NFTs not annoying enough? Now they come with wallet-emptying malware

Plus rifle-toting robot dogs, but makers insist they're really dumb


In brief Whether or not non-fungible tokens are a flash in the pan or forever, malware operators have been keen to weaponise the technology.

An investigation was triggered after a number of cryptowallets belonging to customers of the largest NFT exchange OpenSea got mysteriously emptied. Researchers at security shop Check Point found a nasty form of NFT was in circulation, one that came with its own malware package.

People were receiving free NFTs from an unknown benefactor, but when they accepted the gift the attackers got access to their wallet information in OpenSea's storage systems. The code generated a pop-up, that if clicked, allowed wallets to be emptied.

After disclosing the issue Opensea had a fix sorted within an hour - we wish others took such prompt action - and the platform appears to be secured. But beware of "free" gifts, particularly where money is involved.

Crime doesn't pay? really?

A US Treasury report has said that in the last three years ransomware operators using over 60 different variants have siphoned off $5.3bn in Bitcoin payments.

The Financial Crimes Enforcement Network report [PDF], first spotted by The Record, said that the ransoms taken in the the first six months of this year amounted to $590m, up from $416m for 2020, and the problem is getting worse, according to ten years of 2,184 Suspicious Activity Reports (SARs) analysed by the agency.

"If current trends continue, SARs filed in 2021 are projected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined, which would represent a continuing trend of substantial increases in reported year-over-year ransomware activity," the Treasury team warned.

Arming robots with sniper rifles, not worrying at all

US-based Ghost Robotics showed off an unusual new gadget this week at a meeting of the Association of the United States Army - a sniper rifle robot.

The robotics firm already has unarmed robot dogs acting as sentries at Tyndall Air Force Base but mounted a 6.5mm sniper rifle with a range of up to 1,200 meters (3937 feet) with both day and night vision cameras. The manufacturers were at pains to point out that this is not autonomous in any way and a human always controls the trigger, the robot just gets into position to keep its human operator safe.

The robot caused something of a storm, and Ghost Robotics CEO Jiren Parikh attributed this to the emotional connection robot dogs evoke and decades of movies about killer robots.

US warns critical water systems under attack

American online watchdogs at the Cybersecurity and Infrastructure Security Agency has issued a security advisory following a spate of attacks against water and waste management facilities.

Since 2019 CISA said it had recorded five attacks against water systems, mostly ransomware but also aa former employee at Kansas-based water company who tried to tamper with drink water quality using credentials that should have been revoked when they left the biz.

For ransomware operators such businesses are tempting targets. Since water is such an essential service, it's no-doubt thought that they'd be more likely to pay up rather than cause widespread disruption and panic.

Ukrainian cops cuff botnet suspect

The Security Service of Ukraine announced this week that they had arrested a man accused of running a massive botnet and charging for its use.

The man, a resident of Ivano-Frankivsk region in the west of the country, is said to have been running a botnet made up of over 100,000 infected systems. His opsec wasn't great, he used telegram to tout for customers and, police say, made use of "electronic payment systems banned in Ukraine."

A search of the suspect's premises revealed computer equipment used to operate the botnet, and data stolen from botnet participants. Police say the suspect was also a representative of legitimate Russian payment service Webmoney, which is however under sanctions from the Ukrainian government.

Similar topics


Other stories you might like

  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022