Hackers attack Garmin services

Users of the American company Garmin, one of the world’s largest navigation equipment and “smart” watches manufacturers, faced a multi-hour failure of its services on July 22. The Garmin Connect service, designed to sync data on the physical activity of smartwatches’ owners, became completely unavailable, the company’s official website and the support service were disrupted: Garmin could not receive calls or emails from customers.

For several days until July 27 the services remained unavailable, an unusual situation for such a large international corporation as Garmin (Garmin’s revenue in 2019 amounts to more than $3.7 billion). According to some public sources, the cause of the failure was a hacker cyberattack on Garmin’s resources. The new WastedLocker ransomware that appeared back in May, like other similar malware, operates according to a particular scenario: it encrypts the victim’s data, deletes the original files, and then demands a huge sum as ransom. To “unlock” the required data hackers demand to transfer the ransom in cryptocurrency, usually in bitcoins. It is impossible for the victim to restore data without backup copies.

According to Malwarebytes analysts’ conclusions, WastedLocker creators are the hacker group Evil Corp. The group became world-known when the banking trojan Dridex infected thousands of computers around the world and was used for blackmail, fraud and identity theft. The impunity of Evil Corp costs the affected companies dearly. According to the US authorities, the total amount of damage caused by the group exceeds $100 million. The British authorities estimate damage to the UK alone at several hundred million pounds. They call Evil Corp the most significant threat in the field of cybercrime.

At the moment, Garmin services are gradually being restored. The Garmin Connect platform is available in a limited mode, and devices have started downloading data for syncing, but the process may take a long time, up to seven days. At the same time paying a “ransom” is not an option: Evil Corp is subject to sanctions from the US authorities, so if Garmin attempts to negotiate and pay the amount requested by fraudsters, it is likely to faces criminal prosecution since American companies are prohibited from participating in any transactions with members of the group. Besides, it doesn’t make sense to collaborate with the hackers as they are unable to provide any guarantees in case the ransom is paid .

ScaleFactor failure: ordinary accountants employed instead of artificial intelligence

For six years ScaleFactor, an American startup, has been assuring small business clients that the program it developed can fully take over their finances and keep their books in order. As a result, the startup managed to obtain $ 100 million in investments but later investors discovered that all calculations were made manually by ordinary accountants, not by artificial intelligence. Forbes told its readers how this startup worked and how it collapsed.

Kurt Rathmann created ScaleFactor in 2014. The idea was to keep the clients’ books by means of special software and make accounting fully controlled and computerized with the help of artificial intelligence. In 2017 the company acquired support from the Techstars Austin business incubator with total investment of $ 2.5 million. Then a partner from Canaan Partners paid attention to the startup and Rathmann’s business got $ 10 million in investment.

Six months later, ScaleFactor received $ 30 million in a round led by Byron Deeter, a partner at Bessemer Venture Partners and an influential Silicon Valley cloud computing investor.

Despite the support from well-known investors, over time customers began to realize that something was going wrong. In April 2019, one of them requested termination of the contract when he saw that statements were not provided in real time, but once a month, as they were processed manually.

During the financial and legal examination, one of the potential investors discovered that the company had a special team of “client managers”, but later it turned out they were accountants.

ScaleFactor convinced clients that after the initial consultation, a program based on artificial intelligence would run their books. The software was not supposed to provide monthly statements, but to report data on its own portal in real time.

However, the program had a lot of bugs and errors, it could not be used for accurate sorting of operations, so the company hired a special team of accountants. They had to manually fill in customer statements and fix the program’s errors.

As a result, it turned out that ScaleFactor had only one tool with an automation component – an internal work environment engine, a managed list of tasks for employees, through which tasks were organized for maintaining the client’s accounting.

Yet the startup was viable and managed to attract investment in a new round of funding in early June 2019.The company’s employees were promised to double their bonuses if they could earn $ 800,000 on contracts with new clients. According to customers, managers began to offer discounts in exchange for a recommendation and signed contracts even without payment details. At the end of the month, the sales department was told that the targets were met, but a few weeks later it turned out that the bonuses were not worth counting on: some transactions were illegal, and the goals were not actually achieved.

