Nintendo Accounts Breached

Stemming from a cyber-attack back in April, Nintendo has just announced that roughly 300,000 user accounts have been compromised, though most belong to systems that are now inoperable. From the excessive unauthorized purchases, the attackers likely used credential-stuffing methods to access accounts and make digital purchases through PayPal accounts that were already logged in. Nintendo has since contacted the affected customers and has begun pushing out mandatory password resets.

Kingminer Botnet Locks Down Entry Points Behind Them

After nearly two years of operation, the owners of the Kingminer crypto jacking botnet have taken up a new tactic of patching the very vulnerabilities they used to illicitly access systems. This implementation is likely being used to block any other malicious campaigns from accessing the compromised systems and net them larger profits. By using the EternalBlue exploit and patching it behind themselves, they can brute force their way into any vulnerable system and then keeping their own crypto mining scripts active for an increased amount of time before being discovered.

Honda Shuts Plants After Ransomware Attack

Several Honda plants around the world have recently closed due to a ransomware attack that has targeted several manufacturing systems. The shutdown came only hours after a new Snake ransomware sample was uploaded to Virus Total and was seen attempting to contact an internal site belonging to Honda. Currently, officials for Honda are still working to determine exactly what parts of their systems were affected and if any personally identifiable information was compromised.

Scammers Created Fake SpaceX YouTube Channels to Steal Cryptocurrency

Multiple malicious YouTube accounts have changed their names to keywords relating to SpaceX in order to scam viewers out of Bitcoin cryptocurrency donations. While it should be obvious that these channels are not the legitimate SpaceX account based solely on the number of subscribers, the fake channels have also been livestreaming old recorded SpaceX interviews with Elon Musk, to improve their legitimacy. Unfortunately, during the livestreams, the channels promote cryptocurrency scams in the chat section to entice other viewers to send in a small amount of cryptocurrency with the promise of a significant amount more being sent back.

Florence, Alabama Pays Ransom Demand

In the last week, officials for Florence, Alabama have been working to negotiate with the authors of the DoppelPaymer ransomware attack that took down the city’s email systems. Though the initial ransom amount was 38 Bitcoins, or the equivalent of $378,000, the security team that was brought in was able to drop the demand to 30 Bitcoins, or $291,000, which the city has decided to pay. It is still unclear exactly what information may have been stolen or accessed, the Mayor of Florence concluded that it was best to just pay the ransom and hope their information is returned and their systems are decrypted.

Connor Madsen

About the Author

Connor Madsen

Threat Research Analyst

As a Threat Research Analyst, Connor is tasked with discovering and identifying new malware variants, as well as testing current samples to ensure efficacy. Don’t miss the latest security news from around the world in his weekly Cyber News Rundown blog.

Share This