Breach Breakdown - September 2024

Introducing Episode 6 of our expertly crafted series on data breaches, cyber-attacks, and more. Breach Breakdown is your go-to source for recapping incidents and staying up-to-date on the latest solutions. September saw its fair share of reported cases, with breaches affecting:

ChatGPT macOS Flaw Could Have Enabled Long-Term Spyware

A now-patched security flaw in OpenAI’s ChatGPT app for macOS could have allowed attackers to remotely control a victim’s device for extended periods. The vulnerability, tied to a WebSocket issue, posed risks like session hijacking and unauthorised data access.

OpenAI quickly addressed the flaw following its discovery. Users are urged to update their apps to the latest version to ensure protection from potential exploits.

Global Criminal Network Busted

Law enforcement, with Europol’s support, has dismantled an international phishing ring responsible for stealing millions from victims through fake banking websites and phishing emails.

The network, which operated across multiple countries, used fraudulent techniques to gather personal information, resulting in unauthorised transfers and financial fraud.

Over 100 suspects have been arrested in this coordinated takedown. Europol’s success highlights the importance of global cooperation in combating cyber crime.

Mozilla Faces Privacy Complaint for Enabling Tracking Without Consent

Austrian privacy group, noyb, has filed a complaint against Mozilla for enabling the Privacy-Preserving Attribution (PPA) feature in Firefox without users’ consent. PPA, introduced in Firefox version 128, allows websites to track user behavior for ad performance without revealing personal data.

However, noyb claims this violates GDPR as it was enabled by default. Mozilla argues that PPA is a non-invasive alternative to traditional tracking. The case highlights ongoing debates around user privacy and consent in digital advertising.

New Mallox Ransomware Linux Variant Based on Kryptina Code

A new variant of Mallox ransomware targeting Linux systems has been discovered, built on the leaked source code of the Kryptina ransomware. Mallox, previously a Windows-only threat, now expands to Linux and VMware systems. The new version, named “Mallox Linux 1.0,” uses the same AES-256 encryption as Kryptina but with a modified appearance and name. This shift marks a significant evolution in the Mallox operation, now posing a greater threat to Linux environments.

Kia Vulnerability Exposed: Hackers Could Control Cars Remotely

Cyber security researchers uncovered vulnerabilities in Kia vehicles that could have allowed remote control using only a license plate number. These flaws, affecting vehicles made since 2013, could have let attackers access sensitive data and control key functions like unlocking or starting the car.

The issue stemmed from exploiting Kia’s dealership infrastructure to gain vehicle owner information and modify access permissions.

Kia has since patched these vulnerabilities.