Tag: Hack

Posted on

Hackers steal $1.5 billion from Bybit exchange

Crpto theft

Bybit, one of the world’s largest cryptocurrency exchanges, has fallen victim to the biggest crypto heist in history

Hackers managed to steal a staggering $1.5 billion in digital assets, primarily in Ethereum, from Bybit’s cold wallet, an offline storage system designed for ‘security’.

This breach has sent shockwaves through the cryptocurrency community, raising concerns about the security of digital assets.

The attack, which occurred on 21st February 2025, was reportedly traced back to the notorious North Korean hacking group, Lazarus. Known for their sophisticated cyber-attacks, the Lazarus Group exploited vulnerabilities in Bybit’s security infrastructure to gain access to the cold wallet.

Once inside, they swiftly transferred the stolen funds across multiple wallets and liquidated them through various platforms.

Bybit’s CEO, Ben Zhou, reassured users that all other cold wallets remained secure and that withdrawals were operating normally. However, the breach triggered a rush of withdrawals as users feared potential insolvency.

To mitigate the impact, Bybit secured a bridge loan from undisclosed partners to cover any unrecoverable losses and maintain operations.

Blockchain analysis firms, including Elliptic and Arkham Intelligence, have been working tirelessly to trace the stolen assets.

They have labelled the thief’s addresses in their software to prevent the funds from being cashed out through other exchanges. Despite these efforts, the stolen funds are being systematically moved through anonymous exchanges, making it challenging to recover the assets.

This incident highlights the ongoing risks associated with cryptocurrency exchanges and the need for robust security measures. As the industry grapples with the aftermath of this unprecedented heist, experts warn that large-scale thefts remain a fundamental risk in the digital asset space.

Bybit’s response and the collaborative efforts of the crypto community will be crucial in restoring trust and preventing future breaches.

Posted on

UK Ministry of Defence suffers hack and data breach

The breach involved a third-party payroll system used by the MoD

The compromised system contained names and bank details of both current and past members of the UK armed forces.

While the full extent and consequences of the breach are still under investigation, preliminary results reportedly indicate that no data was extracted during the incident.

It appears that a minimal number of addresses might have been compromised.

The Ministry of Defence (MoD) responded quickly by disconnecting the external network, which is managed by a contractor.

Affected service members will be informed as a precautionary measure and will be provided with expert advice.

Hacker’s ID not revealed

The hacker’s identity has not been revealed, but it is significant that in March, the UK and the U.S. charged China with conducting a worldwide campaign of “malicious” cyber-attacks.

These assaults targeted the Electoral Commission watchdog in 2021 and involved online “reconnaissance” of MPs’ and peers’ email accounts. The limited response to these events highlights the persistent cybersecurity challenges and the importance of constant alertness.

As the inquiry progresses, the MoD is expected to implement additional security measures to safeguard sensitive data, measures that ideally should have already been established.

Posted on

Cybersecurity

Hack attack!

Cybersecurity is a very important and relevant topic in today’s world. It refers to the practice of protecting systems, networks, and programs from digital attacks that can harm individuals and organizations.

Cyberattacks will all have malicious intent, such as accessing, changing, or destroying sensitive information; extorting money from users via ransomware; or interrupting normal business processes.

Cybersecurity aims to prevent or mitigate these attacks by using various technologies, measures, and practices.

There are many types of cybersecurity, depending on the domain or layer of IT infrastructure that needs to be protected.

Critical infrastructure security

This protects the computer systems, applications, networks, data and digital assets that a society depends on for national security, economic health and public safety. For example, the power grid, the water supply, the transportation system, the health care system, etc. 

In the United States, there are some guidelines and frameworks for IT providers in this area, such as the NIST cybersecurity framework and the CISA guidance.

Network security

This prevents unauthorized access to network resources and detects and stops cyberattacks and network security breaches in progress. For example, firewalls, antivirus software, encryption, VPNs, etc. Network security also ensures that authorized users have secure access to the network resources they need, when they need them.

Application security

This protects applications from cyberattacks by ensuring that they are designed, developed, tested, and maintained with security in mind. For example, code reviews, vulnerability scanning, penetration testing, secure coding practices, etc. Application security also involves educating users about safe and responsible use of applications.

Cyberattacks will all have malicious intent, such as accessing, changing, or destroying sensitive information; extorting money from users via ransomware; or interrupting normal business processes.

There are many more types of cybersecurity, such as cloud security, endpoint security, data security, identity and access management (IAM), etc. Each type of cybersecurity has its own challenges and solutions.

Companies to watch

Cybersecurity companies such as CrowdStrike, Okta, Zscaler and Palo Alto Networks are valuable assets with businesses willing to pay good money to protect against hackers.

Zscaler

Palo Alto Networks

Crowdstrike

Okta

NOTE: Always do your own very careful research – none of these ‘suggestions’ are ‘recommendations’.

Remember: RESEARCH! RESEARCH! RESEARCH!

Posted on

Hack Attack! UK’s electoral registers stolen

Hacker

The UK’s elections watchdog has revealed it has been the victim of a complex cyber-attack potentially affecting millions of voters.

The Electoral Commission said unspecified ‘hostile actors‘ had managed to gain access to copies of the electoral registers, from August 2021. Note the word ‘unspecified’ is used – do they even know?

Hackers also broke into its emails and “control systems” but the attack was not discovered until October last year. The watchdog has warned people to watch out for unauthorised use of their data.

The commission said hackers accessed copies of the registers it was holding for research purposes, and for conducting checks on political donors. The commission knew which of its systems were accessible to the hackers, but could not ‘conclusively‘ identify which files may have been accessed.

‘Very sophisticated’ attack

The personal data held on the registers – name and address – did not itself present a ‘high risk‘ to individuals, it added, although it is possible it could be combined with other public information to ‘identify and profile individuals’.

It has not said when the hackers’ access to its systems was stopped, but said they were secured as soon as possible after the attack was identified in October 2022. Why was it left so long to be made public and how long did it take to make systems secure again?

Explaining why it had not made the attack public before now, the commission said it first needed to stop the hackers’ access, examine the extent of the incident and put additional security measures in place.Defending the delay, commission chair John Pullinger said: “If you go public on a vulnerability before you have sealed it off, then you are risking more vulnerabilities.” He is reported to have said the ‘very sophisticated attack involved using software to try and get in and evade our systems’. Well, that clearly worked then.

The world of digital data

He reportedly said that the hackers were not able to alter or delete any information on the electoral registers themselves, which are maintained by registration officers around the country. Information about donations and loans to political parties and registered campaigners is held in a system that is not affected by this incident, the notice added. He understood public concern, and would like to apologise to those affected.

Steps

The commission added that it had taken steps to secure its systems against future attacks, including by updating its login requirements, alert system and firewall policies. The Information Commissioner’s Office, which is responsible for data protection in the UK, said it was urgently investigating.

Labour’s deputy leader Angela Rayner reportedly said: ‘This serious incident must be fully and thoroughly investigated so lessons can be learned‘. Why wouldn’t it be investigated? I dislike it immensely when clueless politicians roll out this ‘standard remark’ as an attempt to demonstrate they ‘know what’s going on’.

Then what? It happens again and we have to… learn more lessons…?

Step up the security – we have the ability!