Weekly Axis Of Easy #248
Last Week’s Quote was “Some people see things that are and ask, Why? Some people dream of things that never were and ask, Why not? Some people have to go to work and don’t have time for all that.” George Carlin was the answer we were looking for … well done John Robinson!
This Week’s Quote: “No man’s life, liberty, or property are safe while the World Economic Forum is meeting at Davos.” … by???
THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
- A Crypto Hack is More Than a Niche Issue; It Impacts Society As a Whole
- Vulnerability in Premium WordPress Themes Causes Site takeover
- Cyber War Declared by Anonymous Against Pro-Russian Hacker Group Killnet
- Zoom Messages Can Expose People to Cyber-attacks
- Microsoft’s search agreement allows tracking on DuckDuckGo
- WEF: Certain Human Rights Will Need to be “Recalibrated” – by Mark E. Jeftovic
- Nope, Digital Driver’s Licenses Are Easy to Forge
- Proton Is Trying to Become Google—Without Your Data
- Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack
- Protection Tips: How to Prevent Phone Hacking
- Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
A Crypto Hack is More Than a Niche Issue; It Impacts Society As a Whole
Around $540 million was stolen from Ronin Network, a cryptocurrency, and NFT games company, $400 of which were Axie Infinity’s player’s funds. The theft was part of a series of attacks on cryptocurrencies. Axie Infinity has millions of players worldwide, and in the wake of the Ronin Network attack, regular users reported losing tens of thousands of dollars. In some cases, digital assets are the livelihood of players in the Philippines, with many of them playing to win them full-time. Crypto has become part of society, being used by a significant population. El Salvador became the first country to adopt Bitcoin as an official currency, and The United Kingdom announced its intention to become a “global hub” for the crypto industry.
The attacks on sites like the Ronin Network have a heavier impact on society. Being used on the dark web for criminal activities, cryptocurrencies are vulnerable: just in 2021, the National Cryptocurrency Enforcement Team (NCET) obtained 94,000 Bitcoin ($3.6 billion). The illegal market it is attempting to tackle is of an immense scale. According to the Ronin Network, they became aware of the attack six days after it occurred. This security level is unacceptable: crypto companies need to improve their safety fast, and they must provide users protection.
The attacks will continue, and companies need to invest in cyber security; increasingly severe attacks support the argument that crypto companies need more regulation as users are losing confidence in these platforms.
Vulnerability in Premium WordPress Themes Causes Site takeover
Researchers have found a critical flaw in two themes used by more than 90,000 WordPress sites. WordFenceThreat Intelligence Team researcher Ramuel Gall discovered the defect. Two versions of the themes were affected: Jupiter Theme 6.10.1 or earlier and JupiterX Core Plugin 2.0.7 or earlier. The flaw was found between April and Early May.
One of the flaws tracked as CVE-2022-1654 are a vulnerability that allows “any authenticated attacker, including subscribers and customers,” to take full control of any site running JupiterX Core Plugin.”The plugin is required to run the Jupiter X. On May 3, 2022, WordFence notified the developers of the Jupiter theme flaw. Specifically, the critical flaw is in a function intended to reset a site after uninstalling a template; in the Jupiter theme, the function is found in the theme itself; in Jupiter X, it’s present in the JupiterX Core plugin.
An AJAX request with an action parameter equal to abb_uninstall_template can elevate any logged-in user’s privileges to those of an administrator on a platform infected with a vulnerable Jupiter Theme version. Other flaws found by Gall were tracked as CVE-2022-1656, CVE-2022-1658, and CVE-2022-1659–are rated as medium risk, and one, CVE-2022-1657, is rated as high risk.
The WordFence advice is to immediately update anyone with the affected themes to the patched versions.
Cyber War Declared by Anonymous Against Pro-Russian Hacker Group Killnet
Killnet, a Pro-Russia hacker group, targeted European institutions, while Anonymous hackers claimed to have leaked the group’s personal information. The Anonymous collective announced that they were declaring war on Killnet. In a recent post on their Twitter handle, @YourAnonOne, the hacktivist group announced this recent development.
