BleepingComputer’s Most Popular Cyber ​​Security and Tech Stories in 2021

2021

2021 is over and we can look forward to a hopefully healthier, safer, and more normal year 2022.

However, it has been a big year for technology and cybersecurity with cyber attacks and massive data breaches, innovative phishing attacks, privacy concerns and, of course, zero-day vulnerabilities.

Some stories, however, were more popular with our readers than others.

Below, we list the ten most popular stories on BleepingComputer in 2021, with a summary of each.

ten. Dismissed NY Credit Union Employee Destroys 21GB of Data in Revenge

A former employee of a New York credit union pleaded guilty to hacking into the financial institution’s computer systems without authorization and destroying more than 21 gigabytes of data in revenge after being fired.

As part of the revenge attack, the accused deleted over 20,000 files and approximately 3,500 directories during this period, totaling approximately 21.3 gigabytes of data stored on the bank’s shared drive.

9. 533 million Facebook user phone numbers leaked to hacker forum

After initially attempting to sell the data, a malicious actor disclosed the mobile phone numbers and other personal information of approximately 533 million Facebook users worldwide for free on a hacking forum.

What made this leak stand out was that it contained member information pulled from public profiles as well as private cell phone numbers associated with the accounts.

The data included 533,313,128 Facebook users, including a member’s mobile phone number, Facebook ID, name, gender, location, relationship status, occupation, date of birth and email addresses. -mail.

While Facebook said the data was scraped using a bug fixed in 2019, it still contained a treasure trove of personal information that could be used for targeted phishing or to breach other accounts.

Example of scratched phone numbers from area code 917
Example of scratched phone numbers from area code 917

8. New phishing attack uses Morse code to hide malicious URLs

It was discovered that a phishing campaign used a new obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

As phishing emails are typically intercepted by security software and secure email gateways, threat actors tried a smart tactic of converting malicious URLs and landing pages into Morse code to escape the threat. detection.

This additional code would then be decrypted by JavaScript embedded in the HTML attachment when it is opened.

Phishing attachment using Morse code
Phishing attachment using Morse code

7. New Zero-Day Exploit for Log4j Java Library is a Business Nightmare

While this story is the 7th most read article, it probably deserves to be # 1 because of its global impact and use by threat actors.

Last month, exploits were released for a critical zero-day vulnerability in the Apache Log4j Java logging library that allowed malicious actors to remotely execute almost any command they wanted on vulnerable servers.

As many other applications use Log4j, malicious actors quickly used the “Log4Shell” vulnerability in cyber attacks to deploy ransomware, install the Dridex banking Trojan, or spread sideways to VMware vCenter servers.

6. Adult content from hundreds of OnlyFans creators leaked online

A Google Drive shared folder has been shared online, exposing private videos and images from hundreds of OnlyFans accounts, leading a researcher to create a tool for content creators to check if they are part of the leak.

While it’s not uncommon for people to share OnlyFans private content, this leak stood out due to the many creators affected by the leak.

BackChannel founder Aaron DeVera told BleepingComputer that the Google Drive folder originally contained folders for 279 OnlyFans creators, one of the folders with over 10GB of videos and photos.

5. How to fix Windows network printing error 0x0000011b

2021 has been a complete mess for Windows printing, with the security update after the security update causing more problems for Windows admins than we’ve seen in a long time.

It started after a Windows printer spool vulnerability known as PrintNightmare was accidentally exposed. This disclosure led to the publication of a series of public exploits, which threat actors quickly used in attacks.

To address the vulnerabilities, Microsoft released numerous security updates that restricted Windows printing functionality and caused numerous errors when attempting to network printing.

One issue that occurred due to these fixes was Windows error 0x0000011b preventing users from printing, causing a huge headache for Windows administrators around the world.

Fortunately, a fix was discovered that allowed Windows administrators to fix Windows Network Printing Errors 0x0000011b.

4. Canon sued for turning off scanner when printers run out of ink

Canon USA has been sued for not allowing certain printers to scan or fax if they run out of ink, which is not used for those functions.

A Canon customer has filed a class action lawsuit alleging misleading marketing and undue enrichment by the printer manufacturer.

Since at least 2016, customers who have contacted Canon regarding this issue have been advised by support agents that ink cartridges must be installed and contain ink to use printer features, such as shown in the agent’s response below.

Canon support message regarding ink requirement
Canon support message regarding ink requirement

3. Over nine million Android devices infected with information-stealing Trojan

A large-scale malware campaign on Huawei’s AppGallery led to an estimated 9.3 million Android malware installations that impersonated more than 190 different apps.

Malicious actors hid their malware in Android apps masquerading as simulators, platform games, arcades, RTS strategies, and shooters for Russian, Chinese, or international (English) users.

The functionality of this Trojan horse allowed malicious actors to perform various malicious activities, including spying on SMS and downloading and installing other malware.

2. Researcher hacks over 35 tech companies in new supply chain attack

Using a new addiction confusion attack, a researcher hacked into the internal systems of 35 major companies, including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber.

The attack consisted of uploading malware to open source repositories, including PyPI, npm, and RubyGems, which were then automatically distributed downstream into the company’s internal applications.

Unlike traditional typosquatting attacks that rely on social engineering tactics, this particular supply chain attack required no action from the victim, who automatically received the malicious packages.

Addiction Confusion Proof of Concept Package
Addiction Confusion Proof of Concept Package

1. Windows 10 bug corrupts your hard drive when seeing this file icon

Our most popular story this year was a Windows 10 zero-day vulnerability that triggered corruption warnings and subsequent chkdsk on NTFS formatted hard drives.

To do this, attacks could enter a single line command that attempts to access a special Windows NTFS index attribute, as shown below.

Although the corruption warnings were false, and for most people no issues occurred, it would lead to Blue Screen of Death crashes in some of our tests, as shown in the video below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Trending this Week