Posted on

Trump’s campaign website hacked by cryptocurrency scammers

President Trump’s campaign website was briefly and partially hacked Tuesday afternoon as unknown adversaries took over parts of the page, replacing them with what appeared to be a scam to collect cryptocurrency. There is no indication, despite the hackers’ claims, that “full access to trump and relatives” was achieved or “most internal and secret conversations strictly classified information” were exposed.

The hack, first noted by Gabriel Lorenzo Greschler on Twitter, seemingly took place shortly before 4 PM Pacific time. The culprits likely gained access to the donaldjtrump.com web server backend and inserted a long stretch of obfuscated JavaScript producing a parody of the FBI “this site has been seized” message, which appeared over the normal content.

“the world has had enough of the fake-news spreaded daily by president donald j trump,” the new site read. “it is time to allow the world to know truth.”

Claiming to have inside information on the “origin of the corona virus” and other information discrediting Trump, the hackers provided two Monero addresses. Monero is a cryptocurrency that’s easy to send but quite difficult to track. For this reason it has become associated with unsavory operations such as this hack.

One address was for people who wanted the “strictly classified information” released, the other for those who would prefer to keep it secret. After an unspecified deadline the totals of cryptocurrency would be compared and the higher total would determine what was done with the data.

The page was signed with a PGP public key corresponding to an email address at a non-existent domain (planet.gov).

The website was reverted to its original content within a few minutes of the hack taking place. There is no evidence to suggest that anything other than the one page was accessed, such as donor data; campaign communications director Tim Murtaugh confirmed the hack shortly afterwards, saying there was no exposure of sensitive data and that they are working with law enforcement.

Getting people to irreversibly send cryptocurrency to a mysterious address is a common form of scam online, usually relying on brief appearances on high visibility platforms like celebrity Twitter accounts and the like. This one is no different, and was taken down within minutes.

There is no indication that this attack was in any way state-sponsored, and while it strikes a partisan tone, one can hardly say that this is a very coherent attack against the Trump platform. Campaign and other elections-related websites are high-value targets for hackers because they are associated with entities like Trump but are not as secure as official sites like whitehouse.gov. Though the diction seems not to be that of a native English speaker, there is no other positive evidence that the hack is of foreign origin.

This is not the first time Trump has been hacked recently. His Twitter account was briefly taken over by someone who guessed his password (“maga2020!”) but was, luckily for the president, not of a mind to collect DMs or otherwise rock the boat. And of course, Trump’s hotels were hacked before as well.

Trump recently stated, mistakenly it seems, that “Nobody gets hacked. To get hacked you need somebody with 197 IQ and he needs about 15% of your password.”

Read More

Posted on

Cyber threat startup Cygilant hit by ransomware

Cygilant, a threat detection cybersecurity company, has confirmed a ransomware attack.

Christina Lattuca, Cygilant’s chief financial officer, said in a statement that the company was “aware of a ransomware attack impacting a portion of Cygilant’s technology environment.”

“Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We are working closely with third-party forensic investigators and law enforcement to understand the full nature and impact of the attack. Cygilant is committed to the ongoing security of our network and to continuously strengthening all aspects of our security program,” the statement said.

Cygilant is believed to be the latest victim of NetWalker, a ransomware-as-a-service group, which lets threat groups rent access to its infrastructure to launch their own attacks, according to Brett Callow, a ransomware expert and threat analyst at security firm Emsisoft .

The file-encrypting malware itself not only scrambles a victim’s files but also exfiltrates the data to the hacker’s servers. The hackers typically threaten to publish the victim’s files if the ransom isn’t paid.

A site on the dark web associated with the NetWalker ransomware group posted screenshots of internal network files and directories believed to be associated with Cygilant.

Cygilant did not say if it paid the ransom. But at the time of writing, the dark web listing with Cygilant’s data had disappeared.

“Groups permanently delist companies when they’ve paid or, in some cases, temporarily delist them once they’ve agreed to come to the negotiating table,” said Callow. “NetWalker has temporarily delisted pending negotiations in at least one other case.”

