NBA Warns Fans of Cyber Attack and Data Breach

“The data hacked was limited, and it is ample to do phishing attacks and other scams. The NBA urges its fans to stay cautious when they open doubtful emails that only appear to be from the association or its partners.”

Though the credentials of fans were not impacted by the attack, the hackers managed to steal some of their information. The National Basketball Association (NBA) has already hired a third-party cybersecurity service to investigate and resolve the issue.

Also Read, New US Cybersecurity Strategy Targets Cyber Attacks from China

However, the data hacked was limited, and it is ample to do phishing attacks and other scams. The NBA urges its fans to stay cautious when they open doubtful emails that only appear to be from the association or its partners.

To ensure that fans won’t get trapped in phishing attempts, the association clarified that it will never ask its fans for their usernames, account information, or passwords through their emails. Another indication that the email is true is if the email address ends in “”

Fans requested to ensure that if they do get an email with attachments that have suspicious links and take it to another website, they must verify it first before opening it since it could lead fans to a malicious website.

Previous NBA-Related Cyber Attacks

Back in April 2021, the NBA team Houston Rockets also faced a cyber attack, where the hackers tried to install malware on the computer systems of the franchise. However, the trials failed and threat actors did not breach their systems.

Houston Rockets hired cybersecurity experts to investigate the attack as they worked with the FBI (Federal Bureau of Investigation) as well. 

Tracey Hughes, Houston Rockets Spokesperson, said, “the organization detected suspicious activity on certain systems in its internal network.”

The malware did not impose any threat because of the cyber defenses that were already installed before the attack. The Houston Rockets mentioned that a few systems were impacted but it did not disturb their operations.

Reddit Claimed of Hacking says User Data is Safe


“Reddit explaining the nature of the phishing attack further mentioned that the attack was targeted at Reddit employees pressuring them into clicking on the link to a site that was similar to the internal gateway of Reddit. It seems some of the employees clicked on the link and enabled the hackers to enter the internal systems, thereby getting hold of the company data.”

Reddit, the California-based technology enabled community builder, has accepted that its site was hacked this week and claimed that the phishing attack was sophisticated targeting its employees.

Also Read, Cybersecurity Attacks: New Wave of Ransomware Target ESXi Hypervisors of VMware

The social media platform also mentioned this phishing attack happened on February 5 breaching the security systems of Reddit.

Having said that, the information technology company made sure that there was no exposure of the user database in the hack attempt but the hackers were able to access code, some internal documents, and some internal business systems.

Reddit explaining the nature of the phishing attack further mentioned that the attack was targeted at Reddit employees pressuring them into clicking on the link to a site that was similar to the internal gateway of Reddit.

It seems some of the employees clicked on the link and enabled the hackers to enter the internal systems, thereby getting hold of the company data. 

It once again persuades users that there has been no data loss or attack on the data of users. And in fact most of the data leaked comprises limited information about hundreds of company contacts and employees.

The company has tackled a complete analysis of the phishing attack after the employees notified them of possible intrusion from hackers.

The security team of Reddit managed to immediately close the breach and ascertain there was the least possible damage to its systems.

First of all, the attacker’s access to the systems was blocked and then initiated its enquiry into the incident mentioning the aforementioned details.

The Malware of Worok hides in PNGs

A group of hackers named, Worok is able to hide their malware within PNG images. By this way they are easily infecting victims’ machines for stealing information.

Researchers at Avast have confirmed this. In early. In September 2022 built upon the findings of ESET, the first to spot and report on Worok’s activity.


ESET’S warning


According to a report by Bleeping Computer, “A newly discovered cyber-espionage group has been hacking governments and high-profile companies in Asia since at least 2020 using a combination of custom and existing malicious tools.

The threat group, tracked as Worok by ESET security researchers who first spotted it, has also attacked targets from Africa and the Middle East.

To date, Worok has been linked to attacks against telecommunications, banking, maritime, and energy companies, as well as military, government, and public sector entities.”

ESET malware researcher Thibaut Passilly said, “We believe the malware operators are after information from their victims because they focus on high-profile entities in Asia and Africa, targeting various sectors, both private and public, but with a specific emphasis on government entities,”.


Avast’s Report


According to Avast’s researchers, “Our fellow researchers from ESET published an article about previously undocumented tools infiltrating high-profile companies and local governments in Asia. The tools, active since at least 2020 are designed to steal data. ESET dubbed them Worok. ESET monitored a significant break in activity from May 5, 2021 to the beginning of 2022. Nevertheless, when Worok became active again, new targeted victims – including energy companies in Central Asia and public sector entities in Southeast Asia – were infected to steal data based on the types of the attacked companies.”

We live Security by ESET reported, “During the ProxyShell (CVE-2021-34523) vulnerability disclosure in early 2021, we observed activity from various APT groups.”

For more updates on security industry, click here.

A group of Hackers stole police data on a billion Chinese citizens

In today’s world Hackers are the criminals everyone should be afraid of. Not only the normal citizens and netizens but Government authorities can also fall prey to them. Recently a group of Hackers claimed that they have stolen data on a billion Chinese citizens from a Shanghai police database. Not only this they are also attempting to sell the data. 23 terabytes of will cost just over $198,000. According to Bloomberg, “The person or group claiming the attack has offered to sell more than 23 terabytes of stolen data from the database, including names, addresses, birthplaces, national IDs, phone numbers and criminal case information, according to an anonymous post on an online cybercrime forum last week. The unidentified hacker was asking for 10 bitcoin, worth around $200,000.” They added, “Shanghai authorities have not publicly responded to the purported hack. Representatives for the city’s police and Cyberspace Administration of China, the country’s internet overseer, did not immediately respond to faxed requests for comment.”


