account:

Hackread.com has also seen a list of Nickelodeon’s animation pitch bibles that have been making rounds on the Internet. However, we will refrain from sharing screenshots or downloadable links due to legal reasons.

Some among many of the leaked animation pitch bibles (Screenshot credit: Hackread.com)

It is crucial to note that the authenticity of these claims and the nature of the data leak remain unverified. Furthermore, the origins of the incident are still uncertain, leaving open the question of whether it was an internal security lapse or an external cyberattack. Hackread.com has undertaken an investigation to shed light on these matters.

**The Déjà vu of the HBO Breach**

The recent rumors surrounding a potential data breach at Nickelodeon bring to mind the notorious HBO data breach that occurred in 2017. During that incident, hackers infiltrated HBO’s systems and leaked unreleased episodes of the popular series Game of Thrones, along with other sensitive data.

The HBO hacking saga lasted for several months, causing significant distress for the network and its viewers. It wasn’t until later that an Iranian citizen named Behzad Mesri emerged as the alleged perpetrator behind the HBO hack. Mesri was subsequently charged and indicted for his involvement in the cyberattack. To this day, he remains wanted by the FBI.

While drawing parallels between the Nickelodeon rumors and the HBO data breach is natural given the nature of the alleged incidents, it is essential to treat the current situation as a separate and distinct event. Investigations are still ongoing, and concrete evidence regarding the extent and nature of the Nickelodeon data leak is yet to be confirmed.

As more information becomes available, Hackread.com will continue to provide updates on the alleged Nickelodeon data breach, clarifying the extent of the incident and its implications for the entertainment industry giant.

**RELATED CONTENT**

1.  OurMine hackers hack Marvel and Netflix Twitter accounts
2.  Best legal, free online streaming sites for movies, TV shows
3.  Hackers Leak First 8 Episodes of Steve Harvey’s “Funderdome”

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Potential 500GB Nickelodeon Data Leak: Unreleased Shows and Scripts at Risk

By Deeba Ahmed
The researchers believe that the SmugX attack is an extension of a previously discovered campaign linked to Mustang Panda.
This is a post from HackRead.com Read the original post: SmugX: Chinese Hackers Targeting Embassies in Europe

**The attack method of the SmugX campaign includes attackers using HTML smuggling to target victims.**

Check Point Research’s (CPR) cyber threat intelligence researchers have discovered a disturbing attack trend. According to CPR’s report published on July 3, 2023, Chinese threat actors have become increasingly interested in targeting European governments, embassies, and foreign local policy-making entities. Eastern Europe is among their preferred targets, with prime targets being Slovakia, the Czech Republic, and Hungary.

This newly discovered campaign is dubbed SmugX. Researchers claim that this campaign has been active since December 2022, but they believe that it is an extension of a previously discovered campaign linked to Mustang Panda and RedDelta. Interestingly, both groups are Chinese.

As far as the attack method is concerned, research revealed that in SmugX, attackers are using HTML smuggling to target European embassies. In this method, the modular PlugX malware implant is smuggled (hidden) inside HTML documents.

Hackers use this technique to trick web security systems and evade antivirus mechanisms or security defences. HTML smuggling exploits HTML features to conceal malicious data documents from automated content filters, including them as JavaScript blobs that reassemble on the targeted device.

It is worth noting that PluxX is a commonly used tool for HTML smuggling. Multiple Chinese threat actors have used this malware previously, such as the group that targeted the Vatican in 2020 or the one that targeted the Indonesian Intelligence Service in 2021. The malware was also used to target users in Mongolia, Ghana, Papua New Guinea, Nigeria, and Zimbabwe in a USB drive-based campaign.

CPR researchers agree that SmugX’s primary objective is to obtain sensitive data on the foreign policies of the targeted countries. This analysis is based on the lure samples posted to the malware repository on VirusTotal. The filenames of these samples were self-explanatory.

Researchers wrote that the names strongly suggested that the attackers wanted to target diplomats and government entities, whereas the content contained mainly diplomatic-related content related to China. The attack utilizes several .docx and .pdf files containing diplomatic content.