ScaleFactor struggled to recruit new customers while existing clients demanded compensation. In October 2019 an employee who monitored customer churn reported a real risk of losing about $ 600,000 in annual revenue.

In January 2020, Kurt Rathmann announced that ScaleFactor intended to switch to a commercial platform model that would connect ordinary accountants with potential clients.

In much 2020 the United States was hit by Covid-19 pandemic and existing clients were no longer satisfied with the company’s activity. In the spring investors discussed the future of the startup but eventually decided to stop its functioning.

In June Rathmann announced about the planned closure of ScaleFactor. He complained that due to a drop in demand from small businesses amid the pandemic the company’s annual revenue, which was $ 7 million at the end of 2019, would almost halve.

ScaleFactor said it would lay off about 100 employees with a three-month severance package and return funds to investors.

Some former clients and employees believe that Covid was a “convenient excuse” and the startup’s management tried to hide the extent of the real damage.

Data of more than 20 million VPN services users leaked

The data of more than 20 million users of free VPN services has become publicly available on the Internet. This is reported by the vpnMentor research team. Among the compromised applications were Free VPN, Super VPN, Flash VPN, Secure VPN and some others. According to the researchers who discovered the leak, this incident is a blatant case of disregard for basic safety rules.

VPN services are designed to protect users ‘ online privacy by anonymizing users’ data and protecting users from cybercriminals. In addition, VPN services help one to circumvent blockages in different countries, use applications that can’t be accessed in their region, and solve a number of other problems. Given that providing anonymity is one of the main tasks of VPN technology, data leakage from such services seems even more frightening.

As vpnMentor notes, this incident demonstrates “a complete disregard for VPN standards that puts users’ privacy at risk.”

The leak occurred in seven VPN services : UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN. At the same time, the total amount of personal data that became freely available equals 1.2 TB. The researchers found information about users ‘ Internet activity, their email addresses, unencrypted passwords, IP addresses, home addresses, smartphone models and their IDs, as well as other technical details.

According to vpnMentor, it is likely that all the services that lost their users ‘ data belong to one developer. This is indicated by the fact that they share the same ElasticSearch servers. Besides, all payments from these services are sent to the address of one recipient : Dreamfii HK Limited. At least three of the above-mentioned services have almost identical branding on their sites.

The interviewed experts admit that the data leak can lead to spam, phishing mailings, as well as hacking of other accounts, if  cybercriminals will make use of email addresses and passwords. VPN services users can also become victims of extortion or blackmail.

In addition, some users who have suffered due to the negligence of VPN owners may end up in prison since such services are often used by people living in authoritarian countries with repressive policies. If deanonymized, they will become an easy target for local authorities.

Will the US tech giants weaken encryption on Congress demand?

Tech companies might be forced to comply with “lawful access” to encrypted information, possibly threatening the technology’s security features.

A short time ago a group of  Republican lawmakers introduced the Lawful Access to Encrypted Data Act, which can bring to an end “warrant-proof” encryption. If the bill is passed, the act will require tech companies to assist investigators with access encrypted data in case such assistance would help with a warrant.

Lawmakers and the US Justice Department have long argued with tech companies over encryption, which is used to encode data. The Justice Department claims that encryption prevents investigators from getting the necessary evidence from suspects’ electronic devices and has requested that tech giants provide “lawful access.”

Giving access specifically to government agencies upon request is often referred to as an “encryption backdoor,”  which endangers privacy and might harm citizens.

Encryption is used to protect citizens’ personal data from hackers, authoritarian governments and abusive intruders by providing security measures that even the companies themselves aren’t able to crack. Investigators  ability to legally access that data raises concerns that the method could also open the door for criminals or hackers to abuse that exposure.

The legislation proposed does not explicitly demand tech companies to create a backdoor making it up to companies to decide  how to comply with lawful access orders. Besides, tech companies are allowed to appeal to the federal court to change or set aside the orders for information exposure.

Many world-known companies oppose the idea of weakening encryption, Facebook and Apple among them. The Justice Department has criticized these companies for embracing encryption, arguing the technology is protecting terrorists and all sorts of criminals.