The actual threat of Hackers


The real threat about this is that the data they have stolen includes old criminal cases which other than police are not expected to to have access of. Engadget says, “the hacker provided a sample of the data, which included crime reports dating as far back as 1995. Reporters confirmed the legitimacy of at least some of the data by calling people whose numbers were listed.” They added, “It’s not yet clear how the hacker infiltrated the police database, though there have been suggestions that they gained access via an Alibaba cloud computing company called Aliyun, which was said to host the database. Alibaba said it’s investigating the matter.

The true scope of the leak is unknown. However, cybersecurity experts have dubbed it the biggest cybersecurity breach in China’s history.”

It will be interesting to see how in future the respective authority handles and takes further steps to cop up with the matter.

What is the ‘North Korean Hacking’ fiasco in the cryptocurrency fiasco?

The FBI recently blamed hackers associated with the North Korean government for stealing more than $600 million in cryptocurrency last month from a video gaming company—the latest in a string of audacious cyber heists tied to Pyongyang.


The North Korean Hacking


“Through our investigation we were able to confirm Lazarus Group and APT38, cyber actors associated with the DPRK, are responsible for the theft of $620 million in Ethereum reported on March 29th,” the FBI said in a statement. “DPRK” is an abbreviation for North Korea’s official name, the Democratic People’s Republic of Korea, and Ethereum is a technology platform associated with a type of cryptocurrency.

The FBI was referring to the recent hack of a computer network used by Axie Infinity, a video game that allows players to earn cryptocurrency. Sky Mavis, the company that created Axie Infinity, announced on March 29 that unidentified hackers had stolen the equivalent of roughly $600 million — valued at the time of the hack’s discovery — on March 23 from a “bridge,” or network that allows users to send cryptocurrency from one blockchain to another.


Important Revenue for North Korea


The US Treasury Department sanctioned Lazarus Group, a wide swath of hackers believed to work on behalf of the North Korean government. Treasury sanctioned the specific “wallet,” or cryptocurrency address, that was used to cash out on the Axie Infinity hack.

Cyberattacks have been an important source of revenue for the North Korean regime for years as its leader, Kim Jong Un, has continued to pursue nuclear weapons, according to a United Nations panel and outside cybersecurity experts. North Korea last month fired what is believed to be its first intercontinental ballistic missile in more than four years.


Alleged North Korea Hacking


Lazarus Group has stolen an estimated $1.75 billion worth of cryptocurrency in recent years, according to Chainalysis, a firm that tracks digital currency transactions. While many cybersecurity analysts’ attention has been on Russian hacking in light of the war in Ukraine, suspected North Korean hackers have been far from quiet.

Researchers at Google last month disclosed two different alleged North Korean hacking campaigns targeting US media and IT organizations, and cryptocurrency and financial technology sectors. “It seems to be an ongoing strategy for them to supplement and make money through this activity,” Huntley remarked.


Also Read: DODO Project is all set to Revolutionize Crypto Exchanges

Nvidia hackers target Samsung, release 190GB of sensitive data

Rising instances of cybersecurity and cyberhacking are affecting the functioning of major tech companies throughout the world. Recently, the concerns for cyber attacking are increasing despite tight and tough security measures. In a piece of recent news, what seems like Samsung might have been a victim of a suspected cyberattack by the group responsible for Nvidia hackers.


Sensitive data hacked by Nvidia Hackers


According to latest reports, some of Samsung’s confidential data has reportedly leaked due to a suspected cyberattack. A few days ago, South American hacking group Lapsus$ uploaded a trove of data it claims came from the smartphone manufacturer. Bleeping Computer was among the first publications to report on the incident. It is unclear what the timeline of the Samsung breach is, and what sort of contact the hackers have had with the company. There have been no public demands like Lapsus$’s call for open-source drivers and an end to the crypto mining limiter, LHR, from Nvidia.


Bootloader Source Code


Among other information, the collective says it obtained the bootloader source code for all of Samsung’s recent devices, in addition to code related to highly sensitive features like biometric authentication and on-device encryption.

The leak also allegedly includes confidential data from Qualcomm. The entire database contains approximately 190GB of data and is actively being shared in a torrent. If the contents of the leak are accurate, they could cause significant damage to Samsung. According to The Korean Herald, the company is assessing the situation.


NVIDIA Data Breach


If Lapsus$ sounds familiar, it’s the same group that claimed responsibility for the recent NVIDIA data breach. In that incident, Lapsus$ says it obtained approximately 1TB of confidential data from the GPU designer, including, the group claims, schematics and driver source code.
The collective has demanded that NVIDIA open source its drivers and remove the cryptocurrency mining limiter from its RTX 30-series GPUs. It’s unclear what, if any demands, Lapsus$ has made of Samsung. The group has previously said its actions haven’t been politically motivated.


Also Read: Meta Introduces ‘Personal Boundary’ for User Safety in the Metaverse