All Steamed up, Mixcloud mess, Mongo CStealer, and more.


Hi, I’m Paul Torgersen. It’s Monday, December
2nd, 2019, and this is a look at the information security news from overnight. From BleepingComputer.com:
A fake Steam skin giveaway site has been spotted that says it wants to give away new skins
every day, but really just wants your login credentials. The scam is even being promoted
directly on the Steam platform in comments on users profiles. The fake login page looks
pretty good, but the giveavvay[.]com URL should give it away. From TechCrunch.com:
A data breach at Mixcloud, has left millions of user accounts for on sale on the dark web.
The exact amount of accounts breached in early November is not known, but appears to be between
20 and 22 million. You can buy the lot for about half a bitcoin, or $4,000. From TheRegister.co.uk:
An employee at Datrix inadvertently clicked on a phishing link while thumbing through
mails on their phone. Even though the company shut down access to the compromised account
within 15 minutes, the attack was already well underway. Several emails had been sent
to the finance department to get a phantom invoice paid, and several hundred sent to
customers talking about a new project and providing a mirror website. Contacted customers
have been alerted to the scam. From ZDNet.com:
London’s transport authority has locked all Oyster travel card and contactless accounts,
requiring users to reset their passwords to regain access. This comes after about 1,200
accounts had been identified as having been maliciously accessed. The cards themselves
can still be used for travel, even if the account password has not yet been changed And last today from BleepingComputer.com:
A new Windows trojan called CStealer attempts to steal passwords stored in the Google Chrome
browser. Nothing new there. The twist is that instead of sending the data to a command and
control setup, it uploads the ill gotten info straight to a Mongo database. In order to
do that, the credentials for the database have to be hard coded in the trojan. Which
means anyone analysing the malware, be it law enforcement or other hackers, would also
have access to the stolen credentials. Not sure if they thought this one all the way
through. That’s all for me today. Have a great rest
of your day and until tomorrow, be safe out there.

, , , , , , , , , , , , , , , , , , , , , , ,

Post navigation

Leave a Reply

Your email address will not be published. Required fields are marked *