The bill hasn’t been approved yet, however, it has brought out the matter of encryption and privacy on the agenda of the US tech companies and broader public.

Historical Twitter hacking and cryptocurrency fraud: Bill Gates, Elon Musk, Barack Obama and many other celebrities affected

Users lost more than 100 thousand dollars

Last week there was a planned hacker attack on the Twitter accounts of many famous personalities, including Microsoft founder Bill Gates, Amazon CEO Jeff Bezos, musician Kanye West, former US President Barack Obama, Tesla founder Elon Musk and many others.

It all started around 23: 00. The accounts of the crypto community representatives were the first to suffer from the hackers’ actions where unidentified offenders started publishing links to the phishing site CryptoForHealth. Then unknown hackers broke into dozens of accounts belonging to well-known entrepreneurs and companies. Messages were posted on their page on Twitter saying that they decided to share their savings, returning twice the amount that everyone will transfer to them within 30 minutes in bitcoins: “If you send $ 1000, I will refund $ 2000 back.”

These messages hung on the pages of the above-mentioned people for only a few minutes, after which they were deleted. Users in the comments suggested that this was most likely some kind of joke, but many decided to try their luck. The total amount of transfers in a few minutes exceeded 100 thousand dollars.

Twitter quickly responded, saying that they are investigating the hack, but it is not yet known how the hackers gained access to the celebrities’ accounts. Twitter CEO Jack Dorsey wrote about this on his microblog.

“A difficult day for us on Twitter. We all feel terrible about what has happened, ” Dorsey said, adding that the investigation is ongoing.

The Twitter founder is not targeted  by hackers for the first time. A year ago, hackers broke into his account and posted a number of messages that included offensive designations of African-Americans, as well as anti-Semitic statements with references to the Holocaust and bomb threats.

Wirecard Scandal Brief Overview

The prominent German payments processing firm Wirecard collapsed after $2 billion in its accounts were found missing or non-existent. The company is well-established as a global provider of payment services across online and mobile platforms. The scandal as we know it has just been uncovered , however, there were money laundering allegations dating back to  a decade-long times.

The scandal started to develop due to the activity of the Financial Times which watched Wirecard closely especially its headquarters in Singapore due to the alert about its plan to fraudulently send money to India via third parties. Back in 2019 the Singapore police raided the Wirecard offices, but Wirecard continued functioning dismissing all the allegations.

In late 2019 the Financial Times finally published documents indicating that profits at Wirecard’s units in Dublin and Dubai were fraudulently inflated. Despite denying this, Wirecard appointed KPMG to carry out a special audit, that in April 2020 resulted in a report they could not verify that arrangements responsible for the ‘lion’s share’ of profits reported from 2016 to 2018 were genuine. At this point questions about Wirecards auditors, EY, started to appear since they used to sign off on Wirecard’s accounts for more than a decade. European Investors VEB have called for a “thorough investigation” of EY’s work to be led by the German financial watchdog. Last week Wirecard’s board has decided to file an application for insolvency in the district court of Munich. It remains unknown whether insolvency applications for Wirecard group subsidiaries are likely to follow.

Naturally, the company’s financial scandal has had due impact on its share price which plunged over 75% following the insolvency announcement. The scandal has led to the arrest of the firm’s former chief executive Markus Braun who  is now accused of inflating Wirecard’s market position and financial health to appeal to investors. The ex-CEO has been released on a €5 million bail.

It goes without saying the scandal damages trust in auditors. Experts claim EY might have uncovered the fraud sooner if they’d been more diligent about a process called bank balance “confirmation.” Currently Wirecard intends to continue operating despite its insolvency application. Naturally there will be questions asked about how they managed to fraud investors, and EY, for so long. Bloomberg quotes Felix Hufeld, head of the German financial regulator Bafin, who said Monday on a panel discussion: “It’s a shame that something like that happened.” “It starts with looking at complete failure of a senior management, despite many, many hints to discover the facts,” he said. “It goes on to the scores of auditors who couldn’t dig up the truth and it goes on with a whole range of private and public entities including my own who have not been effective enough to prevent something like that happening.”