NPM packages are getting hacked – so naturally we get Kev on the case to explain the whole thing. If you didn’t know, NPM is the official package manager for Node libraries, a JavaScript language. We’ve seen a big uptake in recent weeks, and some of those NPM packages have been compromised by hackers. They’re clearly targeting developers – and with a collective 28 million downloads every week, this is pretty big, wide-spread stuff.

Next up, the raft of ransomware stories from this week: from the UK’s Labour Party to a…“cyber heist”? 

We’ve also noticed a bit of a theme emerging with an increase in government and law enforcement involvement in disrupting ransomware and other cyber criminal enterprises. BlackMatter is our example here. 

***

https://www.dailymail.co.uk/news/article-10148265/Massive-cyber-heist-rocks-high-society-jeweller-Graff.html

https://www.bleepingcomputer.com/news/security/blackmatter-ransomware-claims-to-be-shutting-down-due-to-police-pressure/

https://thehackernews.com/2021/10/popular-npm-package-hijacked-to-publish.html

A plethora of articles have been lighting up our newsfeeds and letting us know that there are new threats on the block: killware, RansomCloud, and extortion. 

Killware: the next thing we need to worry about. Apparently this is defined as anything that has an outcome resulting in death…Seems quite broad really, and ranges from hackers targeting a water treatment plant and poisoning the water flow to a ransomware attack that takes a hospital offline, forcing patients to be rerouted. It’s less about the technique and more about the outcome. 

RansomCloud: Kev gets into a good ranty flow on this one. Kevin Mitnick coined the term “RansomCloud” in a video a few years ago – and honestly, Kev (*our* Kev) does the best job of explaining the “threat”, so we won’t try to explain it here. Just listen to the episode. 

Extortion: the one comes off the back of the Twitch takedown, which highlighted the idea that it is as beneficial to a cyber criminal to access a trove of useful sensitive personal data and look to extort a company for that as it is to go through the effort of ransomware. Double extortion – which you can read about here – is already a thing, so this technique is almost a step back. Or is it? 

So what does the team think? Are these threats, risks, or just a bit of good old-fashioned FUD? Is Ransomware a thing of the past – or is it still the big bad wolf of cyber? 

***

https://securityboulevard.com/2021/10/killware-hype-is-bigger-than-the-threat-for-now/

https://techcrunch.com/2021/10/14/twitch-takedown-is-extortion-the-new-ransomware/

https://research.nccgroup.com/2021/10/11/snapmc-skips-ransomware-steals-data/

https://www.reuters.com/technology/exclusive-governments-turn-tables-ransomware-gang-revil-by-pushing-it-offline-2021-10-21/

First story is about someone who was “relieved” of their Bitcoin by some kids wielding malware back in 2018, when it was worth an awful lot less than it is now. There are some techie bits to this, as well as a few ethical and legal issues with the way the perps are being sued, so it’s a cracking story to get stuck into. 

What do NFTs – non fungible tokens – and Banksy have in common? It’s pretty confusing as far as stories go, but our resident clearer-upperer, Kev, is on hand to help, leaving us to wonder if this is just Banksy himself having a bit of fun. 

Sticking to the currency theme, we get knee deep in China’s digital Yuan in our next segment, and finally wrap up with a beautiful bit of OSINT from the Twitter Infosec community. 

***

https://www.bbc.co.uk/news/technology-58399338 

https://www.reuters.com/world/china/china-rolls-out-new-rules-minors-online-gaming-xinhua-2021-08-30/

https://twitter.com/brechtcastel/status/1432642649312333829?s=20