CPR researchers obtained a letter from the Serbian embassy in Budapest, a document revealing the Swedish Presidency of the Council of the European Union’s priorities, and an invitation from the Hungarian foreign ministry for a diplomatic conference.

The researchers also discovered an article about the two Chinese human rights lawyers who had received a ten-year sentence. Here are the titles of these documents:

*   202305 Indicative Planning RELEX
*   Draft Prague Process Action Plan\_SOM\_EN
*   2262\_3\_PrepCom\_Proposal\_next\_meeting\_26\_April
*   Comments FRANCE – EU-CELAC Summit – 4th May
*   China jails two human rights lawyers for Subversion

One of the phishing documents (left) – Targeted countries (right)

“While none of the techniques observed in this campaign is new or unique, the combination of the different tactics, and the variety of infection chains resulting in low detection rates, enabled the threat actors to stay under the radar for quite a while,” CPR researchers noted.

CPR is still investigating and monitoring SmugX activities and will share new details soon. Please continue to visit this platform for the latest updates on SmugX.

**RELATED ARTICLES**

1.  Killnet Hits European Parliament Website with DDoS Attack
2.  Research sector hit in new phishing attack using Google Drive
3.  Fake WHO Emails on COVID-19 Drop Nerbian RAT Across Europe
4.  European Spyware Vendor Offering Android & iOS Device Exploits
5.  Zimbra email platform flaw exploited to steal European govt emails

SmugX: Chinese Hackers Targeting Embassies in Europe

By Owais Sultan
Sweat Hero becomes the first ever NFT game within a move-to-earn platform. 
This is a post from HackRead.com Read the original post: M2E Platform Sweat Economy Launches Flagship NFT Game: Sweat Hero

**Unlike a traditional blockchain NFT game that adopts a pay-to-play model, Sweat Hero provides a free-to-play platform, opening the channel for millions of people to engage with and own free NFTs.**

One of the leading Web 3 fitness apps, Sweat Economy, announced the launch of Sweat Hero, an NFT-powered game that aims to enhance fitness and revolutionize the move-to-earn industry. Announced Wednesday, Sweat Hero brings a first-of-its-kind game to M2E platforms, allowing users to gamify their fitness while having fun on the game. 

Oleg Fomenko, Co-founder of Sweat Economy, spoke highly of the latest development in Sweat’s ecosystem, terming it “a true innovation in the NFT and M2E gaming space”. The game is built within the Sweat Wallet app, boasting the first M2E game created based on sustainable tokenomics. The free-to-play, play-to-earn game revolutionizes gaming by removing any initial costs, allowing any user to start earning $SWEAT tokens. 

“We’re leaving behind the times of scarcity in the NFT space and breaking the old standard of ‘pay to play’ in the M2E gaming space,” Oleg Fomenko said. “With Sweat Hero, millions of people can engage with free NFTs, and the more players we have, the more $SWEAT goes into the token sink, making token economics sustainable.”

**Sweat Hero’s Free Play-to-Earn model **

Unlike the traditional blockchain games that adopt a pay-to-play model, Sweat Hero provides a free-to-play platform, opening the channel for millions of people to engage with and own free NFTs. The platform offers every Sweat Wallet user a free “Legs NFT” to start the game and a free $SWEAT token for completing the tutorial. 

The players can then exchange their $SWEAT token for 1,000 Battle Coins, the minimum wager required to battle in the game. These NFTs are dynamic and will evolve based on users’ gameplay progression, physical activities, and engagement within the Sweat Wallet app.

Once they have won several battles, they can exchange their Battle Coins for $SWEAT tokens at a rate of 10 $SWEAT per 10,000 Battle Coins, the smallest amount that can be converted at a time.  Moreover, these NFTs can be used as digital collectables, which adds to their value and the overall engagement and excitement of the players.  

However, the main aim of the game is to boost fitness levels among the players. It encourages physical activity by rewarding the user with more ‘NFT power’ the more they walk. The launch of Sweat Hero aligns with Sweat Economy’s goal of enhancing global health by making players more physically active. 

