Global Cyber Pulse: 24th September, 2024

September 24, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Union Minister inaugurates CSIRT-Power facility to strengthen power sector cybersecurity, Singapore’s BingX suffers $44 million cryptocurrency theft in a cyberattack, German authorities dismantle crypto exchanges involved in money laundering, hacker leaks 12,000 Twilio call records exposing audio and personal data, hackers claim to leak Oracle employee information on a hacking forum, and MoneyGram services are suspended following a cybersecurity incident disrupting payment systems—stay tuned for more news updates and trends.

Union Minister Inaugurates CSIRT-Power Facility to Bolster Cybersecurity in the Power Sector

Union Minister Shri Manohar Lal inaugurated the COMPUTER SECURITY INCIDENT RESPONSE TEAM – POWER (CSIRT-POWER) facility at the Northern Regional Power Committee in New Delhi. This new facility is a crucial advancement in securing India’s power infrastructure from growing cyber threats.

Speaking at the event, Shri Manohar Lal emphasized the increasing importance of cybersecurity in critical sectors, noting that the power sector is a prime target for sophisticated cyberattacks. He highlighted the evolving nature of cyber threats, stating that “the risks we face today are unlike those of the past,” with cyberattacks capable of causing widespread disruptions.

The minister further remarked that CSIRT-Power is not just a facility but a robust defense mechanism to protect the nation’s power systems. The initiative reflects the government’s proactive approach to mitigating the rising threats against national infrastructure.

Singapore’s BingX Suffers $44 Million Cryptocurrency Theft in Cyberattack

Singapore-based cryptocurrency platform BingX reported a significant cyberattack, with hackers stealing over $44 million in cryptocurrency. Blockchain security firms detected large sums leaving the platform late Thursday, prompting BingX to announce a “wallet maintenance” shutdown.

In a subsequent statement, BingX confirmed abnormal network activity that pointed to a potential breach of their hot wallet. The company quickly implemented emergency protocols, temporarily pausing withdrawals and transferring assets to safeguard funds.

BingX noted that only a small percentage of funds are stored on the platform to meet withdrawal demands, limiting the overall damage. However, the platform remains under scrutiny as the exact loss is still being calculated.

German Authorities Dismantle Crypto Exchanges Involved in Money Laundering

German law enforcement agencies have dismantled 47 cryptocurrency exchanges accused of facilitating money laundering and other criminal activities. The Frankfurt am Main Public Prosecutor’s Office, alongside the Federal Criminal Police Office (BKA), executed the operation targeting these platforms, which allegedly allowed anonymous transactions by bypassing Know Your Customer (KYC) regulations.

The exchanges, including Xchange.cash, Multichange.net, and CoinBlinker.com, were reportedly used by cybercriminals such as ransomware actors and darknet traders to launder illicit funds. Authorities seized dozens of servers linked to the platforms, providing valuable leads for ongoing investigations.

This operation highlights the growing challenge of regulating cryptocurrency exchanges and ensuring compliance with anti-money laundering protocols.

Hacker Leaks 12,000 Twilio Call Records, Exposing Audio Recordings and Personal Data

A hacker has leaked over 12,000 call records, allegedly belonging to Twilio customers, including audio files and personal details. The breach exposes sensitive data such as phone numbers and call audio, creating significant privacy concerns for both businesses and individuals using the cloud communications platform.

The hacker, known as ‘grep,’ leaked the records with timestamps ranging from June 2019 to September 2024. While Twilio has yet to confirm the breach, the company is under pressure to investigate how the data was accessed and leaked.

Twilio, a major player in cloud communications, serves over 350,000 customer accounts, and this breach impacts approximately 3.37% of its user base.

Hackers Claim to Leak Oracle Data on Hacking Forum, Exposing Employee Information

Hackers on BreachForums have claimed responsibility for leaking sensitive Oracle employee data. The breach, which reportedly occurred in September 2024, exposed personal details of 4,002 Oracle employees, including full names, job titles, and contact information.

The data leak appears to have resulted from a third-party vulnerability, which the hackers exploited to access Oracle’s systems. While Oracle has not yet confirmed the breach, the incident raises concerns about third-party security risks in large corporations.

The hacker behind the leak, known as “888,” posted the information on the dark web, increasing the exposure risk for affected individuals.

MoneyGram Services Suspended After Cybersecurity Incident Disrupts Payment Systems

MoneyGram, a leading fintech company, has experienced a widespread outage since Friday due to an unspecified cybersecurity issue. The company’s payment services—both online and in-person—have been offline for several days, with no clear timeline for restoration.

Initial reports by The Register described the issue as a network outage, but MoneyGram later revealed that a digital intrusion had forced the company to take its systems offline. While the company has not confirmed whether ransomware was involved, the prolonged downtime has raised concerns among customers and industry watchers.

MoneyGram has assured users that it is working to resolve the issue and restore services as quickly as possible, but the situation underscores the growing cybersecurity challenges faced by global financial institutions.