Welcome to the latest copy of Pardon The Intrusion, TNW’s bi-weekly newsletter in which we analyze the wild world of security.

Bitcoin scammers struck gold on Wednesday by hijacking several high-profile absolute Cheep accounts in what’s easily the most catastrophic aegis breach to hit the platform.

Among the hacked accounts were President Barack Obama, Joe Biden, Elon Musk, Jeff Bezos, Bill Gates, accumulated handles of Apple and Uber accumulated accounts, and a number of accepted crypto exchanges.

The bulletin sent from the hacked accounts was simple: Send bitcoin and these famous people would send back double your money.

Within a matter of few hours, people were duped into sending more than $118,000 to the hackers.

Twitter accustomed the breach as a “coordinated social engineering attack” adjoin its advisers who have access to its centralized tools.

While capacity of the hack are still not fully clear, it looks like the baddies behind the operation leveraged an internal Cheep tool to access the accounts and change their email addresses in order to make it difficult for the accepted owner to regain access.

More troublingly, Motherboard’s Joseph Cox reported the hackers paid a Cheep cabal to do the job. If this is true, the adventure would be the second time an inside job has led to severe after-effects for the company.

Given the aberrant scale of the hack, Cheep is now likely to face tighter analysis of its aegis practices and the safeguards it has in place to anticipate such an attack from accident again.

With Cheep being an affecting belvedere for disseminating news, this adventure could have gone wrong in a lot of ways. Beyond being an attack on Twitter, it’s an indication of how bad actors can carry out abominable acts by impersonating public figures.

While it’s capital that annual holders use a strong countersign and turn on two-factor authentication, the hack is proof that even those measures may not be enough.

What’s trending in security?

Police shut down EncroChat, a massive global secure communications belvedere EncroChat used by organized crime gangs. New strains of EKANS ransomware were found targeting automated ascendancy systems, Microsoft took down malicious web domains used in a all-embracing cyberattack directed adjoin victims in 62 countries, and a Yahoo! engineer who hacked into 6,000 accounts to look for porn accustomed no jail time.

  • joint investigation by French and Dutch police, Europol, and the UK’s National Crime Agency resulted in 746 arrests of arresting abyss across Europe and the access of guns, two tons of drugs, and more than $67 million.
    • The three months-long operation was made accessible by arise the aegis protections of encrypted messaging app called EncroChat, which was used by the abyss to sell weapons and drugs around the world. [Motherboard]
  • The US Central Intelligence Agency has conducted a series of covert cyber operations adjoin Russia, China, Iran, and North Korea with the aim of abolition and antibacterial analytical systems à la Stuxnet. [Yahoo! News]
  • Convenience always comes at a price. Accepted encrypted chat app Signal’s new PIN feature, which lets users drift their contacts and letters amid devices, is alluring aloofness concerns. Cybersecurity experts said this could potentially be used by police to abstract data from Signal’s servers, but the app’s owner Moxie Marlinspike said the move was to “enable non-phone [number] based addressing.” [Motherboard]
  • Controversial spyware vendor NSO Group is back in the radar after cellphones of several politicians in Spain were targeted with Pegasus malware. It was also appear that the Spanish government has been NSO Group’s chump since 2015. [The Guardian / Motherboard]


  • North Korea’s state-sponsored hacking crews, including Lazarus, are breaking into online stores to insert awful code that can steal buyers’ acquittal card capacity as they visit the checkout page and fill in acquittal forms. [Sansec / Gemini Advisory]
  • Spyware and stalkerware use jumped 51% during the pandemic. “While spyware and infostealers seek to steal claimed data, stalkerware is different: it steals the concrete and online abandon of the victim,” Avast CISO Jaya Baloo said. As a consequence, Google said it’s banning stalkerware ads on its platform. [Avast / Google]
  • The threat group behind Evilnum malware have adapted its toolset to spy on banking technology companies amid in Australia, Canada, the EU, and UK with an aim to steal acute information. [ESET]
  • Law administration agencies in the US are buying access to breached information, including passwords, email addresses, IP addresses, SSNs, and more, from a aggregation called SpyCloud in an attack to pursue analytic leads. Well intentioned? Of course. Ethically dubious? Undoubtedly. [Motherboard]
  • Google Project Zero’s Brandon Azad abundant the vulnerability that unc0ver used to release a jailbreak for iOS 13.5. The flaw was articular merely four hours after the jailbreak was appear on May 23 3 PM PDT, with Apple patching it a week later on June 1. [Google Project Zero]


  • Fifteen billion usernames and passwords for a range of internet casework are currently for sale on underground forums. [Digital Shadows]
  • Intrusive ads on Android are accepting nasty, with users targeted with adware that infect system partitions and make abatement difficult. [Kaspersky]
  • Google Cloud appear a new aegis alms called Confidential VMs as part of its Confidential Computing portfolio to let action barter keep data encrypted while in use. [Google Cloud]
  • New SMS phishing (aka smishing) attack disguises advice burglary FakeSpy malware as accepted global postal-service apps to pilfer SMS messages, banking data and more from the victims’ devices. [Cybereason]
  • A Russian hacking group called Cosmic Lynx has been tied to a new wave of more than 200 business email accommodation (BEC) attacks since July 2019 with an aim to blackmail hundreds of bags of dollars from companies. [Agari]
  • A belled cybercriminal who netted at least $1.5 actor by burglary advice from more than 300 corporations and governments in 44 countries has been articular as Fxmsp, a 37-year-old man from Kazakhstan. [Group-IB / MIT Technology Review]
  • The fortnight in leaks, data breaches, and ransomware: CollaberaData ViperLogBoxRobloxWattpad, and US bi-weekly websites.

Calling all techies

Join AWS Marketplace to ascertain how you can bound build an ambiance that keeps pace with the scale and activity your business needs. This webinar will analyze strategies to advance your software and basement deployment that will lay a foundation for success. It will also affection Amazon Web Casework (AWS) chump success belief and recent peer analysis findings.

Tweet of the week

For more on the discussion, click here.

That’s it. See you all in two weeks. Stay safe!


Pssst, hey you!