Search
  • Avantia Threat Update

Reddit Robbed!


Reddit. one of the 5 most viewed websites on the Internet was breached this week.

This week contains the high-profile breach of Reddit, one of the 5 most viewed sites on the internet with 233,000+ Australian Subscribers; healthcare and education sector breaches, an exploration of a Dark Web hacking forum and vulnerabilities of 2 Factor Authorisations.


Highlights

1. Gamers Play Kaiser Permanente.

2. Russian Dark Web Hacking Forum.

3. The Front Page of the Breach.

4. USA Ivy League Fail!

In Other News: Russian Dark Web A reporter from The Guardian recently dove into a popular Russian Dark Web hacking forum known as FreeHacks, which aims to maximize efficiency in the attacks of its members and to disperse information on ‘quality’ hacking. On the surface it looks like any other forum, and (in essence) it is, with a twisted turn provided by the malicious nature of the subject matter. The categories of the forum are split into a wide variety of specific types of hacking and some ‘lifestyle’ forums as well.

Hacker news, humor, botnet, DDoS, programming, web development, malware and exploits, and security are examples of some of the topics discussed on the site. Some of the markets on the site include stolen credit cards, password cracking software, a clothing market to launder money, and a document market where members can buy passports and citizenships. The forum has about 5,000 active members and claims that a hacker is not a ‘computer burglar’ but rather ‘someone who likes to program and enjoy it.”


Given the kind of information and marketplaces available on the site, this seems more like mental gymnastics rather than a nuanced examination of one’s own criminality. After passing the registration to get into the site, the reporter found step-by-step directions for finding someone’s physical address, among other nefarious ways to penetrate companies’ networks or to extort individuals.

Gamer Recognize Game The website for Kaiser Permanente was hijacked this week by hackers, defacing the site to include a variety of Game of Thrones quotes, which is a popular book series turned US TV show. The American integrated care consortium based in Oakland, California had their pictures of happy healthy families on their front page replaced with a black screen and a declaration that a hacking group known as the faceless men was responsible for the act. The hacking group appears to be somewhat amateur in nature, and Turkish in origin. An investigation into the group’s members reveals that a few of the hackers listed are active Turkish gamers, which raises the question about how an organization that handles sensitive medical information was able to be hacked by a group of Turkish gamers with very little hacking experience. It is unclear whether any personal information has been accessed in the hack.


Security V Convenience More customers value security over convenience than professionals in the UK, according to a new study. 83% of customers prefer security, compared to only 60% of cybersecurity professionals. The study explores the reason for the disparity in the concern, citing organisations desire for frictionless customer experience as a reason for not having tight security. This could contribute to the UK scoring an unimpressive 56 out of 100 points on the Digital Trust Index which is one of the lowest in the world and 5 points lower than the global average. This disconnect is likely to continue in the future considering 88% of UK executives believe they are doing a good job protecting consumer data while over half of their organizations have been breached in the past year.

Hacking from The Inside Across 5 different correctional facilities in Idaho USA, hundreds of inmates were able to add thousands of dollars’ worth of credits to their JPay accounts, which allows inmates to buy music or send emails. Over 300 inmates were able to exploit a vulnerability in the JPay system to add $224,772 across the group. One of those involved managed to gain nearly $10,000 using the exploit. Those who hacked their JPay accounts are being punished, and the vulnerability is being fixed, but this raises questions about the security of programs used by the U.S. prison system.

Threat Focus – Reddit - USA. Exploit: SMS intercept. Risk to Small Business: High: Could have damaging effects on the trust of clients, as well as highlighting the vulnerabilities of SMS 2FA. Individual Risk: Moderate: The nature of the data is not particularly harmful due to the age and the scope but affected users could be at risk for spam. Reddit: Extremely popular forum, one of the 5 most popular sites on the internet. Date Occurred/Discovered: June 14 – 18, 2018 Date Disclosed: August 1, 2018 Data Compromised:

Reddit user data (before May 2007); Usernames; Salted hashed passwords; Email addresses; Public content; Private messages; Email digests. Customers Impacted: Users with accounts made before 2007, subscribers to email digests between June 3 and June 17, 2018.

Threat Focus – UnityPoint Health - USA Exploit: Phishing. Risk to Small Business: High: A huge breach of customer trust, also this organization will be fined heavily because medical data was breached. Individual Risk: High: The content breached is valuable on the Dark Web and is vital in identity theft. UnityPoint Health: Multi hospital group operating in Iowa, Illinois and Wisconsin. Date Occurred/Discovered: March 14 - April 3, 2018 Date Disclosed: July 31, 2018 Data Compromised: Protected health information; Names; Addresses; Medical data; Treatment information; Lab results; Insurance information; Payment cards; Social Security Number Customers Impacted: 1.4 Million.

Threat Focus – Hawera High School – New Zealand

Exploit: Phishing. Risk to Small Business: High: Ransomware attacks can be very disruptive. Individual Risk: High: Students could lose files stored locally on computers. High risk of identity theft if PII is stored. Hāwera High School: A New Zealand High School. Date Occurred/Discovered: August 2018 Date Disclosed: August 2, 2018 Customers Impacted: Students at the school.

Threat Focus – Credit Mate - India Exploit: Exposed database. Risk to Small Business: High: The exposed database was found during a routine google search, this kind of breach would seriously damage an organizations image. Individual Risk: High: Data key for identity theft were exposed in this breach. CreditMate: Helps customers obtain loans to purchase motorbikes. Date Occurred/Discovered: July 27, 2018 Date Disclosed: August 2, 2018 Data Compromised: Member reference number; Enquiry number; Enquiry purpose; Amount of loan being sought; Full name; Date of birth; Gender; Income tax ID number; Passport; Driver’s license; Universal ID number; Telephone number; Email address; Employment information; Employment income; Residential address; Payment history of other loans/credit cards. Customers Impacted: 19,000.

Threat Focus - Yale University - USA

Exploit: Unclear. Risk to Small Business: High: Highly sensitive personal information was leaked which would damage consumer trust. Individual Risk: High: The data accessed would be highly useful for bad actors looking to steal someone’s identity. Yale University: A prestigious American University. Date Occurred/Discovered: April 2008 – January 2009 Date Disclosed: June 2018 Data Compromised: • Social security numbers • Dates of birth • Email addresses • Physical addresses Customers Impacted: 119,000

Postscript. With the breach of Reddit being disclosed this week, it’s key to remember the importance of robust cybersecurity, given that the hacker of the site was able to bypass 2 Factor Authentication. The cyber criminal was able to do this by using a method called ‘SMS intercept’ which is when the hacker is able to receive the text that contains the code for authentication. One way this is done is by SIM-swap, which is when the attacker convinces the phone provider that he is the target and applies their service to a new SIM card. Another method of attack is when a cyber criminal impersonates the target and tricks the phone provider into transferring the target’s number to a new provider where the attacker is then able to access any 2 Factor Authentication codes coming into the phone.

SMS-intercept attacks are going to become more and more prevalent as they have been shown to be successful, and publicly too considering Reddit is one of the most popular sites on the internet.


Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING


Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication for general information only and has compiled the content from number of sources believed to be reliable. No warranty, implied or otherwise, is given as to its accuracy or fitness for use, no validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.

© 2020 by Avantia CORPORATE SERVICES . All Rights Reserved.