Read More

Posted on

Daily Crunch: Florida teen arrested in Twitter hack

Three arrests are made following this month’s celebrity Twitter hack, Microsoft may be working to acquire TikTok’s U.S. business and Facebook launches licensed music videos. Here’s your Daily Crunch for July 31, 2020.

The big story: Florida teen arrested in Twitter hack

In a hack earlier this month, high-profile Twitter accounts like Apple, Elon Musk, Barack Obama and Joe Biden were compromised and posted messages promoting a cryptocurrency scheme. Now an investigation by the FBI and Department of Justice has resulted in three arrests: Mason Sheppard of the United Kingdom, Nima Fazeli of Orlando and a 17-year-old Tampa resident.

The Tampa teen was described by the state attorney’s office as the hack’s “mastermind” and is facing 30 felony charges. He allegedly made more than $100,000 in a single day thanks to the hack.

“These crimes were perpetrated using the names of famous people and celebrities, but they’re not the primary victims here,” said Hillsborough State Attorney Andrew Warren in a statement.

The tech giants

Report: Microsoft in talks to buy TikTok’s US business from China’s ByteDance — President Trump has plans to order China’s ByteDance, the owner of hit social video app TikTok, to divest from the company, according to Bloomberg.

Secret documents from US antitrust probe reveal big tech’s plot to control or crush the competition — We’ve collected the nearly 500 pages of evidence made public during the House Judiciary’s marathon hearing, with added context, in a searchable version.

Facebook will launch officially licensed music videos in the US starting this weekend — The U.S. launch is enabled by Facebook’s expanded partnerships with top labels, including Sony Music, Universal Music Group, Warner Music Group, Merlin, BMG, Kobalt and other independents.

Startups, funding and venture capital

Genomics startup Helix receives $33 million in NIH funding to scale COVID-19 testing — The funding will be used to support Helix’s efforts to scale its COVID-19 testing efforts, with the aim of achieving a rate of 100,000 tests per day by this fall.

Self-driving startup Argo AI hits $7.5 billion valuation — The valuation was confirmed Thursday, nearly two months after VW Group finalized its $2.6 billion investment in Argo AI.

The iron rule of founder compensation is dead — The latest episode of Equity discusses Y Combinator Demo Day going both virtual and live.

Advice and analysis from Extra Crunch

Working to understand Affirm’s reported IPO pricing hopes — News broke last night that Affirm, a well-known fintech unicorn, could approach the public markets at a valuation of $5 to $10 billion.

Opportunities (and challenges) in church tech — Investor Will Robbins argues that this might be the perfect time for church tech companies to thrive.

(Reminder: Extra Crunch is our subscription membership program, which aims to democratize information about startups. You can sign up here.)

Everything else

Ford Bronco reservations surpass 150,000 — The reception to Bronco 2021 — Ford’s flagship series of 4×4 vehicles that was revealed earlier this month — surpassed the company’s most optimistic initial projections, Ford’s CEO said in an earnings call.

What does accountability look like in 2020? — Rae Witte discusses what happens after a company gets called out.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 3pm Pacific, you can subscribe here.

Read More

Posted on

Twitter admits hackers accessed DMs of dozens of high-profile accounts

Last week’s hack of over 100 very high-profile Twitter accounts did in fact expose the direct messages of many of those accounts, the company admitted today — including those of an elected official in the Netherlands, Geert Wilders.

The attack saw numerous popular accounts of celebrities and politicians taken over and tweeting a very obvious Bitcoin scam that nevertheless seems to have netted at least six figures. Twitter said that a “coordinated social engineering attack” gave hackers “access to internal systems and tools.” Verified users were also briefly prevented from tweeting (a change some welcomed).

In tweets and an update to its blog post on the “security incident,” Twitter said that “for up to 36 of the 130 targeted accounts, the attackers accessed the DM inbox.” They are “actively working on communicating directly” with those accounts affected.

Twitter had declined to say in the immediate aftermath of the attack whether DMs had been accessed by the hackers. Twitter’s messaging system is infamously not well encrypted but it was not clear whether the administrative tool reportedly used by the attackers offered access to inboxes.