**A Growing Sweat Ecosystem**

According to the team statement, Sweat Hero’s goal is to provide a unique NFT gaming platform that motivates players to walk more and drive engagement through the function to battle with friends. As the gamification of fitness grows, Sweat Hero is expected to enhance the adoption rates of Sweat Wallet, introducing more people to earning through their daily fitness routines. 

“We’re excited about the future of Sweat Hero and the positive impact it will have on our ecosystem and $SWEAT token,” said Fomenko. “We’re not just creating a game; we’re creating a community and a sustainable model for the M2E gaming space.”

In the coming months, Sweat Economy aims to enrich its NFT game by introducing even Arenas that players can level up into to secure a higher earning potential. Additionally, the team will launch the dynamic NFT evolvement framework in the latter stages of the year. This framework will be based on users’  gameplay progression, daily physical activities, and engagement within the Sweat Wallet app.

The latest development follows the recent appointment of Sweat Economy’s Chief Walking Officer (CWO), a position created for a normal Sweat user, paying $24,000 annually for walking 5,000 steps daily. 

**RELATED ARTICLES**

1.  What is Blockchain Gaming & its Play-to-Earn Model?
2.  What Makes Bitcoin NFTs Different from Other NFTs?
3.  Ankr Launches Chainscanner Blockchain Explorer Tool
4.  We Need Smarter Smart Contracts To Avert DeFi Hacks
5.  Web3 Needs More Than IPFS for Decentralized Infrastructure

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

M2E Platform Sweat Economy Launches Flagship NFT Game: Sweat Hero

By Waqas
Anonymous Sudan group took to Telegram to claim that it had stolen 30 million accounts belonging to Microsoft customers.
This is a post from HackRead.com Read the original post: Microsoft rubbishes Anonymous Sudan’s claim of Stealing 30M accounts

**Anonymous Sudan, which Microsoft tracks as Storm-1359, is offering the full database of Microsoft customer accounts for $50,000.**

Microsoft has hit back at the hacktivists claiming to have infiltrated the tech giant’s servers and stolen the credentials of 30 million customer accounts. Reportedly, the Russian Killnet\-affiliated hacktivist group, Anonymous Sudan, recently boasted about breaching Microsoft’s security and accessing millions of accounts belonging to its customers. The hacktivists posted details of the security breach on their Telegram channel, which read:

“We announce that we have successfully hacked Microsoft and have access to a large database containing more than 30 million Microsoft accounts, emails, and passwords … We will begin selling this database, so if you’re interested, contact us at our bot to negotiate.”

Anonymous Sudan on Telegram (Image source: Hackread.com)

The gang, which Microsoft tracks as Storm-1359, is offering the full database of Microsoft customer accounts for $50,000. The hacktivists also provided 100 email password combinations as a small sample to prove their claims. However, in its statement, Microsoft denied these claims.

“At this time, our analysis of the data shows that this is not a legitimate claim and an aggregation of data. We have seen no evidence that our customer data has been accessed or compromised.”

Previously, Anonymous Sudan has been involved in DDoS attacks targeting Western organizations. In February 2023, the group targeted Swedish organizations with a series of DDoS attacks in response to a Quran-burning incident in Stockholm.

However, cybersecurity experts claim that the attack was actually a false-flag campaign by Russia to encourage hatred between Sweden and Muslim countries. More recently, Anonymous Sudan disrupted the official website of SAS (Scandinavian Airlines) website and took down the Microsoft 365 software suite, including Outlook and Teams.

The gang has previously attacked Microsoft as well. In a statement released in mid-June, Microsoft confirmed that Anonymous Sudan had launched Layer 7 DDoS attacks against the software vendor. The attack was detected in early June 2023 when the company noticed an unusual rise in traffic against some of its services.

As a result, the services became temporarily unavailable. Microsoft noted that the hacktivists had accessed botnets and tools to launch DDoS attacks from cloud services and open proxy infrastructures.

