Global Cyber Pulse, 24 January 2025

January 24, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

From Texas investigating automakers like Ford and Toyota for deceptive data practices to the FBI exposing North Korean IT workers stealing source code, cybersecurity challenges are surging globally. RansomHub ransomware hit American Standard and Grohe, stealing 400GB of sensitive data, while FalconFeeds.io’s X account hack alarmed the cybersecurity community by promoting crypto scams.

Meanwhile, nearly 1,000 fake Reddit and WeTransfer pages were used to spread Lumma Stealer malware. These incidents underscore the urgent need for stricter data protection, robust cybersecurity measures, and heightened vigilance against sophisticated cyber threats targeting individuals and organizations worldwide.

Texas Investigates Automakers Over Consumer Data Practices

Texas has launched probes into Ford, Hyundai, Toyota, and Stellantis over allegations of deceptive data collection and sales practices.

Following a lawsuit against General Motors, the Texas Attorney General’s Office is demanding detailed records on how these companies collect, share, and sell customer data. The investigation aims to uncover third-party data sharing, consumer consent processes, and disclosure methods.

FBI Warns of North Korean IT Workers Exploiting Employers

North Korean IT workers are stealing source code and extorting employers, according to an FBI alert. These workers exfiltrate sensitive data and demand ransoms, posing risks to companies globally.

The FBI recommends restricting administrator access, monitoring network traffic, and implementing robust cybersecurity measures to mitigate such threats.

Plumbing Giants Hacked by RansomHub Ransomware Group

American Standard and Grohe, subsidiaries of Japan’s Lixil Group, were hit by the RansomHub ransomware gang, which claims to have stolen 400GB of data.

RansomHub is demanding negotiations within five days, raising concerns about sensitive data exposure. The incident highlights the growing threat of ransomware in the plumbing sector.

FalconFeeds.io X Account Hacked, Promotes Crypto Scams

FalconFeeds.io’s X (formerly Twitter) account was hacked, spreading fraudulent cryptocurrency posts.

Known for cybersecurity updates, the account is now compromised, promoting scams related to Bitcoin and Trump tokens. Experts urge users to avoid clicking on suspicious links from the account.

Fake Reddit Pages Distribute Lumma Stealer Malware

Hackers are using nearly 1,000 fake Reddit and WeTransfer pages to distribute Lumma Stealer malware. Posing as legitimate discussions and tools, these pages trick users into downloading the malware.

Cybersecurity experts warn against interacting with unknown links or downloads from such platforms.