FTX Hacked | Avast and LastPass Reports | US Midterm Elections Uncompromised By Cyber Attacks

Article by Christopher Lauder, Client Engagement Executive, Rela8 Group

FTX Hacked

Collapsed cryptocurrency exchange FTX reportedly faced a series of unauthorized transactions over the weekend, prompting several warnings from users and analysts against interacting with its mobile application or website.

Wallets associated with FTX saw roughly $266.3 million worth of outflows on Nov. 11, according to analytics firm Nansen. FTX US, a separate entity operating in the United States, was reportedly drained of $73.4 million.

The magnitude of the alleged attack appears to have intensified overnight, with net outflows from FTX and FTX US totalling $659 million, according to Nansen data journalist Martin Lee. That represents roughly one-third of the wallets’ net outflows over the past seven days.

Martin Lee also said that “We've seen over $2B in net outflows from FTX Intl and FTX US over the past 7 days of which $659M (33%) happened in the last 24 Hours. Somehow no congestion or long wait times when the wallet was getting mass drained”.

of the $600+ million drained, around $477 million is suspected of having been stolen, while the remainder is believed to be moved into secure storage by FTX themselves.

At the beginning of the week, FTX held the reigns as a top-three cryptocurrency exchange. Its monumental collapse began on Nov. 7 when the Binance CEO tweeted that his exchange would be liquidating its entire FTX Token. The announcement prompted a bank run on FTX, from which it could not recover.

On Nov. 11, former FTX CEO Sam Bankman-Fried announced that FTX, FTX US and Alameda Research were filing for bankruptcy.

Source - FTX Unauthorised Transactions - Coin Telegraph

Source - FTX Unauthorised Transactions - Reuters

Source - FTX Unauthorised Transactions - CNBC

Source - FTX Unauthorised Transactions - Economic Times

“We've seen over $2B in net outflows from FTX Intl and FTX US over the past 7 days of which $659M (33%) happened in the last 24 Hours. Somehow no congestion or long wait times when the wallet was getting mass drained”.
Martin Lee, Nansen data journalist

Avast and LastPass Reports

Last week, Avast published its Q3/2022 Threat Report. Jakub Kroustek, Avast Malware Research Director, noted, “An interesting trend we observed this quarter was cyber gangs actively crowdsourcing and paying people to support their criminal activities, including the improvement, marketing and distribution of their malware”.

“In terms of attacks, we noticed an uptick in DealPly adware towards the end of Q3/2022, a massive spike in Raccoon Stealer infection attempts, increased MyKings botnet activity, and a new botnet called Pitraix, written in Go, gaining a bit of traction. Overall, the volume of cyber attacks remained high, despite cybercriminals appearing to relax a bit over the summer months.”

Keeping with research, LastPass released findings from its fifth annual Psychology of Password Findings, which revealed even with cybersecurity education on the rise, password hygiene has not improved.

Christofer Hoff, Chief Secure Technology Officer for LastPass, commented, “Our latest research showcases that even in the face of a pandemic, where we spent more time online amid rising cyberattacks, there continues to be a disconnect for people when it comes to protecting their digital lives.”

“The reality is that even though nearly two-thirds of respondents have some form of cybersecurity education, it is not being put into practice for varying reasons. For both consumers and businesses, a password manager is a simple step to keep your accounts safe and secure.”

Source - Avast Threat Report - IT Wire

Source - Avast Threat Report - Tech Digest

Source - Avast Threat Report - Avast

Source - LastPass Report - LastPass

Source - LastPass Report - Business Wire

US Midterm Elections Uncompromised By Cyber Attacks

Last week, the population of the US headed to the polls to vote in their midterms elections. The Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly issued a statement on Wednesday claiming the midterm voting procedures were not disrupted or compromised by cyber-attacks. “I want to express my gratitude to the election workers and hundreds of thousands of Americans who served as poll workers yesterday,” they said.

According to Easterly, state and local election workers have already put in long hours and will continue to do so in the days ahead to certify the election results.

“They serve on the front lines of our democracy, and they deserve our support, our admiration, and our respect. CISA is proud to call them partners. It’s because of them that we can all have confidence in the safety, security, and integrity of our elections,” he added.

Further, the CISA director said the agency had not seen any evidence that any voting system deleted or lost votes, changed votes, or was compromised in any part of the country.

“Right now, election officials are tabulating votes, reviewing procedures, and testing and auditing equipment as part of the rigorous post-Election Day process that goes into finalizing and certifying the results.”

“These rigorous procedures are why the American people can have confidence in the security and integrity of the election,” he added.

The news comes a month after CISA first urged voters to critically evaluate any information they received about the midterms as foreign actors may seek to sow doubt about the result.

Source - US Elections Uncompromised - InfoSec Magazine

Source - US Elections Uncompromised - CISA

Source - US Elections Uncompromised - Law and Crime

If you want to get in touch then give us a shout