This is a developing story. At the moment, there is no clarity on whether Anonymous Sudan breached Microsoft’s security since the data sample it has provided is yet to be verified. We will keep updating our readers with the latest on this incident.

1.  Russian Killnet Hackers Claim Data Theft of FBI Agents
2.  Killnet Hits European Parliament Website with DDoS Attack
3.  Yandex Source Code Online Leaked, Company Denies Hack
4.  Microsoft Discloses DDoS Attack Impact with Limited Details
5.  Twitter Denies Any Hack Attack in 200M Account Leak Scare

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Microsoft rubbishes Anonymous Sudan’s claim of Stealing 30M accounts

By Waqas
The feature that allows users to browse with the Bing browser is only available for paid ChatGPT users.
This is a post from HackRead.com Read the original post: ChatGPT’s Bing Browsing Feature Disabled for Paywall Article Access

**The feature was disabled by OpenAI, the creator of ChatGPT, on July 3rd, and it will remain suspended until the company fixes this issue in order to do right by content owners.**

ChatGPT has been involved in several legal battles, and the last thing its creators want is to open another front. The AI chatbot is undoubtfully a gift for internet users in recent times, and gaining the ability to add plugins to the AI-powered chatbot is the cherry on top.

The plugins that helped users connect ChatGPT to the internet were the most sought-after ones. One such plugin was the Browsing model, also known as Browse with Bing, which used the Bing search API to enable internet access.

This Beta feature was available for ChatGPT Plus subscribers and integrated the search engine into the conversation, allowing the user to access information from the web. When it was rolled out, the feature tremendously enhanced ChatGPT’s utility by making it possible to merge the internet and the AI chatbot.

However, this much-talked-about feature has now been disabled by OpenAI, the creator of ChatGPT, because it allowed users to access paywalled articles. Reportedly, the paywalled content was accessible through the “Print the Content of this Article” prompt by pasting the article’s URL after it. ChatGPT would then display the content of the article. For example, if a user asked for the full text of a specific URL, it fulfilled this request.

One of ChatGPT’s users shared this screenshot on Twitter. (Credit: @wunderwuzzi23)

The company stated that this feature inadvertently displayed content it wasn’t meant to show, violating the terms and services of most subscription-based online publications. Therefore, OpenAI disabled this feature on July 3rd, and it will remain suspended until the company fixes this issue in order to do right by content owners. ChatGPT won’t display information beyond September 2021, its training data cutoff date.

The company asserts that the feature will be back soon. However, until this happens, the unexpected disabling has disappointed ChatGPT users as they are in disbelief that this glitch was detected at the beta stage when it should have been fixed in the Alpha stages. According to reports, users who had paid for the Chat with Bing feature are asking for refunds as the service is not available anymore.

However, OpenAI has confirmed that the feature has been temporarily disabled, and their team is diligently working on reintroducing it after ensuring that it complies with the performance and content accuracy.

Nevertheless, there is confusion as OpenAI hasn’t disclosed when the feature will be available. We will update our readers as soon as there is any new development in this story.

**RELATED ARTICLES**

1.  100,000 Hacked ChatGPT Accounts Discovered on Dark Web
2.  ChatGPT’s False Information Generation Enables Code Malware
3.  ChatGPT tricked into generating Windows 10 and Windows 11 keys
4.  ChatGPT Improves Healthcare, But Industry Needs Secure Database
5.  OpenAI Launches ChatGPT Bug Bounty Program – Earn $200 to $20k

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

ChatGPT’s Bing Browsing Feature Disabled for Paywall Article Access

By Waqas
The arrests took place in Singapore over complaints from unsuspecting victims.
This is a post from HackRead.com Read the original post: Teen among suspects arrested in Android banking malware scheme

Singapore authorities have conducted a successful operation, resulting in the arrest of 13 individuals suspected of involvement in banking-related malware scams. Among those apprehended were a 16-year-old teenager and a group of 10 men and two women aged between 19 and 35.

