Week 40 Cyberattack Digest 2018 – Recipe Unlimited, Burgerville, Apollo startup and others
Have you been waiting for Monday to finally read our new weekly cyber attack digest? If so, we have some hot cyber news for you.
Hungry hackers target Recipe Unlimited
by CBC News – 3 October 2018
Restaurants are another tempting target of attackers as everything that possesses large client databases. A popular Canadian company Recipe Unlimited that is an owner of many popular restaurant chains was told to pay ransom in bitcoin in order to get back the information that had been obtained by the third party. The company said last Monday that it had suffered a “malware outbreak” affecting operations at a number of its restaurants including Swiss Chalet, Harvey’s, Milestones, Kelseys, Montana’s, Bier Markt, and East Side Mario’s; some restaurants have temporarily closed. A fraudulent letter popped up on computer screens at several locations owned by the company, some employees said. “The ransom note appeared under the file, ‘read me’ in a WordPad format. We were all really in a state of shock,” commented the restaurant’s employee. The ransom note told Recipe Unlimited that “there is a significant hole in the security of your company” and that “we’ve easily penetrated your network.” The fraudsters claim that they “crypted” the company’s data “with the strongest military algorithms” and in order to restore the files, the organization must pay an unspecified amount in bitcoin.”The final price depends on how fast you write us,” said hackers, noting that every day of delay costs 0.5 bitcoin, which is more than $4,000 Cdn. Currently, several locations are closed, and a number of others cannot process debit and credit card transactions. The ransom threat remains a concern for some workers. “We have no indication that this limited malware incident has resulted in any data breach,” said spokesperson Maureen Hart.
Burgerville has been attacked for a year
by SC Media – 4 October 2018
This was not the only attack performed by hungry hackers that has been disclosed recently. A fast-casual restaurant chain Burgerville has disclosed year-long data breach recently. The company said that it was infected with a malware by FIN7, also known as the Carbanak Group, resulting in customers’ payment card information being compromised. A forensics investigation was launched in the end of August, right after Burgerville learned of the breach through the FBI. The company was under the impression that the breach had been a brief one until the investigation showed on Sept. 19 that the attack was still ongoing. After that Burgerville tooki steps toward remediation, which was competed on Sept. 30 “This has included cutting off the various pathways the intrusion affected and upgrading systems to eradicate this breach,” the restaurant officials commented. Burgerville confessed it did not announce the incident earlier as it was cooperating with law enforcement officials, and confidentiality during the investigation was requested.
Apollo is breached after systems’ upgrade
by SC Media – 2 October 2018
Back in July, the sales engagement startup Apollo had its systems upgraded, after which malefactors managed to steal over 200 million contact records belonging to the startup. It is believed that the main part of the stolen data comes from the prospect database of the company, also known as ZenProspect. “We have confirmed that the majority of exposed information came from our publicly gathered prospect database, which could include name, email address, company names, and other business contact information. Some client-imported data was also accessed without authorization,” commented the officials. Delays in reporting breaches still take place from time to time, but under increasing pressure from regulators, such as GDPR, organization now notify authorities and potential victims much quicker. In its email addressed to affected customers, the organization confessed that the incident was discovered weeks after system upgrades in July. The case of Apollo is not the first and only one when a company learns about a breach after a long period of time. Experts warn that in case organizations care about their security enough, cyber incidents will have a serious impact on business viability.
Arrested suspected for doxing senators
by Bleeping Computer – 3 October 2018
Well, not all the news of the past week touch the incidents of long ago. The U.S. Capitol Police have announced that an individual who presumably posted the private information of U.S. senators on the Internet has been arrested. This has not been officially confirmed yet, but the incident might be related to the doxing of U.S. Senators Orrin Hatch, Mike Lee, and Lindsey Graham’s on their Wikipedia pages. The case could take place last week during Brett Kavanaugh and Christine Blasey Ford hearing. During the hearing, the senator’s pages was modified: someone added there personal data including home addresses and phone numbers. According to the experts’ conclusion, the modifications seemed to have taken place on September 27th at around 9 PM. An unknown actor used the IP address 126.96.36.199 that solves to the hostname chyron.house.gov and is affiliated with the U.S. House of Representatives. In the press release from the United States Capitol Police it is stated that a 27-year-old suspect Jackson A. Cosko was arrested for “Making Public Restricted Personal Information, Witness Tampering, Threats in Interstate Communications, Unauthorized Access of a Government Computer, Identity Theft, Second Degree Burglary, and Unlawful Entry.”
So, the main conclusion that can be made from the news of the last week is that it is important to care about your security even if there are no visible traces of intrusion. As the first step to improve your cyber sssecurity, follow us on Twitter, Facebook, and LinkedIn.