AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/14/2023

CASPER attack steals data using air-gapped computer’s internal speaker 

Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec. The CASPER attack leverages the internal speakers inside the target computer as the data transmission channel to transmit high-frequency audio that the human ear cannot hear and convey binary or Morse code to a microphone up to 1.5m away. The receiving microphone can be in a smartphone recording sound inside the attacker’s pocket or a laptop in the same room. 

 

Hackers steal $197 million in crypto in Euler Finance attack 

Lending protocol Euler Finance was hit by a cryptocurrency flash loan attack on Sunday, with the threat actor stealing $197 million in multiple digital assets. The cryptocurrency theft involved multiple tokens, including $8.75 million worth of DAI, $18.5 million in WBTC, $33.85 million in USDC, and $135.8 million in stETH. The attackers ETH wallet used to store the stolen funds is being tracked, so it will be challenging for the perpetrator to move the stolen funds around and convert them to a usable form. 

 

LA housing authority discloses data breach after ransomware attack 

The Housing Authority of the City of Los Angeles (HACLA) is warning of a “data security event” after the LockBit ransomware gang targeted the organization and leaked data stolen in the attack. HACLA is a state-chartered agency that provides affordable housing to low-income individuals and families in Los Angeles, California. The government agency, which operates on an annual budget of $1 billion, also provides job training and education to help eligible families achieve self-sufficiency and improve their quality of life. 

 

Amazon-owned Ring reportedly suffers ransomware attack 

Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by Russia-linked ALPHV group, according to a tweet by VX-Underground. The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.” The group has threatened to leak the stolen data if the company refuses to pay the ransom. 

 

Iran-linked hackers used fake Atlantic Council-affiliated persona to target human rights researchers 

On the face of it, the Twitter profile of a person calling herself Sara Shokouhi looks like any other earnest Middle East-focused researcher. Her tweets are a litany of retweets of various voices protesting the Iranian government. Her bio claims she’s completed a PhD from Northwestern State University of Louisiana. At the top of her profile, the person calling herself Sara Shokouhi peers into the camera with her hands folded over a stack of books. 

 

India probing ‘several’ crypto cases for money laundering, seizes over $115 million 

India’s Enforcement Directorate is investigating “several” crypto cases for money-laundering schemes and has seized $115.5 million to date in such crimes, the Ministry of Finance said, the latest in a series of crackdown by the authorities on the nascent space that is already reeling from the tremulous market conditions. The Indian crime fighting agency has also arrested five individuals in crimes abetted by cryptocurrency and in the past sent a show cause notice to local exchange WazirX and its directors for crypto transactions exceeding $338 million, the ministry said. 

Related Posts