Cybersecurity agencies in the UK, New Zealand, USA, Canada, and Australia warned that the pro-Russian hackers might attack organizations outside of Ukrainian borders, so in response, Anonymous took offline their website (Killnet.ru), and their user´s database was leaked online. According to the same report, these groups could target Western critical national infrastructure organizations. Some identified cybercrime groups included DDoS attackers Killnet, CoomingProject, Sality botnet fame Salty Spider, and Emotet operators Mummy. Hence, Anonymous wants to disrupt Killnet’s attacking capabilities in Europe.”
According to an interview with RT, Killnet gave their side of the story, claiming that they are “ordinary people from all over Russia who stood up to defend their country.” “We have always been hated. First, it was the “terrible” empire, then the “bad” Soviet Union, and now it’s the “evil” Russia.” But the group of hackers is known for its DDoS attacks and for recently targeting websites of numerous Italian government ministries and institutions. In early May, Killnet attacked the Italian upper house of parliament, the Automobile Club d’Italia, and the National Health Institute.
Zoom Messages Can Expose People to Cyber-attacks
The video conferencing platform Zoom that became popular with the rise of the Covid-19 pandemic has revealed recent security vulnerabilities. Fratric tracked the flaws and reported them in February 2022.
According with the report, extensible Messaging and Presence Protocol (XMPP) is the standard for Zoom’s chat feature. Hackers can use a downgrade attack to execute arbitrary code by using a fake user account, connecting to a server, and downloading an update. The vulnerability (labeled XMPP Stanza Smuggling) exploits inconsistencies between Zoom’s client and server to send arbitrary XMPP stanzas to the victim.
“The attacker can force the victim to connect to a malicious server by sending a specially crafted control stanza.”
Inconsistencies in XML parsers in the software’s client and server are the sources of these vulnerabilities; this allows the hackers to take advantage of the software update and deliver an outdated, less secure version of Zoom.
Chief strategy officer and CISO advisor at Sectigo, David Mahdi, offered some advice on how to avoid becoming a victim of these hacks: “as a form of social engineering, attacks like this can be tough to prevent, since attackers can trick users into performing ‘the wrong thing,’ such as clicking on a bad link that downloads malware [..] Multi-factor authentication (MFA), when correctly deployed, can mitigate cyber-criminal attacks from using stolen credentials to access devices or networks in the case of a phishing attack. This approach is critical to any business, or individual consumers, to decrease the chances of becoming victim to identity-first cyber-attacks.”
Microsoft’s search agreement allows tracking on DuckDuckGo
Despite its pride in privacy, DuckDuckGo allows Microsoft’s trackers on third-party sites due to a syndication agreement between the two companies.
According to Zach Edwards, the security researcher responsible for the discovery, the DuckDuckGo privacy browser blocks trackers from Google and Facebook but allows Microsoft trackers to continue running. Additional testing also revealed that DuckDuckGo permitted trackers linked to bing.com and linkedin.com domains but blocked all others.
In response to the allegations, DuckDuckGo CEO Gabriel Weinberg confirmed that the search engine provider allows Microsoft to track users via third-party sites due to an agreement to syndicate search results. Moreover, Weinberg also stated that they are working with Microsoft to remove the restriction and make their app store descriptions more transparent.
Unfortunately, the revelation comes at an unfortunate time since DuckDuckGo recently criticized Google’s new ‘Topics’ and ‘FLEDGE’ tracking methods stating: “Google says they’re better for privacy, but all tracking is tracking.” And although DuckDuckGo has been transparent regarding its partnership with Microsoft, it is still unclear why they did not disclose their use of Microsoft trackers until Edwards discovered them.
WEF: Certain Human Rights Will Need to be “Recalibrated” – by Mark E. Jeftovic
Last week we saw the first in-person meeting of the global elites at their annual World Economic Forum in Davos since the COVID pandemic started. If anybody has ever read any of Klaus Schwab’s books, we could sum them up as one big pitch deck for a global technocracy.
