Cyber Insights | August 2024

SCAM ALERT

Pastejacking - Cybercriminals are trying to trick you into running malicious code using PowerShell, a powerful tool for executing commands on your computer. This technique is known as “pastejacking”, which involves copying and pasting malicious code into your computer and then allowing it to run.?

This scam begins when you receive what appears to be an urgent email that contains an attachment. If you try to open the attachment, an error will display that says, “Failed to connect to the ‘OneDrive’ cloud service, to fix the error you need to update the DNS cache manually.” The message also provides a few lines of code and instructions on how to copy and paste it into a Windows PowerShell Terminal.

The message urges you to take action, which is exactly what scammers want. If you follow their instructions, you will run a malicious command on your machine. The code will install malware, giving the scammers access to your personal data.?

? Follow these tips to avoid falling victim to Pastejacking:

• You will never receive a legitimate email that tells you to open an attachment using PowerShell. If you receive an email instructing you to use PowerShell, immediately report it to your IT team.
• Be cautious of any emails that prompt you to take urgent action. Creating a sense of urgency is a common technique that scammers use to trick you.
• If you are unsure about the legitimacy of an email or attachment, contact your organisation’s IT or security team for further instructions.

Exploit: Supply Chain Hacking

AT&T: Telecom Company

Risk to Business: EXTREME

Telecommunications giant AT&T disclosed in a regulatory filing on Friday that hackers had breached a cloud platform containing customer data, accessing records of subscribers’ calls and text messages over a six-month period in 2022. The compromised data includes phone numbers, aggregate call duration, and some cell site details, according to AT&T. Reports suggest that AT&T paid the hackers over $307,000. An AT&T spokesperson informed CNBC that the cloud service was owned by Snowflake, the embattled cloud data platform also implicated in the recent Neiman Marcus breach. Read more here

Exploit: Hacking

The Walt Disney Company: Entertainment Company

Risk to Business: SEVERE

The Walt Disney Company’s internal communications on Slack have been leaked online, revealing sensitive information about everything from advertising campaigns to interview candidates. The hacker group NullBulge has claimed responsibility for the breach, announcing in a blog post that they released over one terabyte of data from 10,000 Disney Slack channels. The conversations include computer code, studio technology discussions, the management of Disney’s corporate website, software development discussions and information on unreleased projects, with the leaked conversations dating back to at least 2019. NullBulge stated that they gained access to the information by compromising the computer of a Disney software development manager. The group said they chose to hack Disney to protect artists’ rights and compensation. This story was still developing at press time. Read more here

Engaging with others through videos has become a standard part of our everyday lives. Whether you’re joining a video conference at work or watching your favorite celebrity on Instagram, videos are everywhere. However, can you really trust what you’re seeing? The rise of deepfake technology could make it difficult to know if what you are watching is real or fake.

What is Deepfake Technology?

Deepfake technology uses AI and machine learning to create realistic audio and video spoofs. These spoofs combine real footage of one person with the words or actions of another. While deepfake technology has been around for years, it is now easier to use and harder to recognize. For example, there are mobile apps that allow you to replace a celebrity’s face with your own to create surprisingly realistic videos.

How Could Cybercriminals Use This Technology?

There are a number of ways that the bad guys could use deepfake technology. One way cybercriminals are using this technology is to impersonate celebrities. Spoofing influential people could be used to spread false information designed to intentionally mislead you. This is a tactic known as disinformation. On a smaller scale, this technology could be used to impersonate executives in your organisation. Imagine receiving a phone call from your CEO asking you to send money or confidential information. However, it isn’t actually your CEO, but a cybercriminal spoofing their voice with deepfake technology!

What Can I Do to Stay Safe?

To stay safe from deepfake spoofs remember these?tips:

• Always be suspicious of videos that contain shocking or controversial claims. This could be disinformation in action.
• Always check the source. For example, if you are watching a celebrity’s video on social media, make sure it was posted on their verified profile.
• Always verify before taking action. In the example of your CEO calling, you could ask to set up a meeting in person.

If you would like to discuss your cybersecurity needs, book a complimentary consultation here