Adidas Data Breach, Whatsapp Image Threat, Silent Ransom Vishing
It’s the 4th week of May, and we are once again back with the latest cyber news. Our only goal is to safeguard your data and peace of mind by educating you about the current cybersecurity trends and latest cyber incidents. So stay with us and secure your data from cybercriminals.
This week, we will talk about one of the most shocking cyberattack incidents- the Adidas data breach. Next, we will throw light on how cybercrooks are misusing WhatsApp images to break into your device. Lastly, we will discuss vishing campaigns designed to target the USA-based legal firms.
Let’s not waste any more time and get straight into the details!
Adidas’ company data breached by a threat actor!
Recently, Adidas has been targeted by a cybercrook through a third-party service provider. The threat actor has managed to gain access to the contact information of customers who have recently connected with the customer service help desk. The lifestyle brand has assured that sensitive customer data, like passwords, financial details, and credit card information, has not been compromised.
Adidas is informing all its customers about the cyberattack. Additionally, it’s working closely with law enforcement authorities and data protection agencies. Adidas is also running a full-fledged investigation alongside information security experts. As of now, the attackers have not yet been identified. Also, Adidas has not revealed the name of the third-party customer service app.
Cybersecurity experts believe that third-party breaches can easily turn into organizational breaches. It is therefore important that organizations start taking security assessments seriously. Multifactor authentication, zero-trust architecture for all the vendors, as well as real-time identity infrastructure monitoring, can easily prevent such third-party breaches.
What happened to Adidas is not a one-of-a-kind cyber incident. Similar threat attacks have affected other popular brands such as Marks & Spencer, Co-op Group, and Harrods lately.
Still have the WhatsApp auto-download image feature on? You might be the next target of threat actors!
We all know how harmful it can be if you click on malicious links or share an OTP with a stranger. But do you know that even downloading WhatsApp images is no longer safe? WhatsApp is one of the most widely used apps across the world for communication with others. But over time, it has become a favorite among threat actors. From sending malicious links to OTPs and now this WhatsApp image scam– WhatsApp is no longer as safe as it used to be a few years back!
Threat actors embed malicious software within so-called harmless images. This technique is also known as steganography. The malware stays hidden without raising any suspicion. Also, the standard security systems in your smartphone fail to detect such image files.
The moment a user downloads and opens the image, the malware is silently installed, accessing user data, passwords, OTPs, financial details, and so on without their knowledge.
Cybersecurity experts recommend deploying two-factor authentication, updating your device regularly, and using credible antivirus software. Also, they urge users to avoid downloading images from unknown WhatsApp chats. Turning off the auto download feature can be a smart move in such a situation.
Implementing DMARC, DKIM, and SPF helps strengthen cybersecurity by authenticating email sources, while regularly updating your device ensures protection against the latest security threats.
Silent Ransom Group using vishing campaign to target law firms!
The Silent Ransom Group has been targeting USA-based law firms with a specially designed vishing campaign. Their ultimate goal is to leverage social engineering tactics and gain access to the sensitive data of the victims and then extort money for the same. The group has other names as well- Chatty Spider, Luna Moth, and UNC3753. They have been active since 2022. Their specialty lies in seeking ransom for the stolen data without using any kind of ransomware.
Their latest stunt involves setting up IT-themed calls with victims backed by callback phishing emails. This keeps the victims engaged while the group gains remote access to the victim’s device. The style in which they carry out this campaign appears quite similar to the activities of ransomware groups Black Basta and 3 AM.
A member from the Silent Ransom Group calls an employee of the target company and poses as an employee from the IT department of the same company. They then direct the victim to a remote access session backed by Zoho Assist, AnyDesk, Syncro, etc. They try to create a sense of urgency and insist on the device’s remote access.
The FBI has issued a warning against similar attacks and is trying to understand the evolution of cybercrime techniques. Voice-based social engineering tactics, or vishing, being used by this threat group is a staggering reminder that cybercrooks are already moving one step ahead and that they work persistently to stay ahead of the game.
The FBI highly recommends that organizations, especially law firms, maintain basic cyber hygiene, such as using strong passwords, enabling multifactor authentication, and avoiding unsolicited emails or calls to prevent such cyber mishaps.
