Thursday 19th September 2024

Good morning! From Australian cops cracking down on an encrypted criminal network, to hackers claiming they've breached Temu, and a zero-click macOS exploit chain that had Apple scrambling, the tech world has been busy this week. Just like Ghost, the criminal communication app that met its demise, Temu is fighting off claims of a data breach, while Apple patches up serious vulnerabilities in macOS. It’s a reminder: Whether it’s in law enforcement or cybersecurity, no one’s safe from being hacked, backdoored, or just plain outsmarted. Buckle up!

Operation Kraken: AFP Takes Down Criminal Communication App

The Australian Federal Police (AFP) arrested a man accused of creating and administering Ghost, an encrypted communication platform allegedly designed for the criminal underworld. Ghost, launched nearly a decade ago, was sold with modified smartphones for AU$2350 ($1,600), offering encrypted messaging and tech support. Authorities claim the app facilitated drug trafficking, money laundering, and violent crimes.

In a major operation, the AFP infiltrated Ghost by tampering with regular software updates, gaining access to devices. This led to coordinated raids across four Australian states, resulting in 38 arrests, the seizure of illicit weapons, and the prevention of 50 violent incidents.

Ghost reportedly had 376 active users in Australia, including members of Italian Organized Crime and outlaw motorcycle gangs. The AFP’s success in this operation highlights the ongoing effort to combat encrypted criminal networks globally.

macOS Zero-Click Exploit Chain Exposed

A recently discovered zero-click exploit chain in macOS revealed vulnerabilities that could have allowed attackers to remotely compromise iCloud data without any user interaction. Researcher Mikko Kentt?l? found the attack began with a flaw in how macOS handled files attached to Calendar events (CVE-2022-46723, CVSS 9.8). By sending a malicious file via a calendar invite, attackers could achieve remote code execution and bypass Apple's Gatekeeper and Transparency, Consent, and Control (TCC) protections.

The exploit leveraged path traversal to execute malicious code, manipulate system files, and ultimately steal iCloud Photos. Despite its severity, Apple has since patched these vulnerabilities, addressing them over a series of updates between October 2022 and September 2023.

Zoom out: While macOS's native security features like Gatekeeper are strong, this exploit demonstrates how persistent attackers can still bypass protections. Similar issues affect Windows, highlighting the need for constant vigilance and updates across all platforms.

Temu Denies Data Breach Amid Allegations of Stolen Customer Records

Temu, the rapidly growing e-commerce platform, is denying claims of a data breach after a hacker posted on the BreachForums hacking forum, offering to sell a database allegedly containing 87 million records of customer information. The threat actor, using the alias 'smokinthashit', shared a sample of the supposed stolen data, including usernames, IP addresses, full names, and hashed passwords.

Temu responded swiftly, stating that a comprehensive investigation found no match between the leaked data and its own records, labeling the claims as "categorically false." The company emphasized its robust security protocols and vowed legal action against those spreading misinformation.

Despite Temu's reassurances, the hacker insists the breach is real, claiming ongoing access to the platform's internal systems. While BleepingComputer couldn’t verify these claims, the situation highlights the potential reputational risks, and users are advised to update passwords and enable two-factor authentication as a precaution.