“Among Us” server temporarily shut down due to DDoS attack

The game “Among Us”, launched by developer Innersloth in 2018, was recently attacked by a hacker DDoS, causing the official to temporarily shut down the server, and it is still undergoing emergency repairs.

“Among Us” is an online multiplayer game that combines teamwork and wits. Inspired by the tabletop game “Hitman,” the player takes on the role of the crew of a spaceship and must find out the ghosts in the team during the mission. The inner ghost’s mission is to kill all the crew members without being identified, and after its launch, it became a global hit.

However, players have reported that they have been unable to play online since March 24, and gradually affected all game platform players on the shelves, including iOS, Android, Xbox, Steam, Windows, PlayStation, Epic Game and Nintendo Switch.

The official Twitter announced the news that the server was attacked by hacker DDoS yesterday local time, and said that it is rushing to repair, some servers have begun to return to normal, but so far it has not been completely resolved.

In line with the humorous style of the game itself, the official Twitter announcement is also humorous about the attack, “Our server was attacked lol”, “It’s really too much to go to work on Saturday, I should have gone to eat at this time. Delicious.” Players also responded in a lighthearted manner.

It is not clear why the hackers attacked “Among Us” on a large scale. After all, although this game is very popular, the number of players has decreased a lot in the past two years after reaching the peak of traffic in 2020, so the official follow-up is still to be done. Publish information about the attack.

Malware Cyclops Blink Targets Multiple Asus Routers, Officially Releases Mitigations

According to Trend Micro’s technical documents, a number of ASUS wireless router products may be attacked by the Cyclops Blink malware. ASUS has also issued mitigation measures, calling on users to protect their products and personal information as soon as possible.

The Taiwan Computer Network Crisis Management and Coordination Center pointed out that Cyclops Blink, whose features allow hackers to remotely access infected networks, is linked to the Russian-backed Sandworm hacking group, which has previously targeted Is the WatchGuard Firebox and other SOHO network devices.

Cyclops Blink has modules specially designed for various models of ASUS wireless routers, which can read the flash memory and collect the files, executable files, data and important information of the database.

The product security advisory published by ASUS shows that the following router models and versions are vulnerable to Cyclops Blink attacks:

  • GT-AC5300 firmware version and below.
  • GT-AC2900 firmware version and below.
  • RT-AC5300 firmware version and below.
  • RT-AC88U firmware version and below.
  • RT-AC3100 firmware version and below.
  • RT-AC86U firmware version and below.
  • RT-AC68U, RT-AC68R, RT-AC68W, RT-AC68P firmware version and below.
  • RT-AC66U_B1 firmware version and below.
  • RT-AC3200 firmware version and below.
  • RT-AC2900 firmware version and below.
  • RT-AC1900P, RT-AC1900P firmware version and below.
  • RT-AC87U.
  • RT-AC66U.
  • RT-AC56U.

ASUS’ product security recommendations have stated mitigation measures, including restoring the device to its original factory settings, updating the firmware to the latest available version, also confirming that the router’s default administrator password has been replaced with a more secure password, and prohibiting remote access. terminal management function. ASUS will provide a new version of the firmware in the near future. It is recommended that users who own the above products protect their products as soon as possible to avoid losses caused by Cyclops Blink attacks.

Toyota auto parts factory hacked, suspected of being held for ransom

Japanese media reported that the German stronghold of DENSO Corporation, a major Japanese auto parts manufacturer, was attacked by a hacker group. The hacker group claims to have obtained classified information on Denso, which will be released in the near future.

Japan’s Yomiuri Shimbun reported that the group that launched the ransomware Ransomware attack issued a statement stating that it has obtained confidential information from Denso, which will be released in the near future.

Denso is frank about being hacked, but said the details are still under investigation and that it has not affected its operations.

Denso is the world’s largest supplier of auto parts and components. The company’s main base is located in the Chukyo Industrial Zone centered on Aichi Prefecture. The company is currently a listed company on the First Section of the Topix.

Information security firm S&J, headquartered in Tokyo, said the statement was issued by a hacker group called Pandora. The group said on its website on the 13th that it had stolen more than 157,000 pieces of confidential information, including orders, drawings and emails placed by Denso, and was scheduled to release it on the 16th.

According to the report, the hacker group is known for stealing data from companies around the world, encrypting it and extorting ransom. It is generally believed that the hacker group should have sent a ransom letter to Denso.

Times, Wall Street Journal and other media attacked by the Internet, rumors that the culprit is China

Several media outlets owned by media mogul Rupert Murdoch’s News Corporation, including The Times and The Wall Street Journal, have recently been found to be under cyber attack, with preliminary investigations by security firms suggesting a link to Chinese espionage.

The Times reported that the cyberattack had been ongoing for some time, and on Jan. 20 it was discovered that the attack had targeted emails and documents of staff and journalists.

News Corp. chief technology officer David Kline and chief information security officer Billy O’Brien warned that preliminary analysis indicated that foreign governments may have been involved in the attack and that some information had been stolen.

