Accepted proposal may be recreated at the same address with a malicious proposal if there's a self destruct function in the accepted proposal

Lines of code Vulnerability details Impact A malicious proposal can take over the contract address of the accepted proposal through self-destruct Proof of Concept This issue is regarding the Tornado cash hack, whereby the attacker deploys different contracts at the same address. If the proposal...

quickform, , Other

Developer states exploit is "hack yourself" scenario...

Belgian Tax Hack

Heres a fascinating tax hack from Belgium listen to the details here, episode 484 of "No Such Thing as a Fish," at 28:00. Basically, its about a music festival on the border between Belgium and Holland. The stage was in Holland, but the crowd was in Belgium. When the copyright collector came...

A week in security (June 26 - July 2)

Last week on Malwarebytes Labs: A proxyjacking campaign is looking for vulnerable SSH servers New technique can defeat voice authentication "after only six tries" "Free" Evil Dead Rise movie scam lurks in Amazon listings Spyware app LetMeSpy hacked, tracked user data posted online Online safety...

U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in Prison

Joseph James "PlugwalkJoe" OConnor, a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter, has been sentenced to five years in a U.S. prison. That may seem like harsh punishment for a brief and very public cyber joy ride. But...

Jail Time: ‘PlugWalkJoe’ Gets 5 Years for Twitter Hack and Sim Swapping

By Waqas PlugWalkJoe Joseph James O'Connor will also return $749,000, which he admitted to stealing from a Manhattan-based cryptocurrency firm. This is a post from HackRead.com Read the original post: Jail Time: PlugWalkJoe Gets 5 Years for Twitter Hack and Sim Swapping...

Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced to five years in prison in the U.S. Joseph James O'Connor aka PlugwalkJoe, 24, was awarded the sentence on Friday in the Southern District of New York, a little over a month after he pleaded guilty to the...

Cadet Blizzard emerges as a novel and distinct Russian threat actor

As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian state-sponsored...

Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

The U.S. Department of Justice DoJ has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been accuse...

9 Years After the Mt. Gox Hack, Feds Indict Alleged Culprits

Plus: Instagram’s CSAM network gets exposed, Clop hackers claim credit for MOVEit Transfer exploit, and a $35 million crypto heist has North Korean ties...

CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks

By Deeba Ahmed CACTUS ransomware operators target large-scale commercial organizations with double extortion to steal sensitive data before encryption. This is a post from HackRead.com Read the original post: CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks...

Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison

A U.K. national has pleaded guilty in the U.S. in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Joseph James O'Connor, who also went by the online alias PlugwalkJoe , admitted to "his role in cyberstalking and...

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised

PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json wit...

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack

The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation...

Hacking the Layoff Process

My latest book, A Hackers Mind, is filled with stories about the rich and powerful hacking systems, but it was hard to find stories of the hacking by the less powerful. Heres one I just found. An article on how layoffs at big companies work inadvertently suggests an employee hack to avoid being...

Criminals Are Using Tiny Devices to Hack and Steal Cars

Apple thwarts NSO’s spyware, the rise of a GPT-4 black market, Russia targets Starlink internet connections, and more...

Hacking Suicide

Heres a religious hack: You want to commit suicide, but its a mortal sin: your soul goes straight to hell, forever. So what you do is murder someone. That will get you executed, but if you confess your sins to a priest beforehand you avoid hell. Problem solved. This was actually a problem in the...

Major Hack Hits South Korean Exchange GDAC, $13.9M Stolen

By Waqas The hack took place on April 9, 2023, in which hackers gained control of some of the exchange's hot wallets. This is a post from HackRead.com Read the original post: Major Hack Hits South Korean Exchange GDAC, $13.9M Stolen...

Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms

North Korean hackers appear to have used the corrupted VoIP software to go after just a handful of crypto firms with “surgical precision.”...

US Citizen Hacked by Spyware

The New York Times is reporting that a US citizens phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta’s security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful...