Let’s start this 2019 with the first timeline of January, covering the main cyber attacks in the first fortnight of this month: I have collected a total of 47 events, substantially in line with the 49 collected in the last timeline of December.
The prize for the first (but for sure not the last) mega breach of 2019 goes to Blank Media Games, whose browser-based game “Town of Salem” has suffered the compromise of 7.6 million users.
In terms of economic damage, the Italian company Tecnimont SPA, is undoubtedly the main victim of this fortnight: Chinese hackers have defrauded the Indian subsidiary, stealing the equivalent of $18.6 million.
And the new year hasn’t started any better for the crypto sector: Cryptopia is the first exchange to be breached, with the equivalent of $1.2 million transferred to an unknown address, while “a deep chain reorganization” of the Ethereum Classic blockchain leads to the “double spending” (read theft) of the equivalent $1.1 million.
Last but not least, it turned out that the state-sponsored actors of the Lazarus Group where behind the recent intrusion suffered by Chilean interbank network Redbanc.
But the list is too long to be summarized in a few lines, so feel free to browse entire timeline to have an idea of the threat landscape. Feel free to share it and don’t forget to follow @paulsparrows on Twitter for the latest updates.
wdt_ID
ID
Date
Author
Target
Description
Attack
Target Class
Attack Class
Country
Link
Tags
1
1
20/12/2019
?
The Podiatric Offices of Bobby Yee
The Podiatric Offices of Bobby Yee notifies 24,000 patients after ransomware attack
Malware
Q Human health and social work activities
CC
US
The Podiatric Offices of Bobby Yee, ransomware
2
2
28/12/2019
?
St Lawrence College
Some parents of students attending St Lawrence College are scammed by crooks into sending an undisclosed amount of money.
Account Hijacking
P Education
CC
UK
St Lawrence College
3
3
01/01/2019
?
Victorian Government
The work details of 30,000 Victorian public servants have been stolen in a data breach, after part of the Victorian Government directory was downloaded by an unknown party after an employee's email account is compromised.
Account Hijacking
O Public administration and defence, compulsory social security
CC
AU
Victoria
4
4
01/01/2019
?
Volodymyr Zelenskiy Website
Hackers launch an attack on the website of showman Volodymyr Zelenskiy following the announcement of his candidacy for president on New Year’s Eve.
DDoS
X Individual
CC
UA
Volodymyr Zelenskiy
5
5
02/01/2019
TheHackerGiraffe
FriendlyH4xx0r
Misconfigured Chromecasts, smart TVs, and Google Home devices
A hacker duo claims to have hijacked thousands of internet-exposed Chromecasts, smart TVs, and Google Home devices to play a video urging users to subscribe to PewDiePie's YouTube channel.
Misconfiguration
X Individual
CC
>1
TheHackerGiraffe, FriendlyH4xx0r, Chromecasts, smart TVs, Google Home
6
6
02/01/2019
?
BlankMediaGames (BMG)
BlankMediaGames (BMG) admits that a hacker has stolen the personal details of 7.6 million users of browser-based game the "Town of Salem".
Unknown
R Arts entertainment and recreation
CC
US
BlankMediaGames, BMG, Town of Salem
7
7
02/01/2019
?
China Railway
Data thieves steal the personal information of nearly 5 million people from an unconfirmed number of Chinese online ticket reservation platforms, according to Beijing police, who arrested a suspect in the case.
Account Hijacking
H Transportation and storage
CC
CN
China Railway
8
8
02/01/2019
?
Dormant Twitter accounts
Exploiting Twitter’s legacy lack of email confirmation, unknown attackers hijack dormant Twitter accounts to spread pro-ISIS terrorist propaganda.
Account Hijacking
X Individual
CW
>1
Twitter, ISIS
9
9
03/01/2019
?
Luas
The website of the tram operator Luas is taken down after a cyber attack. The author threatens to dump the records of about 3,000 if the ransom of 1 BTC ($3,843 worth) is not paid.
Defacement
H Transportation and storage
CC
IE
Luas
10
10
03/01/2019
?
Android Users
Researchers from Trend Micro detect MobSTSPY, a powerful Android malware, downloaded by at least 100,000 users, capable of snooping on user location, communications logs, and stealing files and account credentials.