Cyber Security News Update 3/30/2018

The popular fitness app, MyFitnessPal, has been hacked Under Armour reported. Nearly 150 Million accounts have had their information stolen, which includes the users email address, name, and password. While no financial information has been stolen, users are still urged to change the passwords on their other accounts. A common attack would be to acquire information from MyFitnessPal, and see if it works anywhere else. Popular websites will be queried using the same email address and password; while it might not work frequently, it only has to pay off a few times to make the attack worth it. Under Armour released details about the hack on March 25, which occurred in February of 2018. The passwords that were stolen were encrypted, but the attackers may be able to defeat the encryption. Under Armour is resetting user passwords on MyFitnessPal, and is urging its customers to keep an eye on their online accounts.

The City of Atlanta is still under siege from ransomware; while it’s made some progress in extricating the data that’s been locked away, the majority of it is still inaccessible. The municipal courts are currently inoperable, all of their data has been hidden behind a paywall. Residents are also unable to pay their bills for their utility bills. Policing efforts are being effected due to the warrant and tracking system being encrypted, and the police have gone back to a paper system. This has hindered policing efforts, and has made it hard to identify people. The ransom to restore Atlanta’s access is set at $51,000 USD. The group behind the attack usually requests sums of $50,000 USD or less, which is payable only in Bitcoin. There is a strong push against paying the ransom because of the precedent it would set. Secureworks, a security firm owned by Dell, has been working with Atlanta to free their data. While they’ve had some success, the city is far from free. The FBI, Department of Homeland Security, Secret Service, and other independent groups are also involved with the case. They’re looking into the methods, motive, and preventative measures that can be gleaned from the attack.
Source: Atlanta Works to Break Ransomware Hold

The United States has charged 9 Iranian citizens with the theft of academic papers and research. The Iranians used phishing attacks against independent researchers, colleges and universities, state governments, the federal government, and even the United Nations. The US alleges that nearly $3.5 Billion USD in research was stolen to be used by the Iranian Revolutionary Guard. Those accused are associated with the Mabna Institute, which had previously stolen terabytes of data from employees both domestic and overseas. The Mabna Institute has been sanctioned by the US in the past when they tried to Ransom HBO for $6 Million USD in Bitcoin by stealing un-aired episodes of popular shows, such as Game of Thrones. The Iranian government has stated that sanctions against their state run hacking group are “illegal and provocative” in the past; how they will respond to new sanctions is unknown, but it will probably be in a similar vein.
Source: US Charges 9 Iranians in Massive Academic Research Theft