{"id":34025,"date":"2020-12-26T12:02:55","date_gmt":"2020-12-26T10:02:55","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=34025"},"modified":"2025-08-28T16:42:15","modified_gmt":"2025-08-28T13:42:15","slug":"ledger-data-leaked-online-malware-masquerading-as-cyberpunk-2077-and-other-cybersecurity-developments","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/ledger-data-leaked-online-malware-masquerading-as-cyberpunk-2077-and-other-cybersecurity-developments\/","title":{"rendered":"Ledger data leaked online; malware masquerading as Cyberpunk 2077 and other cybersecurity developments"},"content":{"rendered":"<p>We have gathered the most important cybersecurity news of the week.<\/p>\n<div class=\"wp-block-text-wrappers-keypoints article_keypoints\">\n<ul class=\"wp-block-list\">\n<li>Ledger data from millions of hardware-wallet users <a href=\"https:\/\/u1f987.com\/en\/news\/ledger-data-leak-exposes-details-of-a-million-hardware-wallet-users\">was exposed publicly<\/a>. It contains email and home addresses, as well as phone numbers.<\/li>\n<li>The American Civil Liberties Union asserts that a FBI unit is involved in hacking mobile devices, and seeks information via court.<\/li>\n<li>Russia is among the leaders in the number of surveillance cameras.<\/li>\n<\/ul>\n<\/div>\n<p><!--more--><\/p>\n<h2 class=\"wp-block-heading\"><b>Ledger data of millions of users exposed<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The Ledger hardware-wallet user database <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/ledger-data-leak-exposes-details-of-a-million-hardware-wallet-users\"><span style=\"font-weight: 400;\">was exposed publicly<\/span><\/a><span style=\"font-weight: 400;\">. It contains email and home addresses, as well as phone numbers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The data breach <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/ledger-reports-data-breach-affecting-around-one-million-users\"><span style=\"font-weight: 400;\">occurred in June<\/span><\/a><span style=\"font-weight: 400;\"> \u2014 an unknown actor gained access via an API key. In October, on a forum, it was purchased by an unknown user under the nickname hyperdrill. The alleged price was 5 BTC.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">However, the database resurfaced again \u2014 sold by another person at lower prices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Ledger users later reported a <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/ledger-users-report-mass-phishing-attack\"><span style=\"font-weight: 400;\">phishing attack<\/span><\/a><span style=\"font-weight: 400;\"> demanding an urgent update. In December, hackers <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/ledger-users-lose-another-60-btc-to-a-fake-data-leak\"><span style=\"font-weight: 400;\">sent new notifications<\/span><\/a><span style=\"font-weight: 400;\"> to customers with phishing links on behalf of Ledger CEO Pascal Gauthier.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Gauthier, commenting on the large data leak, said that users should not expect compensation.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Users themselves are already receiving threats of physical harm via email.<\/span><\/p>\n<p><script async=\"\" src=\"https:\/\/telegram.org\/js\/telegram-widget.js?14\" data-telegram-post=\"forklog\/16646\" data-width=\"100%\"><\/script><\/p>\n<h2 class=\"wp-block-heading\"><b>Freedom Finance client data leaked online<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Information on more than 16 thousand clients of FreedomFinance leaked online. The seller of the database asserts that some of them are accredited investors.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The published sample of the database contains passport data, residential addresses, bank statements with account numbers and balances.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>ACLU seeks FBI data on phone hacking in court<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The American Civil Liberties Union (ACLU) filed a court request to the U.S. Department of Justice and the FBI regarding technologies enabling access to information on locked devices, and the unit that handles this.<\/span><\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">Our privacy and security are at stake. <a href=\"https:\/\/t.co\/TMSAKBMm5g\">https:\/\/t.co\/TMSAKBMm5g<\/a><\/p>\n<p>\u2014 ACLU (@ACLU) <a href=\"https:\/\/twitter.com\/ACLU\/status\/1341526544666271744?ref_src=twsrc%5Etfw\">December 22, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"\" utf-8><\/script><\/p>\n<p><span style=\"font-weight: 400;\">According to ACLU, the FBI&#8217;s Electronic Devices Analysis Unit (EDAU) has purchased or plans to purchase software to unlock and decrypt information on mobile devices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In response to ACLU requests, the FBI gave what is known as a <\/span><a href=\"https:\/\/en.wikipedia.org\/wiki\/Glomar_response\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">\u201cGlomar response\u201d<\/span><\/a><span style=\"font-weight: 400;\"> \u2014 i.e., refused to confirm or deny the information.<\/span><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><span style=\"font-weight: 400;\">\u00abNow is the time to take cybersecurity seriously and put an end to any plans to weaken encryption\u00bb, said the ACLU.<\/span><\/p>\n<\/blockquote>\n<h2 class=\"wp-block-heading\"><b>Russia among top three for surveillance cameras<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Russia ranked <\/span><a href=\"https:\/\/www.kommersant.ru\/doc\/4628220?from=main_4\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">third in the world for surveillance cameras<\/span><\/a><span style=\"font-weight: 400;\">, trailing behind China and the United States.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">According to TelecomDaily, Russia has a total of 13.5 million cameras \u2014 93.2 per thousand people.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Most (59%) are installed by organisations for security, nearly 33% funded by the state, and 8% installed by individuals.