The U.S. cybersecurity firm Mandiant was asked by News Corp. to investigate the cyberattack. Mandiant experts concluded that the attack was linked to China and may have involved “espionage” to gather intelligence and serve Chinese interests.

Kline noted that News Corp. immediately notified U.S. law enforcement authorities after discovering signs of the attack and took the necessary measures to stop the damage, and that its customer and financial databases have not been affected and its business continues to operate normally.

Although most of the group’s emails and documents were not the target of the cyberattack, News Corp.’s internal alert emphasized that “protecting employees and sources, including journalists,” was the group’s primary concern.

The initial findings of the investigation by Madison show that the New York headquarters of News Corporation was affected, as well as a few email accounts and documents of News UK, the New York Post and Dow Jones. Dow Jones publishes financial newspapers such as The Wall Street Journal, while News UK publishes The Times and The Sun.

Crypto.com hack loses over $30 million, 5,000 bitcoin and ether stolen

The latest development of the hack of the cryptocurrency exchange Crypto.com, the official announcement that a total of 483 accounts were hacked, and about more than $30 million worth of bitcoin and ether were stolen.

The victims of the Crypto.com hack have finally been announced, with a loss of more than $30 million.

On January 17, the cryptocurrency exchange Crypto.com was hacked and the service was suspended for 14 hours, with users unable to withdraw any funds. According to official data, a total of 483 accounts were hacked, and hackers stole 443.93 bitcoins and 4,836.26 ethers, with a total value of about $33.8 million, and about $66,000 worth of other digital assets were stolen.

Bitcoin prices fall to lowest in months after US Fed remarks - BBC News

Fortunately, Crypto.com said that it has compensated all users for their losses and restored the assets in their accounts to their original positions.

Crypto.com is one of the fast-growing cryptocurrency exchanges. The most notable is to buy the naming rights of the NBA Los Angeles Lakers Stadium at the end of 2021, change the original Staple Center to Crypto.com Arena, and obtain many innovative Supported by investment funds, and this hack is the first time they have been hacked.

What is curious about the incident is that many users have used a two-factor authentication mechanism (2FA). Why can hackers bypass the two-factor authentication and take away the assets in the account? Crypto.com didn’t give an explanation, but the way they handled it was to completely reset all users’ 2FA validators while moving the exchange’s authentication mechanism to the new architecture.

Crypto.com | The Best Place to Buy, Sell, and Pay with Cryptocurrency

A total of 20 cryptocurrency exchanges have been hacked in 2021, and this only counts the loss of more than $10 million or more, of which six cases have losses of more than $100 million. As cryptocurrency transactions become more and more prosperous, how users can protect their assets has become the most important required course.

iPhone/iPad Permanently Dead Bug | iOS Vulnerability Can Cause Bricking! Finally there is an official solution

Products such as iPhone and iPad are popular all over the world, and its built-in iOS operating system has naturally become the target of network hackers. Recently, digital security experts discovered a vulnerability in iOS that could be exploited by a malicious person to instantly disable the activity of an iPhone or iPad.

A digital security expert named Trevor Spiniolas published an iOS vulnerability report online earlier. It means that he found a very serious bug in the iOS system in August 2021. It’s related to Apple’s smart home contract feature, HomeKit, and Trevor calls it a “doorlock” vulnerability.

According to Trevor’s test results, this vulnerability exists in all iOS 14 versions and even the latest iOS 15.2. Trevor first notified Apple after discovering the vulnerability, and Apple responded at the time that the vulnerability would be resolved “by 2022.” But on December 10, Apple sent another letter to Trevor, stating that the solution would not be available until “early 2022.” Therefore, he decided to make the details of the vulnerability public, so that the public can know the existence of the vulnerability and how to prevent it, so as not to be kept in the dark.

在 iOS 14 中,HomeKit 相關聯的裝置命名字節並沒有明顯限制,成為 Doorlock 漏洞的起點(圖 Apple)

The launch conditions for the Doorlock exploit are fairly simple. As long as a HomeKit-related device name exceeds a certain number of bytes (Trevor used more than 500,000 bytes in testing), it will cause iPhones and iPads connected to the same HomeKit network to freeze due to failure to handle it. .

The most troublesome thing about this vulnerability is that even if the user resets the phone, if they log in to the same iCloud account that was affected before, the error will reappear, making the user’s device a “half-brick” in disguise. And even if the Apple HomeKit device is never used, the user’s iPhone/iPad can still be compromised by connecting to the affected network via an invitation.

As mentioned above, the reason why Trevor Spiniolas will disclose the details of the DoorLock vulnerability online is all because Apple has “sighed slow” and failed to block the iOS vulnerability in a timely and effective manner. But after the news was exposed, it caused a great response on the Internet. Apple stepped up its action and released the iOS and iPadOS system update version 15.2.1 on January 13 for iPhone and iPad users.

The impact of the DoorLock vulnerability is quite large. If you are unfortunate, you cannot avoid resetting your phone. To completely eliminate the risk, it is best for iPhone/iPad users to update their devices to version 15.2.1 as soon as possible.