Global Cyber Pulse: September 3rd, 2024 

September 3, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS 

Discover how WazirX is grappling with a massive breach, Google’s warning to millions of users, and the investigation into a cyberattack on Transport for London, along with insights into North Korean exploits and ransomware threats. 

Stay informed and protect your business with these curated updates on the latest trends and cyberattacks in the cybersecurity world. 

 WazirX Faces Major Financial Loss After Cyberattack 

 India’s cryptocurrency exchange WazirX has revealed that 43% of the funds lost in a recent cyberattack may never be recovered, as advised by the company’s legal team. In a press conference, WazirX co-founder Nischal Shetty outlined plans for restructuring, aiming to recover stolen assets and offer faster withdrawals. The attack, confirmed on July 18, saw over $230 million stolen, with suspicions pointing to the notorious Lazarus Group. 

Google Warns Chrome and Safari Users After Russian Cyberattack  

Google has issued an urgent warning to millions of Chrome and Safari users following a nine-month-long cyberattack attributed to Russian operatives. The attack utilized spyware from Intellexa, a Greek firm under U.S. sanctions, affecting users in multiple countries. Google advises users to apply patches immediately to safeguard against this threat. 

Transport for London Investigates Cyberattack  

Transport for London (TfL) is currently investigating a cyberattack, which, as of now, has not disrupted transport services or compromised customer data. TfL is working with relevant authorities to secure their systems and prevent further breaches, assuring customers that their data remains safe. 

North Korean Hackers Exploit Chromium Flaw to Deploy Rootkit  

A recently patched zero-day flaw in Chromium was exploited by the North Korean group Citrine Sleet to deploy the FudModule rootkit. The vulnerability, CVE-2024-7971, was used to achieve remote code execution, posing a serious threat to users. Microsoft’s ongoing analysis has attributed this activity with medium confidence to Citrine Sleet. 

RansomHub Ransomware Group Linked to 210 Victims Across Critical Sectors  

Since February 2024, the RansomHub ransomware group has encrypted and exfiltrated data from over 210 victims across critical sectors, including healthcare, government services, and manufacturing. The group, a ransomware-as-a-service variant, has quickly become a major player in the cybercrime landscape, attracting affiliates from other prominent ransomware groups. 

Irish Wildlife Park Urges Customers to Cancel Credit Cards After Breach  

Fota Wildlife Park in Ireland has advised customers to cancel their credit cards following a cyberattack that compromised payment details. Customers who made transactions between May 12 and August 27, 2024, are urged to monitor their bank statements and take immediate action to secure their accounts.