Preliminary findings suggest that seven men, two women aged 19 to 27, and a 16-year-old facilitated the scam by providing their bank accounts, Internet banking credentials, and Singpass credentials to perpetrators for monetary gain. Three other men aged 20 and 35 are believed to have withdrawn funds from the accounts of some of the “money mules” and handed the money over to unknown individuals.

The number of victims is yet unknown. For your information, Singpass, which stands for Singapore Personal Access, is a digital identity that enables all Singapore citizens and residents to conveniently access businesses and government agencies and businesses.

Suspects and seized sim cards (Screenshot: SPF)

**Modus Operandi and Scam Techniques**

In a press release, the Singapore Police Force (SPF) revealed that since January 2023, they have received a rising number of reports involving malware used to compromise Android mobile devices, leading to unauthorized transactions from victims’ bank accounts. Remarkably, victims did not share their Internet banking credentials, One-Time Passwords (OTPs), or Singpass credentials with anyone.

The scam unfolded when victims responded to various advertisements on social media platforms for services such as cleaning, pet grooming, and the sale of food items like seafood and groceries. Subsequently, scammers instructed victims to download an Android Package Kit (APK) from unofficial app-store platforms to facilitate their purchases. However, these APKs contained malware that infected the victims’ mobile devices.

Once infected, scammers contacted victims via phone calls or text messages and convinced them to enable accessibility services on their Android phones. Enabling these services weakened the phones’ security and granted full control to the scammers. Keystrokes were logged, banking credentials were stolen, and scammers remotely accessed banking apps to add “money mules” as payees, increase payment limits, and transfer funds to them.

The scammers also deleted text messages and email notifications related to the fraudulent transfers to cover their tracks.

The act of benefiting from criminal conduct carries severe penalties under Section 54(5)(a) of the Corruption, Drug Trafficking, and Other Serious Crimes (Confiscation of Benefits) Act 1992. Offenders face imprisonment of up to 10 years, a fine of up to S$500,000, or both.

1.  Teen Charged in DraftKings Data Breach
2.  UK Teen Arrested Amid Uber and GTA 6 Hacking Saga
3.  Dark Web Hitman Paid with BTC to Murder Teen Victim
4.  Teen “Hackers” on Discord Selling Malware for Quick Cash
5.  Teen arrested for 8 DDoS attacks that disrupted school’s classes
6.  Data breach: SingHealth users affected including Singapore’s PM

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Teen among suspects arrested in Android banking malware scheme

By Habiba Rashid
Another day, another lawsuit against the developers of the groundbreaking AI chatbot ChatGPT.
This is a post from HackRead.com Read the original post: Authors Sue OpenAI: ChatGPT’s Training Methods Challenged in Lawsuit

**The lawsuit, brought forth by science fiction and horror author Paul Tremblay and novelist Mona Awad, accuses OpenAI of training ChatGPT on copyrighted books without obtaining proper consent, credit, or compensation from the authors.**

OpenAI, the prominent artificial intelligence (AI) company behind the popular ChatGPT chatbot, is facing yet another legal challenge. A class action lawsuit was filed against OpenAI in federal court on Wednesday, alleging copyright infringement and privacy violations related to the company’s training methods and data usage.

The lawsuit (PDF) doesn’t come as a surprise considering that ChatGPT is a relatively new chatbot, and may take some time for trainers to address copyright violation issues. It’s worth noting that these problems aren’t limited to ChatGPT alone; other AI systems like Microsoft’s Bing AI and Google’s BARD AI have also faced similar violations. For instance, just a couple of weeks ago, users managed to trick ChatGPT, Bing AI, and BARD AI into generating activation keys for Windows 10 and Windows 11.

The lawsuit, brought forth by science fiction and horror author Paul Tremblay and novelist Mona Awad, accuses OpenAI of training ChatGPT on copyrighted books without obtaining proper consent, credit, or compensation from the authors. The authors claim that since ChatGPT is capable of providing accurate summaries of their works, it indicates that their books were copied and incorporated into OpenAI’s language model without permission.

