This past month in cybersecurity:
- Mysterious ‘Silver Sparrow’ Malware on Macs
- Myanmar Draft Cybersecurity Law
- Kia Motors $20 Million Ransomware Attack
- Kroger Data Breach
- Malicious Firefox Extension ‘FriarFox’
Researchers at Red Canary (a cybersecurity company) have identified a mysterious new malware that has spread to over 30,000 Macs. Specifically, Mac devices that use the new M1 chip were targeted in this attack.
Historically, Mac computers have been targeted less than Windows computers which has given Mac users the feeling that their computers are immune from viruses. This is a reminder that all devices have security issues and can be susceptible to viruses and other attacks.
The Myanmar military, which staged the coup at the beginning of February, is now drafting a cybersecurity law that would give the military immense power over all telecommunications. The cybersecurity bill would require telecommunication companies to store sensitive information about users, including name, IP address, ID card number, and more, for up to 3 years. It would also require telecoms in Myanmar to block access to a wide variety of content and allows the military to censor almost anything without any oversight. Anyone who breaks these rules would face three years of prison time.
If the law is passed, it will severely restrict citizens’ Internet freedom and allow the military government to censor and limit access to any information it decides. The law does nothing to increase the protection of user’s data and is an attempt by the military government to extend its control over the people of Myanmar.
The DoppelPaymer ransomware group has allegedly targeted Kia Motors with a ransomware attack. They’re demanding 404 bitcoins worth roughly $18.5 million at the time of writing. Kia Motors has acknowledged that several of its systems are down but has yet to announce that ransomware is the cause of these attacks.
This is one incident in a long string of ransomware attacks that have plagued large companies for years. Usually, these attacks are accomplished via phishing attacks which provide some access to the target’s network. The attackers then move laterally across the company’s network and cause as much disruption as possible.
Kroger reported that one of their service providers, Accellion, had suffered a data breach in which an unauthorized user had accessed some Kroger user data. The stolen data appears to affect around 1% of Kroger customers, specifically those who used Kroger’s health and financial services.
Kroger has stopped using Accellion’s services and announced that it has no indication of fraudulent use of this data due to the breach.
If, for some reason, you use the Firefox extension ‘FriarFox’, delete it immediately. This extension appears to give cybercriminals access to a victim’s Gmail account. Users are tricked into installing the extension via a fake Adobe Flash update which installs the malicious extension.
The attack appeared to be targeted at Tibetan organizations and was created by a group tied to the Chinese government called “TA413”.
Thanks for reading! We’ll be back next month with a quick roundup of topics we found interesting.
Did we miss a super important story? Let us know! We’ll do better next time.