CyberSec Roundup
A synopsis of the Latest Cybersecurity News

Spidey Crypto Miners

Spider-Man: No Way Home is still the number 1 movie in cinemas right now and is on its way to being one of the top all-time grossing movies in the US. Because demand to watch the movie is so high, some are willing to download pirated copies and watch it for free, and some cyber criminals are taking advantage of that by hiding crypto mining malware within the torrent download. Reasonlabs discovered that the miner doesn’t appear to steal any personal information, but it could cause the PC to run slower than usual as the malware uses quite a bit of system resources. You should always ensure to only download files from official sources.

LastPass Master Passwords Leaked?

It appeared that way earlier in the week when some users got a notification that someone tried to log into their account as them, however LastPass confirmed that no passwords were leaked. The issue was that other websites were breached over the year and their passwords were leaked. Some Lastpass clients use the same password on these sites as their LastPass master password, something you should never do, thankfully no accounts were breached.

ONUS hit with Ransomware

ONUS, a Vietnamese crypto trading platform, was the victim of a Log4j based cyber-attack on its payment system. Unfortunately, they were not able to patch their systems before they were hacked, with the threat actors demanding a $5 million ransom not to publish the stolen customer information. However, ONUS is refusing to pay the ransom.

By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)