The complaint points to a 2020 OpenAI paper that mentions the use of “two internet-based book corpora” for training ChatGPT, suggesting that one of these datasets, consisting of over 290,000 titles, may have originated from “shadow libraries” like Library Genesis and Sci-Hub. These shadow libraries are known for illegally publishing copyrighted works using torrent systems. The authors argue that OpenAI’s utilization of these datasets infringes copyright law and further allege that ChatGPT removes copyright notices from the books, violating the Digital Millennium Copyright Act.

The lawsuit, according to Bloomberg Law, also argues that OpenAI has integrated social media apps such as Spotify, Snapchat, Stripe, Slack, and Microsoft Teams with its systems to collect personal user data including images, locations, music tastes, financial details, and private communications. Gathering such data is a violation of the terms of service these platforms offer the lawsuit claims.

OpenAI has also been separately sued in a sweeping class action lawsuit, accusing the company of unlawfully collecting personal information from the internet through its AI models, including ChatGPT and the text-to-image generator DALL-E. The lawsuit asserts that such data scraping violates various state and federal privacy laws. This legal battle highlights the growing concerns surrounding AI technology and the need for regulations to address potential privacy breaches.

These lawsuits could have far-reaching consequences for OpenAI and the AI industry as a whole. The outcomes may set important precedents regarding AI, copyright infringement, and privacy, influencing future regulatory frameworks. If the court rules in favour of the plaintiffs, OpenAI may face substantial financial penalties, potentially impacting its financial stability and fundraising efforts. Additionally, the lawsuits could tarnish the company’s reputation, leading to increased scrutiny from regulators and the need for further transparency.

The implications extend beyond OpenAI, as companies utilizing ChatGPT or other OpenAI products may reconsider their partnerships to safeguard their reputations and protect user privacy. Moreover, if the courts determine that using copyrighted material for training AI models constitutes infringement, OpenAI and other companies may need to reconsider their data acquisition practices.

As these legal battles unfold, industry observers must monitor the progress of these lawsuits. The outcomes may result in new laws and policies, reshape AI development practices, and require companies to adapt their offerings to align with evolving legal and privacy standards.

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.

Authors Sue OpenAI: ChatGPT’s Training Methods Challenged in Lawsuit

By Waqas
The phone scam specifically focused on exploiting vulnerable individuals residing in Poland and Germany.
This is a post from HackRead.com Read the original post: Police Bust International Phone Scam Gang Targeting Elderly

**The alleged ringleader of the phone scam gang, which preyed on elderly individuals through fraudulent phone calls, has also been arrested.**

A major international law enforcement operation has resulted in the apprehension of multiple suspects, including the alleged ringleader of an organized crime group that preyed on elderly individuals through fraudulent phone calls, as confirmed by Europol.

The National Crime Agency (NCA) of the United Kingdom arrested the suspected head of the criminal network near London, while authorities in Poland and Germany carried out simultaneous raids across several locations in Europe. During the raids, law enforcement officers seized mobile phones, electronic devices, gold bars, coins, jewellery, and $160,000 in cash.

Throughout the investigation, approximately 70 individuals have been taken into custody. The modus operandi of the scam included fraudsters calling elderly victims, posing as police officers or officials authorities, and informing them that their relative was involved in a fatal accident.

The phone would then be handed to another individual who would create a sense of urgency and panic by screaming for help. This tactic aimed to coerce the victim into complying with the fraudster’s demands to hand over money, purportedly to prevent the detention of their fake relative.

Another part of the scam involved physically sending a person to the victim’s residence to collect the money. Typically, these individuals were unwitting trapped as part of squaring scams recruited through online job platforms, according to Europol.

In total, Europol estimated that hundreds of elderly individuals fell victim to this criminal gang, resulting in losses of up to $5 million ($5.4 million). According to Europol, the dismantling of the group may have prevented additional losses of approximately $1.4 million ($1.5 million).

Europol warned that these scams can deceive victims into losing substantial amounts of money while inflicting severe emotional distress and eroding trust in legitimate authorities.

