Summer’s almost over, but the cyber world is heating up! We’ve collected the biggest cyber news from August, so you can stay in the loop. Here’s a breakdown of what happened this month:
1. Discord.io Shuts Down After Huge Data Leak
On August 14, Discord.io experienced a massive data leak, exposing info like usernames, emails, and hashed passwords of 760,000 users. Luckily, payment details were safe. The breach’s magnitude forced Discord.io to halt its operations. If you got a premium membership after July 16, 2023, expect a refund. For now, their site simply reads, “We are stopping all operations for the foreseeable future.”
2. Duolingo’s User Data Surfaces on Dark Web
A shady figure posted data of 2.6 million Duolingo users on a dark web forum on August 22. They claimed to get this data from an application interface open since March 2023. The data mostly had names, usernames, and emails. Duolingo stressed that there wasn’t an actual breach and are investigating further.
3. Tesla’s Employee Data Leaked by Ex-Staff
Data from over 75,000 current and former Tesla workers was taken, including addresses, phone numbers, and emails. Two ex-employees appear to be behind this, having leaked it to the press. The exact location of this breach remains unknown. Tesla’s supporting the victims and working with law enforcement.
4. Global Strike Against Qakbot Malware
The Justice Department and international allies cracked down on the Qakbot botnet, a malware infecting 700,000+ computers. They seized $8.6 million in cryptocurrency profits from this operation. Through spam emails, Qakbot helped ransomware groups cause havoc worldwide. Efforts against it have now detached many victim computers from its grip.
5. 14 Cyber Criminals Caught in Africa
A major bust across Africa saw 14 cybercriminals arrested, linked to over $40 million in losses. The operation, named ‘Africa Cyber Surge II’, was spearheaded by INTERPOL and AFRIPOL, aiming to combat various cybercrimes. Successful collaboration led to multiple dark website takedowns and arrests related to art fraud and messaging scams.
6. Malware Disguised as IT Tools
There’s a sneaky new trend: hackers are using malware disguised as popular IT tools. They’re fooling victims through Google Ads and search results, often making it hard for security teams to spot. Monitoring source IPs helps them decide who sees their malicious content.
7. Over 600 Citrix Servers Under Threat
A severe vulnerability affected 600+ Citrix servers in early August, letting hackers install malicious software. These compromises can let criminals access systems whenever they want. Companies are urged to up their cyber defense, patch vulnerabilities, and monitor for unauthorized access.
8. Cloudflare R2 Misused by Cybercriminals
Since February, there’s been a shocking rise in phishing pages hosted via Cloudflare R2. While it’s designed to guard against major online threats, it’s being used to make attacks even more powerful. Most attacks aim for Microsoft logins, but some also target other major platforms. This underlines the need for continuous updates in online security.
Stay safe out there, and let’s see what the cyber world brings us next month!