Apparently whatever method was used, it gave access to DMs some of the time, or perhaps the hackers simply didn’t avail themselves of the opportunity for the remaining 94 accounts they took over. It’s not really clear from Twitter’s announcement. Twitter has previously said that it has “no evidence” that passwords were accessed by the hackers, and nothing in the update contradicts that.

The company’s attempted to place a silver lining on this cloud, saying it had “no indication that any other former or current elected official had their DMs accessed.” Considering the accounts of Barack Obama and Joe Biden were among those affected, that is technically good news.

This is almost certainly not the last we’ll hear from Twitter on this disturbing security breach.

Read More

Posted on

Nasdaq, PureShares and ETFMG reach settlement

Nasdaq (NASDAQ:NDAQ) and Exchange Traded Managers Group agree to certain cash payments from ETFMG to Nasdaq and PureShares LLC, under the settlement.

Also ETFMG will transfer certain of its intellectual property and related assets to a Nasdaq affiliate. The transaction is expected to close in H2 2020.

The settlement resolves claims regarding former PureFunds ETFs in two separate lawsuits — one in the Southern District of New York Federal Court and the other in the New Jersey State Superior Court.

In the suits, Nasdaq and Andrew Chanin,  founder of the cybersecurity ETF known as HACK, accused ETFMG of stealing $1.4B in ETFs.

Previously: Nasdaq cyber ETF suit goes to trial (May 13, 2019)

Read More

Posted on

Decrypted: Space hacking, iPhone vulnerability, Zoom’s security boom

Security startups to the rescue.

As we continue to ride out the pandemic, security experts are closely monitoring the surge of coronavirus-related cyber threats. Just this week, Google’s Threat Analysis Group, its elite threat hunting unit, says that while the overall number of threats remains largely the same, opportunistic hackers are retooling their efforts to piggyback on coronavirus.

Some startups are downsizing and laying off staff, but several cybersecurity startups are faring better, thanks to an uptick in demand for security protections. As the world continues to pivot toward working from home, it has blown up key cybersecurity verticals in ways we never expected. To wit, identity startups are needed more than ever to make sure only remote employees are getting access to corporate systems.

Can the startups take on the giants at their own game?


THE BIG PICTURE

Another payments processor drops the security ball

For the third time this year, a payments processor has admitted to a security lapse. First it was Cornerstone, then it was nCourt. This time it’s Paay, a New York-based card payment processor startup that left a database on the internet unprotected and without a password. Worse, the data was storing full, plaintext credit card numbers.

Anyone who knew where to look could have accessed the data. Luckily, a security researcher found it and reported it to TechCrunch. We alerted the company; it quickly took the data offline, but Paay denied that the data stored full credit card numbers. We even sent the co-founder a portion of the data showing card numbers stored in plaintext, but he did not respond to our follow-up.

Read More

Posted on

Cultivating adaptability is a pandemic coping skill

Jason Shen
Contributor

Jason Shen is a three-time startup founder and the CEO of Midgame, a gaming technology company backed by Techstars and Betaworks.

It’s no secret that adaptability has become a critical trait for knowledge workers. To stay on top of a rapidly evolving world, we must assess …

Read More

Posted on

Facebook Messenger provides governments, agencies with free developer tools to combat COVID-19

Big tech has been making a huge effort to mobilize its power to help people work better together to battle the ongoing coronavirus pandemic — whether it’s creating search and information portals, making sure the most authoritative voices are surfacing above the noise or gathering compute power to supercharge research …

Read More

Posted on

Rise of Scams After Coronavirus Outbreak 

Due to the surge of Coronavirus victims worldwide, scammers and hackers are availing this golden opportunity to scam people. The hackers (including a cough) and scammers are always ready to pounce. Her is the rise of scams after the coronavirus outbreak.
Find and follow the correct and real sources of …

Read More

Posted on

5 Ways Mobile Devices are the Biggest Threat to Cybersecurity

Over time, mobile devices have experienced rapid development. The increase in the market purchase has made the mobile device man’s best friend — ahead of the trusty dog. Well, nearly. But there’s no doubt that the mobile device is now a man’s constant companion.
The mobile functionality, multipurpose …

Read More