The shutdown of this highly sophisticated scam is not unexpected, considering the rigorous crackdown by British authorities on cybercriminals and scammers. In November 2022, the UK’s largest bank call scam, iSpoof, was dismantled when its infrastructure was seized. Subsequently, in May 2023, the mastermind behind the operation was apprehended in London and sentenced to 13 years in prison.

1.  Europol Busts Crypto Fraud Call Centers
2.  Europol nabs 106 criminals involved in SIM swapping
3.  Europol busts VPNLab VPN used by ransomware gang
4.  NCA infiltrates cybercrime market with fake DDoS sites
5.  Europol arrests 6 over malware counter anti-virus platform

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Police Bust International Phone Scam Gang Targeting Elderly

By Deeba Ahmed
Meduza malware is being fiercely marketed across different Telegram channels, cybercrime and dark web forums.
This is a post from HackRead.com Read the original post: New Meduza Malware Targets Wallets, Passwords and Browsers on Windows

**Meduza authors are pushing the malware as a subscription-based service, offering plans for 1-month, 3-month, and lifetime access.**

Crimeware-as-a-Service (CaaS) operations have become the latest fad in the world of cybercrime, and the Meduza Malware is the newest weapon added to its ever-increasing arsenal.

Uptycs Threat researchers report that Meduza Stealer is under active development and boasts comprehensive data-stealing capabilities, along with advanced detection evasion techniques.

**How Was Meduza Stealer Discovered?**

Uptycs researchers discovered the Meduza malware while monitoring Telegram channels and Dark Web forums. Initial examination revealed that the stealer was developed by someone with the username Meduza. According to the malware admin, Meduza does not perform ransomware operations and only functions as an information stealer.

**Meduza Targets- Windows Systems and Browsers**

The malware is designed to target Windows-based systems and organizations. Currently, it targets ten countries and pilfers a wide range of system and browser data, from login credentials to browsing history, bookmarks, etc.

It also targets data stored by 2FA, crypto wallets, and password managers. All types of extensions are vulnerable to Meduza. Check out the list of countries it can and cannot target:

*   Russia
*   Kazakhstan
*   Belarus
*   Georgia
*   Turkmenistan
*   Uzbekistan
*   Armenia
*   Kyrgyzstan
*   Moldova
*   Tajikistan

**What Makes Meduza Unusual?**

Researchers noted that it has a “crafty” operational design since, unlike other common malware, Meduza’s binary doesn’t use obfuscation techniques, making it virtually undetectable. The malware administrator has employed highly sophisticated marketing tactics to generate hype and trust for Meduza malware.

“In a calculated move to gain trust and confidence, they have initiated static and dynamic scans of the Meduza stealer file using some of the industry’s most reputable antivirus software. Screenshots were then shared, demonstrating that this potent malware could evade detection by these top-tier antivirus solutions,” researchers wrote in the report published on June 30th, 2023.

This malware is being fiercely marketed across different cybercrime forums and Telegram channels. Most antivirus software cannot detect its binary dynamically and statically, making the situation much more problematic for security researchers. The pricing model for Meduza is the real game-changer.

The admin offers numerous subscription packages, such as 1-month, 3-month, and lifetime access plans, at competitive prices ($199 per month, $399 for a 3-month subscription, and $1,199 for a lifetime license).

The Meduza malware is being advertised on the infamous Russian cybercrime and hacker forum XSS.IS (Left) – Meduza author boasting about the malware’s AV-evading capabilities. (Images: Hackread.com)

Moreover, the stolen data is available on a user-friendly web panel. Subscribers can create customized binaries and access, download, and delete sensitive data, including IP addresses, geographical data, stored cookies, wallets, passwords, and OS build names directly from the panel.

**Meduza Data Stealing Capabilities**

After infecting the machine, the malware scans for geolocation data against a predefined list of excluded countries and aborts operations if a match is found. Meduza malware connects to its operator’s C2 server if it doesn’t match. It starts stealing data only after the connection is established. It steals data from various Windows APIs, including GetUserName, GetComputerName, GetCurrentHWProfile, and EnumDisplayDevices.

