Note: Each week we bring you the latest hacking news on the internet. Read on to find out who and what was hacked this week.
The banking arm of the UK’s biggest retailer fell victim to a hacking attack late Saturday night and in the early hours of Sunday morning. Almost 20,000 Tesco Bank customers have had money stolen from their accounts. Tesco Bank confirmed that 40,000 of 136,000 accounts were affected. Tesco Bank has frozen online transactions to try to protect customers. Customers can still use debit and credit cards for cash withdrawals and payments. Tesco Bank assured customers it will reimburse any financial loss.
The Indian Embassy Website was temporarily shut down after attackers hacked the site in Switzerland, Italy, Romania, Mali, South Africa, Libya and Malawi. The attackers leaked data on hundreds of Indian citizens living abroad, including name, address, email, passport number and phone number. According to The Hacker News, security pen-testers Kapustkiy and Kasimierz claimed responsibility, and did it for fun and to make the Indian Embassy aware of the sites insecurity.
U.S. military hackers penetrated Russia’s electric grid, telecommunications networks, and the Kremlin’s command systems prior to the election, according to NBC News. The act was a preventative measure to ensure that Russia did nothing to affect the election results. The hack left Russia vulnerable to attack by cyber weapons in case any action was taken. American officials have long said that Russia and other nations have left malware in parts of the U.S. critical infrastructure, and it has been suspected that the U.S. has done the same. Luckily, it seems no moves were made during the election.
Since August, 318,00 Android devices across the world have been infected by a Trojan virus. The attack tricks users to change device setting and allow installation of a third-party app in order to install the banking Trojan app by citing malware threats on the mobile device. The pop-up ad appears out of nowhere and instructs users to install a security app to remove the malware. It then automatically downloads an Android app installation file to the device without requiring approval. Google is working on a patch now.
Developer Brian Kane modified his Amazon Echo and a Big Mouth Milly Bass device in order to speak to the fish.
Following the DDoS attack on Dyn that utilized IoT devices, Andrew McGill of The Atlantic designed an experiment to test IoT vulnerability. He set up a virtual Internet-connected toaster, put it online, and waited to see how long it took to be hacked. It only took 41 minutes for the toasters to be hacked. You can read a full interview with Andrew discussing the experiment at NPR.
A DDoS attack in Finland recently knocked out heating systems. At least two housing blocks in the city of Lappeenranta went offline due to the attack. Both the central heating and hot water systems attempted to fight back against the cyberattacks, automatically rebooting. This left them in an endless loop of restarting, resulting in the shutting down for over a week.
Prior to the election, Cylance researches demonstrated techniques to prove that Sequoia AVC Edge Mk1 voting machine could be hacked.
FBI investigators are now “99 percent sure” that Hillary Clinton’s private email server was breached by foreign hackers, sources close to the investigation claim.
In Woodbridge, Va., a road sign was hacked to display anti-Clinton and pro-Trump messages. The sign read, “CROOKED HILARY (sic) IS A B****” and “VOTE TRUMP.” No word on whether this sign affected Virginia voting trends.