Last week, Australian authorities sounded the alarm saying they had become aware of “successful compromises of several companies utilising Snowflake environments,” without naming the companies.
TechCrunch has this week seen hundreds of alleged Snowflake customer credentials that are available online for cybercriminals to use as part of hacking campaigns, suggesting that the risk of Snowflake customer account compromises may be far wider than first known.
When we checked the web addresses of the Snowflake environments — often made up of random letters and numbers — we found the listed Snowflake customer login pages are publicly accessible, even if not searchable online.
In our checks, we found that these Snowflake login pages redirected to Live Nation (for Ticketmaster) and Santander sign-in pages.
There is some evidence to suggest that several employees with access to their company’s Snowflake environments had their computers previously compromised by infostealing malware.
Video game giant Activision is investigating a hacking campaign that’s targeting players with the goal of stealing their credentials, TechCrunch has learned.
Somehow, the hackers are getting malware on the victim’s computers and then stealing passwords for their gaming accounts and crypto wallets, among others, according to sources.
Zeebler described the effort as an “infostealer malware campaign,” where malware designed as legitimate-looking software unknowingly installed by the victim surreptitiously steals their usernames and passwords.
Zeebler told TechCrunch that he found out about the hacking campaign when a PhantomOverlay customer had their account for the cheat software stolen.
After that, Zeebler said he contacted Activision Blizzard as well as other cheat makers, whose users appear to be affected.
Investors’ pledge to fight spyware undercut by past investments in US malware maker Cyber investors announced commitments to fighting spyware, but at least one firm previously invested in an exploit maker.
Now, some investors have announced that they too are committed to fighting spyware.
More recently, the government has imposed economic sanctions not only on companies, but also directly on the executive who founded Intellexa.
To hear some of these investors talk, you’d think that spyware has no place in a free and open society.
Gula Tech and Paladin’s investment in Boldend — effectively a U.S.-based exploit and hacking software maker — and the two investment firms’ commitment to not invest in spyware companies might seem at odds.
Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information.
Fujitsu also did not say what kind of personal information may have been stolen, or who the personal information pertains to — such as its employees, corporate customers, or citizens whose governments use the company’s technologies.
Headquartered in Japan, Fujitsu has about 124,000 employees and serves government and private sector customers globally.
Fujitsu said it reported the incident to Japan’s data protection authority, Personal Information Protection Commission, “in anticipation” that personal information may have been stolen.
The company has not said whether it has filed required data breach notices with any other government or authority, including in the United States.
Google researchers say they have evidence that a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware.
Cold River, also known as “Callisto Group” and “Star Blizzard,” is known for conducting long-running espionage campaigns against NATO countries, particularly the United States and the United Kingdom.
Researchers believe the group’s activities, which typically target high-profile individuals and organizations involved in international affairs and defense, suggest close ties to the Russian state.
Google says that on discovery of the Cold River malware campaign, the technology giant added all of the identified websites, domains, and files to its Safe Browsing service to block the campaign from further targeting Google users.
Google researchers previously linked the Cold River group to a hack-and-leak operation that saw a trove of emails and documents stolen and leaked from high-level Brexit proponents, including Sir Richard Dearlove, the former head of the U.K. foreign intelligence service MI6.
The app was made by Huawei, which is a Chinese e-commerce giant and Google announced on Monday that it had flagged several apps made by the company as malware. The…
The website was used to sell malware designed to spy on computers and cellphones. This is a major step forward in the fight against cybercrime, and it shows that the…
Since the release of WhisperGate malware in 2016, security researchers have been warning about Russian hacking crews that are still active and targeting Ukrainian entities with new information-stealing malware. Experts…
