Global Cyber Pulse: 07 November, 2024

November 7, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Microlise’s cyber breach disrupts tracking for major clients DHL and Serco, causing a 16% stock dip. Washington State courts face widespread disruption after a cyber incident, leaving statewide services limited.

In South Korea, Meta is fined $15.67M for unauthorized data sharing, impacting nearly 1 million users. A new Android malware, ‘ToxicPanda,’ threatens European and Latin American retail banking with over 1,500 devices compromised.

Meanwhile, Gootloader malware takes an unusual turn, targeting Australian Bengal cat enthusiasts. Finally, a data breach at SelectBlinds exposes the payment information of 200,000 customers through embedded malware.

Stay tuned for critical global cyber updates with our Global Cyber Pulse.

Cyberattack Hits Microlise, Disrupts Tracking for Key Clients DHL and Serco

Telematics provider Microlise, known for its asset-tracking software, reported a significant cyber incident on October 31, impacting tracking services for clients like DHL and Serco and exposing some employee data. The breach announcement led to a 16% drop in Microlise’s stock value. The company is working to fully restore systems by the week’s end.

Microlise stated that no customer data was affected, though limited employee information was compromised. The company has engaged external cybersecurity experts to contain the breach and restore services, following regulatory protocols and notifying the Information Commissioner’s Office and affected employees.

Key impacts include:

Serco: Panic alarms and tracking in prison transport vehicles were disabled, leading staff to use alternate safety protocols. However, services for the Ministry of Justice continued uninterrupted.

DHL: Delivery tracking for the Nisa Group was temporarily impacted, though DHL has since resumed services without detailing specific delivery schedule effects.

Washington State Courts Knocked Offline by Cyber Incident

Since Sunday, Washington state courts have been experiencing a system-wide outage due to “unauthorized activity” on their networks. The outage has disrupted all judicial information systems, websites, and related services.

Responding promptly, the Administrative Office of the Courts (AOC) initiated security measures and is working with cybersecurity experts to restore services. AOC Associate Director Wendy Ferrell stated, “In an abundance of caution, we proactively took down our systems and are working around the clock with leading experts to restore services.”

Some courts, like those in Bainbridge Island, Monroe, and Thurston County, are running limited operations. Meanwhile, Pierce County Superior Court is still offering online access as the impact on its systems remains minimal.

South Korea Fines Meta $15.67M for Unauthorized Data Sharing with Advertisers

South Korea’s Personal Information Protection Commission (PIPC) has fined Meta 21.62 billion won ($15.67 million) for improperly collecting and sharing sensitive Facebook user data with advertisers without consent. Meta gathered personal details on political and religious views and sexual orientation from nearly 980,000 domestic users and shared the data with 4,000 advertisers.

The PIPC report noted that Meta used behavioral analysis to create ad topics tied to sensitive information, categorizing users by religion, political affiliation, and other attributes, including some as North Korean defectors.

New Android Malware ‘ToxicPanda’ Targets European Banking Apps

“ToxicPanda,” a newly identified Android malware variant, poses a significant threat by enabling cybercriminals to hijack banking accounts on infected devices. Originally thought to be part of the TgToxic family, further analysis by Cleafy’s Threat Intelligence team led to its classification as a distinct malware strain.

ToxicPanda primarily targets Android users in Italy, Portugal, Spain, and Latin America, with over 1,500 devices affected to date. It allows remote access for attackers to intercept one-time passwords and bypass two-factor authentication. Cleafy reports that the group behind this malware is likely Chinese-speaking, marking an unusual focus on European banking targets.

Sophos Uncovers Bizarre Gootloader Malware Attack Targeting Australian Bengal Cat Lovers

Sophos recently discovered an odd case of Gootloader malware, which is normally deployed to target high-value sectors, aiming at a niche group of Bengal cat enthusiasts in Australia. Gootloader, a well-known infostealer and malware dropper active since 2014, was used here to target users searching for information on Bengal cats’ legality in Australia.

Sophos’ investigation revealed that attackers used SEO poisoning tactics, embedding the malware in search results for terms like “Are Bengal cats legal in Australia?” This peculiar targeting choice contrasts with Gootloader’s usual focus on financial or high-value corporate targets.

SelectBlinds Website Breach Exposes Data of 200,000 Customers

More than 200,000 SelectBlinds customers have had their personal and payment data compromised after hackers embedded malware on the retailer’s website. Discovered in late September, the malware had been active since at least January, collecting data entered on the checkout page.

In a recent breach notification, SelectBlinds confirmed that user logins, names, contact information, and payment details—including credit card numbers and security codes—were exposed. User accounts were locked to prompt password changes, and the malware has since been removed from the website.