- German youngster behind massive data leak of German politicians data
- Coinbase suspended Ethereum Classic (ETC) trading after a successful 51% attack
- Zerodium offers $2 Million for remote iOS jailbreaks, and much more
- Nine 2019 Cybersecurity Predictions
Posted: 08 Jan 2019 02:26 PM PST
A 20-year-old hacker was arrested for the recent massive data leak that impacted hundreds of German politicians. According to the authorities, the man had already confessed.
The German authorities have identified a 20-year-old hacker that stole and leaked personal data belonging to hundreds of German politicians. According to the authorities, the youngster, who lives with his parents and is still studying, had already confessed to having acted because he was annoyed.
“The accused said he published the data because he had been annoyed by certain statements made by those affected,” explained Georg Ungefuk, a spokesman for the Frankfurt prosecution service’s internet crime office ZIT.
The man was arrested after police raided his home in the state of Hesse,
The young hacker immediately decided to cooperate with the authorities and admitted to
He was charged with spying and illegally publishing personal data.
According to Bloomberg News, the exposed data includes email addresses, mobile phone numbers, invoices, copies of identity documents and personal chat transcripts.
The data were leaked online via the Twitter account "G0d" (@_0rbit) that has been suspended. "The Twitter account @_0rbit published the links daily in the style of an advent calendar, with each entry representing a "door", behind which was a link to new information." reported France24.
The leak was first reported by the German newspaper the Bild and the broadcaster RBB. According to the Bild, the theft of the data continued until the end of October but at the time it is not clear when it started.
The hackers leaked data belonging to political officials included members of the Bundestag lower house of parliament, the European Parliament, deputies from all parties, regional and local assemblies.
The data was leaked online in December, but inexplicably the news was reported only this week.
The list of affected people also includes President Frank-Walter Steinmeier, celebrities and journalists.
The unique party in the Bundestag that was not targeted by the hacker is the opposition group of Alternative for Germany (AfD).
“We are still investigating his motives and whether they may have been criminal or politically motivated,” the head of cyber security at Germany’s Federal Police Office (BKA), Heiko Loehr, told to the reporters.
(SecurityAffairs – data leak, German politicians)
The post German youngster behind massive data leak of German politicians data appeared first on Security Affairs.
Posted: 08 Jan 2019 07:00 AM PST
The cryptocurrency exchange Coinbase suspended the trading of Ethereum Classic (ETC) after double-spend attacks worth $1.1 Million
The cryptocurrency exchange Coinbase has suspended the trading of Ethereum Classic (ETC) after double-spend attacks that consist in spending digital coins twice.
51% attack refers to an attack on a blockchain by a group of miners that controls over 50% of the network’s mining hashrate.
“On 1/5/2019, Coinbase detected a deep chain reorganization of the Ethereum Classic blockchain that included a double spend. In order to protect customer funds, we immediately paused interactions with the ETC blockchain.” reads a blog post published by Coinbase.
“Subsequent to this event, we detected 8 additional reorganizations that included double spends, totaling 88,500 ETC (~$460,000). Update: Subsequent to this event, we detected 12 additional reorganizations that included double spends, totaling 219,500 ETC (~$1.1M).”
The attackers were able to double spend about 219,500 ETC and transfer them to wallets under their control.
On January 5, the exchange discovered a deep chain reorganization of the Ethereum Classic blockchain, then it halted send/receive interaction with the ETC blockchain in order to safeguard customer funds.
"Due to unstable network conditions on the Ethereum Classic network, we have temporarily disabled all sends and receives for ETC. Buy and sell is not impacted. All other systems are operating normally." reads an
The price of the Ethereum Classic (ETC) digital currency went down just after the attacks were reportes.
It is curious to note that Ethereum Classic was not able to defect the attack first and rejected the initial report from Coinbase.
The incident was confirmed later and confirmed that the investigation is still ongoing.
Stay tuned …
(SecurityAffairs – virtual currency, hacking)
The post Coinbase suspended Ethereum Classic (ETC) trading after a successful 51% attack appeared first on Security Affairs.
Posted: 08 Jan 2019 03:38 AM PST
The zero-day broker Zerodium offers $2 million for remote iOS jailbreaks and $1 million for chat app exploits.
Zerodium announced it is going to pay up to $2 million for remote iOS jailbreaks that don’t need any user interaction, Previous offers of the company for this kind of exploits was $1.5 million.
The company also doubled the payouts for remote code execution flaws in WhatsApp, iMessage or SMS/MMS applications, payouts passed from $500,000 up to $1 million.
Other payouts offered by Zerodium for Chrome on Android and Safari on iOS exploits go for $500,000. The exploits for both web browsers include remote code execution, privilege escalation,
The broker offers up to $100,000 for
Zerodium increased of $100,000 the amount for remote code execution flaws in Outlook, Microsoft Exchange Server, PHP,
Rewards for a Windows RCE exploits via SMB or RDP packets without any user interaction is doubled, reaching $1 million.
Payouts for Chrome, Apache and Microsoft IIS exploits are doubled too and now are $500,000.
(SecurityAffairs – zero-day, exploits)
The post Zerodium offers $2 Million for remote iOS jailbreaks, and much more appeared first on Security Affairs.
Posted: 08 Jan 2019 01:10 AM PST
Wondering about the state of global cybersecurity in 2019? Wonder no more with these nine cybersecurity predictions for where the new year will take us — and what it means for our digital properties, online lives
(Security Affairs – 2019 Cybersecurity predictions, cyberattacks)
|You are subscribed to email updates from Security Affairs. |
To stop receiving these emails, you may unsubscribe now.
|Email delivery powered by Google|
|Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States|