The most important news from the world of cybersecurity of the week have been compiled.
Among the news from the world of cybersecurity, the following are the highlights:
- Coinbase employees fell victim to SMS phishing.
- The FBI has detected malicious activity on the internal network.
- The release schedule for Call of Duty updates has been leaked to the public.
- GoDaddy has reported years of compromised systems.
Below are the details.
Coinbase Employees Became Victim of SMS Phishing
On February 17, cryptocurrency exchange Coinbase announced that its employees fell victim to an SMS phishing campaign. The incident occurred on February 5.
The targeted workers received text messages about the urgent need to log into their account using the provided link. One of the recipients clicked on it, entered a username and password. installed on the 2FA account, the attackers managed by calling the employee on behalf of the IT department. The victim followed the instructions and logged into his device.
The suspicious activity was detected by Coinbase security, which promptly locked down the compromised account.
The attacker managed to obtain limited contact information from the employees, including names, email addresses and phone numbers. At the same time, the exchange ensured that customer data and their funds were not affected.
Coinbase suggested that the hacking group 0ktapus, also known as the Scattered Spider, was behind the attack, which accounted for at least 130 similar attacks on other organizations.
The FBI has Detected Malicious Activity on the Internal Network
On February 17, an unknown attacker hacked into the computer system at the FBI headquarters in New York. CNN reports it.
According to people familiar with the matter, the affected segment was used to investigate crimes related to the sexual exploitation of children.
According to the agency, this was a unique incident, which was quickly located. The FBI did not provide any other comment on the investigation, including on the sources of the threat.
Call of Duty Update Schedule Leaked Online
Game developer and publisher Activision has confirmed unauthorized access to one of its internal Slack channels and data theft. The incident occurred in December 2022, but was made public only after a report from Vx-underground researchers.
According to Insider Gaming’s findings, the leak includes full names, email addresses, phone numbers, salaries, and other employee data. In addition, the compromised Activision specialist, according to journalists, works in the personnel department and has access to a large amount of confidential information.
GoDaddy Reported Years of Compromised Systems
According to the company, unknown parties compromised cPanel’s shared hosting environment, stole source code, and installed malware on its servers.
GoDaddy noted that the attack was carried out by an organized group that targeted hosting providers around the world. Their task was to infect sites with malware for phishing campaigns, and other malicious activities.
By Audy Castaneda