It also collects system build CPU computer details, execute path, geolocation, OS, RAM, hardware IDs, GPU, TimeZone, screenshot resolution, username, etc. It also collects browser info, miner’s registry info, password manager info, and installed games details, probably to gain extensive financial and personal data.

Meduza comes with a predefined browser list and checks the User Data folder to get browser-related data such as cookies, history, web data, login data for accounts, and local state. It also steals Telegram Desktop app data from these Windows Registry paths:

    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4A4AE8F-B9F7-4CC7-8A6C-BF7EEE87ACA5}_is1

What’s worse, Meduza malware is also capable of collecting data from 19 password managers, stealing clients, Discord, 95 web browsers, and 76 cryptocurrency wallet extensions.

To stay protected, you must keep the OS, browsers, and installed applications updated so that vulnerabilities are time patched and use stronger passwords.

1.  Legion SMS Hijacking Malware Sold on Telegram
2.  100k Hacked ChatGPT Accounts Sold on Dark Web
3.  Hackers Leak i2VPN Admin Credentials on Telegram
4.  Hackers Advertising New Info-Stealer Malware on Dark Web

New Meduza Malware Targets Wallets, Passwords and Browsers on Windows

By Habiba Rashid
Tracked as CVE-2023-3460, the zero-day vulnerability possesses a CVSS score of 9.8, indicating its severity.
This is a post from HackRead.com Read the original post: Zero-Day Exploit Threatens 200,000 WordPress Websites

**The issue enables attackers to exploit a flaw in the Ultimate Member plugin that allows the creation of rogue admin accounts.**

Cybersecurity researchers have discovered ongoing attacks targeting a critical vulnerability in the widely used Ultimate Member plugin for WordPress websites. This plugin, designed to streamline user registration and login processes, is currently installed on over 200,000 active websites worldwide.

The attacks, leveraging a zero-day vulnerability, allow hackers to gain elevated privileges on target websites, potentially leading to unauthorized access and control over the affected sites.

Tracked as CVE-2023-3460, the vulnerability possesses a CVSS score of 9.8, indicating its severity. It enables attackers to exploit a flaw in the Ultimate Member plugin that allows the creation of rogue admin accounts. By manipulating predefined banned user meta keys within the plugin, attackers can add slashes to bypass the restrictions, alter the user meta key values, and set their wp capabilities to “administrator.” This grants them administrative access to the compromised websites.

Reports from the WordPress security firm WPScan suggest that the attacks have been ongoing since at least the beginning of June, with some users already observing and reporting suspicious activities, such as the creation of unauthorized administrator accounts.

The issue stems from a conflict between the plugin’s blocklist logic and the way WordPress handles metadata keys. While the plugin’s maintainers have attempted to address the privilege escalation bug in recent versions, including versions 2.6.4, 2.6.5, and 2.6.6, they have not fully patched the vulnerability.

Wordfence, another prominent security firm, also confirmed the existence of the zero-day vulnerability and warned WordPress administrators about the ongoing exploitation. They discovered instances of attackers creating rogue accounts with usernames such as “wpenginer,” “wpadmins,” “wpengine backup,” “se brutal,” and “segs brutal.”

The researchers have shared indicators of compromise (IoCs) associated with these attacks, aiding administrators in identifying potential breaches.

While the plugin developers are actively working on a patch to address the vulnerability, their efforts thus far have not fully resolved the issue. Even the latest version of Ultimate Member (2.6.6) remains vulnerable.

In the meantime, website owners are strongly advised to disable or uninstall the Ultimate Member plugin to mitigate the risk of exploitation. Additionally, administrators should conduct audits of their site’s administrator roles to identify any unauthorized accounts.

1.  7 Tips to Increase Your WordPress Security
2.  What To Look For In The Best WordPress Hosting
3.  Steps to follow before granting WordPress admin access
4.  5 Signs your WordPress Site is Hacked (And How to Fix It)
5.  Critical WordPress plugin vulnerability allowed wiping databases

I’m a student and cybersecurity writer. On a random Sunday, I am likely to be figuring out life and reading Kafka.