Who Got Hacked This Week? Feb. 11 Edition

Note: Each week we bring you the latest hacking news on the internet. Read on to find out who and what was hacked this week.

Thousands of WordPress Sites Hacked

After secretly patching three security flaws over a week ago, WordPress disclosed information about a vulnerability. WordPress worked closely with security companies to install a patch before announcing the information to ensure that hackers didn’t get a chance to exploit the flaws.

However, not all websites are safe. Most WordPress sites automatically update, but for those admins that disabled the feature, the patch has yet to be installed.

The vulnerability resided in the WordPress REST API, and would allow an unauthenticated attacker to delete or modify pages on an unpatched website, and even redirect visitors to malicious exploits.

Within 48 hours of the disclosure, at least four campaigns were launched, replacing content on over 66,000 web pages.

Site admins are urged to update to the latest WordPress realease, 4.7.2, immediately.

Hackers Take Down Over 10,000 Dark Web Sites

This week, a hacker group broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites.

Freedom Hosting II is the largest host of underground websites accessible through Tor. It hosts somewhere between 15 and 20 percent of all site on the Dark Web.

The group defaced all affected sites with a message that read, “Hello, Freedom Hostin II, you have been hacked.” Along with stealing its database, the hackers demanded a 0.1 Bitcoin ($100) ransom to return compromised data.

As of now, it is reported that the stolen database has been publicly released, which include email details of nearly 381,000 users. In addition, according to hackers, more than 50 percent of all files hosted on the servers were related to child pornography. Data also includes Dark Web users’ numerous plain text emails, usernames, and hashed passwords from forum websites hosted by Freedom Hosting II.

30,000 Sport Direct Employees Fall Victim to Cyberattack

English retailer Sports Direct was hit with a cyberattack last September that saw staff’s personal information accessed by hackers. The problem? Sports Direct didn’t inform its employees.

Hackers broke into the company’s systems and accessed names, email, and phone numbers of 30,000 employees. After three months the company became aware of the attack and reported it to the Information Commissioner’s office. The company did not, however, inform its employees.

Largest System Hack in Polish History Hits Banks

Several banks were infected with malware in what is called the largest system hack in Poland’s history.

The source of the infection came from the Polish Financial Supervision Authority (KNF), which is supposed to handle the safety and security of financial systems in Poland.

The attacker modified one of the KNF site’s JavaScript files, which made visitors load the malicious file, which downloaded malicious payloads. Once downloaded and executed, the malware performed reconnaissance, data exfiltration, and post exploitation. In some cases, attackers ever gained control over critical servers within targeted bank infrastructure.

The KNF confirmed their internal systems were compromised. The KNF decided to take down its entire system in order to secure evidence as a result of the attack.

Baby Monitor Hacked By a Stranger

A baby monitor was hacked and the attacker spoke to the child through the monitor.

Trump-Themed Malware Targets Macs

A Mac-specific malware using Donal Trump’s name has been discovered.

The malware first sends an email with a Word document titled “U.S. Allies and Rivals Digest Trump’s Victory — Carnegie Endowment for International Peace.” The document tells users it contains macros and asks to allow them to be activated. The macros then open up a binary file that launches a Fisher function, which runs a Python code to download a payload from a site called SecurityChecking.

If you see Trump’s name in a word document emailed to you, be wary.

Scottish Students Hack Teacher’s Email for Test Answers

Students at Belmont Academy in Ayr, Scotland, were caught after hacking a teacher’s email to steal answers to a math exam.

The five teenagers got a hold of the teacher’s username and password and logged into the email account. There they found the answers to an upcoming math exam. An investigation was launched and the students were caught when they all received exceptional results.

Man Hacks Amazon’s Dash Button to Donate to ACLU

Nathan Pryor hacked his Amazon Dash Button to donate $5 to the ACLU every time the button is pressed. He posted on Medium to teach others how to do the same.

8,000 School Employees Compromised by Email Scam

The Manatee County School District in Fla. was victimized by a phishing attack.

A payroll employee received a faux email from the superintendent asking for W-2s of the 8,000 employees working in the district. The employee was fooled and sent the documents.

The mistake wasn’t discovered until February 3^rd. The scammers now have financial data and social security numbers for thousands of employees.

The school district has partnered with All Clear ID, an identity theft firm that will monitor all the employees to make sure their identities are not stolen.