Who Got Hacked This Week? Nov. 12 Edition

Note: Each week we bring you the latest hacking news on the internet. Read on to find out who and what was hacked this week.

20,000 Tesco Bank Member Have Money Stolen

The banking arm of the UK’s biggest retailer fell victim to a hacking attack late Saturday night and in the early hours of Sunday morning. Almost 20,000 Tesco Bank customers have had money stolen from their accounts. Tesco Bank confirmed that 40,000 of 136,000 accounts were affected. Tesco Bank has frozen online transactions to try to protect customers. Customers can still use debit and credit cards for cash withdrawals and payments. Tesco Bank assured customers it will reimburse any financial loss.

Indian Embassy Website Hacked in 7 Countries

The Indian Embassy Website was temporarily shut down after attackers hacked the site in Switzerland, Italy, Romania, Mali, South Africa, Libya and Malawi. The attackers leaked data on hundreds of Indian citizens living abroad, including name, address, email, passport number and phone number. According to The Hacker News, security pen-testers Kapustkiy and Kasimierz claimed responsibility, and did it for fun and to make the Indian Embassy aware of the sites insecurity.

U.S. Government Preventative Hacks Russia

U.S. military hackers penetrated Russia’s electric grid, telecommunications networks, and the Kremlin’s command systems prior to the election, according to NBC News. The act was a preventative measure to ensure that Russia did nothing to affect the election results. The hack left Russia vulnerable to attack by cyber weapons in case any action was taken. American officials have long said that Russia and other nations have left malware in parts of the U.S. critical infrastructure, and it has been suspected that the U.S. has done the same. Luckily, it seems no moves were made during the election.

318,000 Android Devices Compromised Thanks to Chrome Browser Vulnerability

Since August, 318,00 Android devices across the world have been infected by a Trojan virus. The attack tricks users to change device setting and allow installation of a third-party app in order to install the banking Trojan app by citing malware threats on the mobile device. The pop-up ad appears out of nowhere and instructs users to install a security app to remove the malware. It then automatically downloads an Android app installation file to the device without requiring approval. Google is working on a patch now.

Man Hacks Amazon Alexa to Speak Through Wall Mounted Fish

https://www.youtube.com/watch?v=eRoE6Hoz8DM

Developer Brian Kane modified his Amazon Echo and a Big Mouth Milly Bass device in order to speak to the fish.

Internet of Things Hacking Experiment Delivers Poor Results

Following the DDoS attack on Dyn that utilized IoT devices, Andrew McGill of The Atlantic designed an experiment to test IoT vulnerability. He set up a virtual Internet-connected toaster, put it online, and waited to see how long it took to be hacked. It only took 41 minutes for the toasters to be hacked. You can read a full interview with Andrew discussing the experiment at NPR.

Hackers Shut Down Finnish Heating System

A DDoS attack in Finland recently knocked out heating systems. At least two housing blocks in the city of Lappeenranta went offline due to the attack. Both the central heating and hot water systems attempted to fight back against the cyberattacks, automatically rebooting. This left them in an endless loop of restarting, resulting in the shutting down for over a week.