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Microsoft- and McAfee-led group to tackle ransomware<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Nineteen cybersecurity companies and organisations <\/span><a href=\"https:\/\/www.zdnet.com\/article\/microsoft-and-mcafee-headline-newly-formed-ransomware-task-force\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">will join the Ransomware Task Force<\/span><\/a><span style=\"font-weight: 400;\">. Together they will consider solutions to defend against ransomware attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Microsoft and McAfee will lead the new coalition.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Malware spread via fake Cyberpunk 2077 Android beta<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Kaspersky Lab specialists <\/span><a href=\"https:\/\/www.kaspersky.ru\/blog\/cyberpunk-2077-ransomware\/29873\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">discovered ransomware<\/span><\/a><span style=\"font-weight: 400;\"> masquerading as a beta version of the Android game Cyberpunk 2077.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The malware spread via a site designed to resemble Google Play. After installation, the app requested access to files. When granted, the next screen displayed a ransom note demanding $500 in Bitcoin.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Subsequently, experts found that files could be recovered without the attackers&#8217; help.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The authors also distribute fake Cyberpunk 2077 with ransomware for Windows. In this case, specialists could not recover the encrypted files themselves.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>Firefox to add anti-tracking protection<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The new Firefox 85, due in January 2021, will <\/span><a href=\"https:\/\/www.zdnet.com\/article\/firefox-to-ship-network-partitioning-as-a-new-anti-tracking-defense\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">include Network Partitioning<\/span><\/a><span style=\"font-weight: 400;\">. It aims to protect against tracking users as they move across sites.<\/span><\/p>\n<h2 class=\"wp-block-heading\"><b>SolarWinds breach: continuing fallout<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The scale of the SolarWinds hack, described as the largest breach of U.S. systems in the last decade, continues to grow.<\/span><\/p>\n<p><a href=\"https:\/\/www.wsj.com\/articles\/solarwinds-hack-victims-from-tech-companies-to-a-hospital-and-university-11608548402?mod=djemalertNEWS\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400;\">Victims of the attack<\/span><\/a><span style=\"font-weight: 400;\"> include numerous companies, hospitals, banks, universities and many more. Among them were Cisco, Intel, Deloitte, Nvidia, Fujitsu, Rakuten and Check Point.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As Senator Ron Wyden stated, hackers compromised dozens of U.S. Treasury email accounts.<\/span><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><span style=\"font-weight: 400;\">\u00abThe time has come to take cybersecurity seriously and put an end to any plans to weaken encryption\u00bb, \u2014 said the ACLU.<\/span><\/p>\n<\/blockquote>\n<p><span style=\"font-weight: 400;\">President-elect Joe Biden pledged to respond to the cyberattack.<\/span><\/p>\n<blockquote class=\"wp-block-quote twitter-tweet is-layout-flow wp-block-quote-is-layout-flow\">\n<p dir=\"ltr\" lang=\"en\">\u201cThis attack constitutes a grave risk for our national security,\u201d President-elect Biden says about the massive Russian cyberattack on the U.S. <a href=\"https:\/\/t.co\/yPFAUYjb8n\">pic.twitter.com\/yPFAUYjb8n<\/a><\/p>\n<p>\u2014 CNBC (@CNBC) <a href=\"https:\/\/twitter.com\/CNBC\/status\/1341485834927796224?ref_src=twsrc%5Etfw\">December 22, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><span style=\"font-weight: 400;\">Also on ForkLog:<\/span><\/p>\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400;\">EXMO <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/exmo-exchange-hacked\"><span style=\"font-weight: 400;\">exchange was hacked<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Nexus Mutual founder revealed details<\/span><a href=\"https:\/\/u1f987.com\/en\/news\/nexus-mutual-founder-reveals-details-of-8m-hack\"><span style=\"font-weight: 400;\"> of an $8 million hack<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Hackers <\/span><a href=\"https:\/\/u1f987.com\/en\/news\/hackers-hit-1000-symrise-computers-in-clop-ransomware-attack\"><span style=\"font-weight: 400;\">attacked 1,000 computers<\/span><\/a><span style=\"font-weight: 400;\"> belonging to fragrance producer Symrise.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Owner of BitGrail suspected of hacking his own Bitcoin exchange<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li><span style=\"font-weight: 400;\">Human Rights Foundation discussed how Bitcoin helps protect people\u2019s rights and freedoms<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\"><b>What to read this weekend?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Clearview AI had long remained largely secret. Yet its facial recognition system was used by hundreds of law enforcement agencies in the United States and private organisations, including well beyond the United States.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">ForkLog investigated the Clearview story and found out what risks to civil liberties are associated with facial-recognition systems.<\/span><\/p>\n<p>Subscribe to ForkLog&#8217;s news on Telegram: <a href=\"https:\/\/t.me\/forklogfeed\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ForkLog Feed<\/a> \u2014 full news feed, <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have gathered the most important cybersecurity news of the week.<\/p>\n","protected":false},"author":1,"featured_media":34026,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1111,1238,1233],"class_list":["post-34025","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybersecurity","tag-cybersecurity-digest","tag-industry-digests"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/34025","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=34025"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/34025\/revisions"}],"predecessor-version":[{"id":34027,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/34025\/revisions\/34027"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/34026"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=34025"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=34025"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=34025"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}