*Former New Zealand PM Helen E. Clark ruminated on how the world was pretty well done with COVID but that COVID wasn’t done with the world.
Tragically, this meant we (the global elite “we”) were “losing this opportunity for transformative change.” She called for more “trans-sector” supra-national cooperation in order to get all the “bits and pieces,” like governments, the IMF, the foundations, the WHO and the UN to bring about a universal declaration to converge on said “transformational change.”
*Not to be outdone, former Goldman Sachs Vice Chair J. Michael Evans absolutely gushed over the work his company is doing toward individual carbon footprint trackers:
“We are developing, through technology, an ability for consumers to measure their own carbon footprint. What does that mean?”
“That’s where are they travelling, how are they traveling? What are they eating? What are they consuming on the platform? So, individual – carbon – footprint – tracker. Stay tuned, we don’t have it operational yet, but it’s something we’re working on.”
Evans personally owns a 600-foot super-yacht and in 2012 shelled out $27 million for an apartment on Fifth Av. NYC, while still owning a 5,000 sq ft duplex off Central Park. He had several other Manhattan properties then, including a $26M Upper West Side condo and a second apartment in Laurel Park listed at $2.75 million.
One wonders if any of the that will show up in Evans’ personal carbon footprint tracker.
Where does Evans work now? He left Goldman, but was still charged in connection with the 1MDB scandal, which fleeced the Malaysian sovereign wealth fund out of more than $4.5 billion. Those charges were settled out of court.
Evans then joined his present post as… president of Alibaba, the Chinese multi-national. Social credit anyone?
*United Arab Emirates Minister of State for Artificial Intelligence Omar Sultan Al Olama called for the deletion of Dark Web content (which isn’t deletable) and a conversation between UN bodies like the ITU to create a “passport system” to navigate between the various digital platforms.
*Australian eSafety commissioner Julie Inman told the forum that certain human rights, like free speech, need to be “recalibrated”:
“We are finding ourselves in a place, where we have increasing polarization everywhere, and everything feels binary when it doesn’t need to be, so I think we’re going to have to think about a recalibration of a whole range of human rights that are playing out online, from the freedom of speech to, you know, be free from online violence.”
That particular quote finished off with a peculiar non-sequitur around balancing data protection with “child dignity,” I think even some of the other panelists looked puzzled when she said it.
Oh those WEFsters. I sense the same battle coming over digital ID as we have on our hands with Bitcoin and decentralized cryptos vs the coming Central Bank Digital Currencies (CBDCs).
People look at CBDCs suspiciously, and rightly so, but then they make the mistake of conflating all digital currencies, including Bitcoin.
The same thing may happen with Decentralized Identifiers (DiD) for which protocol specifications are already well defined. DiD’s fulfill the requirements of a digitized world and how to verify who one is dealing with, but the danger is that centralized social credit style passports become dominant.
With Bitcoin and digital currencies telling the difference is easy: if the blockchain is governed by a protocol specification and people can custody their own private keys, it’s better than something centrally controlled and that can be programmed to override our own intent.
With decentralized digital IDs we need the same ability to easily differentiate technologies that will surveil and oppress, contrasted to those which will empower us.
The digital age requires both digital money and digital identifiers, the way to get it right is through decentralization and public-key cryptography.
Nope, Digital Driver’s Licenses Are Easy to Forge
Proton Is Trying to Become Google—Without Your Data
Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack
Protection Tips: How to Prevent Phone Hacking
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
Previously on #AxisOfEasy
If you missed the previous issues, they can be read online here:
- May 23rd, 2022: Cybergang Threatens To Topple Costa Rica’s Government With A Ransomware Attack
- May 16th, 2022: DEA Law Enforcement Data Breach Under Investigation
- May 9th, 2022: Citizens Should Be Told Government Tracks Their Movements, Says Canada’s Ethics Committee
- May 2nd, 2022: Goldbackdoor Malware Is Used Against Journalists By Nation-State Hackers
- April 25th, 2022: Shanghai Residents Find Creative Ways To Challenge Chinese Censorship