• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Network Security

Who Got Hacked This Week? Feb. 11 Edition

Who and what was hacked this week, February 11, 2017? Read on to find out.

February 11, 2017 Jonathan Blackwood Leave a Comment

Who Got Hacked

Note: Each week we bring you the latest hacking news on the internet. Read on to find out who and what was hacked this week.

 

Thousands of WordPress Sites Hacked

After secretly patching three security flaws over a week ago, WordPress disclosed information about a vulnerability. WordPress worked closely with security companies to install a patch before announcing the information to ensure that hackers didn’t get a chance to exploit the flaws.

However, not all websites are safe. Most WordPress sites automatically update, but for those admins that disabled the feature, the patch has yet to be installed.

The vulnerability resided in the WordPress REST API, and would allow an unauthenticated attacker to delete or modify pages on an unpatched website, and even redirect visitors to malicious exploits.

Within 48 hours of the disclosure, at least four campaigns were launched, replacing content on over 66,000 web pages.

Site admins are urged to update to the latest WordPress realease, 4.7.2, immediately.

 

Hackers Take Down Over 10,000 Dark Web Sites

This week, a hacker group broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites.

Freedom Hosting II is the largest host of underground websites accessible through Tor. It hosts somewhere between 15 and 20 percent of all site on the Dark Web.

The group defaced all affected sites with a message that read, “Hello, Freedom Hostin II, you have been hacked.” Along with stealing its database, the hackers demanded a 0.1 Bitcoin ($100) ransom to return compromised data.

As of now, it is reported that the stolen database has been publicly released, which include email details of nearly 381,000 users. In addition, according to hackers, more than 50 percent of all files hosted on the servers were related to child pornography. Data also includes Dark Web users’ numerous plain text emails, usernames, and hashed passwords from forum websites hosted by Freedom Hosting II.

 

30,000 Sport Direct Employees Fall Victim to Cyberattack

English retailer Sports Direct was hit with a cyberattack last September that saw staff’s personal information accessed by hackers. The problem? Sports Direct didn’t inform its employees.

Hackers broke into the company’s systems and accessed names, email, and phone numbers of 30,000 employees. After three months the company became aware of the attack and reported it to the Information Commissioner’s office. The company did not, however, inform its employees.

 

Largest System Hack in Polish History Hits Banks

Several banks were infected with malware in what is called the largest system hack in Poland’s history.

The source of the infection came from the Polish Financial Supervision Authority (KNF), which is supposed to handle the safety and security of financial systems in Poland.

The attacker modified one of the KNF site’s JavaScript files, which made visitors load the malicious file, which downloaded malicious payloads. Once downloaded and executed, the malware performed reconnaissance, data exfiltration, and post exploitation. In some cases, attackers ever gained control over critical servers within targeted bank infrastructure.

The KNF confirmed their internal systems were compromised. The KNF decided to take down its entire system in order to secure evidence as a result of the attack.

 

Baby Monitor Hacked By a Stranger

A baby monitor was hacked and the attacker spoke to the child through the monitor.

 

Trump-Themed Malware Targets Macs

A Mac-specific malware using Donal Trump’s name has been discovered.

The malware first sends an email with a Word document titled “U.S. Allies and Rivals Digest Trump’s Victory — Carnegie Endowment for International Peace.” The document tells users it contains macros and asks to allow them to be activated. The macros then open up a binary file that launches a Fisher function, which runs a Python code to download a payload from a site called SecurityChecking.

If you see Trump’s name in a word document emailed to you, be wary.

 

Scottish Students Hack Teacher’s Email for Test Answers

Students at Belmont Academy in Ayr, Scotland, were caught after hacking a teacher’s email to steal answers to a math exam.

The five teenagers got a hold of the teacher’s username and password and logged into the email account. There they found the answers to an upcoming math exam. An investigation was launched and the students were caught when they all received exceptional results.

 

Man Hacks Amazon’s Dash Button to Donate to ACLU

Nathan Pryor hacked his Amazon Dash Button to donate $5 to the ACLU every time the button is pressed. He posted on Medium to teach others how to do the same.

 

8,000 School Employees Compromised by Email Scam

The Manatee County School District in Fla. was victimized by a phishing attack.

A payroll employee received a faux email from the superintendent asking for W-2s of the 8,000 employees working in the district. The employee was fooled and sent the documents.

The mistake wasn’t discovered until February 3rd. The scammers now have financial data and social security numbers for thousands of employees.

The school district has partnered with All Clear ID, an identity theft firm that will monitor all the employees to make sure their identities are not stolen.

 

150,000 Printers Hijacked to Print Messages

A hacker called stackoverflowin has hijacked more than 150,000 printers over the past few days.

The affected printers printed out messages with text-illustrated robots and messages saying the victims had been hacked.

The notes say the hacker is using a flaming botnet, which makes affected computers forward transmissions to other computers automatically.

Affected printer brand types include HP, Epson, Canon, Brother, Samsung, Afico, Konica Minolta, and Oki.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Jonathan Blackwood
Jonathan Blackwood

Jonathan Blackwood is the Editor-in-Chief of TechDecisions. Jonathan joined TechDecisions in 2014 and writes about technologies that help to innovate and improve practices for companies of all sizes, K-12 and higher education, government, healthcare, hospitality, retail and large venue spaces. He is especially interested in the future of work and education and the Internet of Things. Follow him @BlackwoodTweets.

Tagged With: Cyber Attacks, Cyber Security

Related Content:

  • MOVEit vulnerability, zero-day, Progress Software Act Now: Vulnerability in Progress Software’s MOVEit Transfer…
  • iPhone security bug, Apple, Kaspersky Kaspersky Discovers New 0-Click iOS Exploit
  • C919 The Cyberattacks and Insider Threats During The Development…
  • FTC Ring FTC Accuses Ring of Watching Private Videos, Poor…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.