Risky Business #538 -- Marcus Hutchins is a milkshake duck, Iranian APTs doxxed and more

SIGINT hacker zines, defacement art competitions imminent...
25 Apr 2019 » Risky Business

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including:

  • Marcus Hutchins faces his milkshake duck moment
  • Iranian APT crew gets Shadowbrokersed
  • DNS interference campaign is actually two large-scale actors
  • UK to use some Huawei components in 5G build
  • French Government launches comms app for politicians, it doesn’t go well
  • More detail on CCleaner/ASUS crew
  • Carbanak source found on VT (lol)
  • Wall Street Market exit scams
  • BEC costing US firms $1.3bn PA
  • Much MOAR!

This week’s show is brought to you by Signal Sciences, their CEO Andrew Peterson will be along in this week’s sponsor interview to have a bit of a chat about how a lot of traditional enterprises are running serious business web app shops these days.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Show notes

Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware — Krebs on Security
filsy on Twitter: "The whole internet loves MalwareShake Duck, a lovely duck that saved the internet. *12 months later* We regret to inform you that the duck was the author of malware that stole your grandmothers lifesavings."
A Mystery Agent Is Doxing Iran's Hackers and Dumping Their Code | WIRED
Patrick Gray on Twitter: "This development raises serious questions, like: 1. When will SIGINT agencies start publishing zines? 2. Which nation state actors will produce the best defacement art and smack talk?"
Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: DNS Hijacking Abuses Trust In Core Internet Service
Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: DNSpionage brings out the Karkoff
Wipro Intruders Targeted Other Major IT Firms — Krebs on Security
The Weather Channel goes off the air for 90 minutes after ransomware infection | ZDNet
Manufacturing giant Aebi Schmidt hit by ransomware | TechCrunch
Huawei will help build Britain’s 5G network, despite security concerns - The Verge
U.S. and British Intelligence Agencies Downplay Disagreement Over Huawei 5G
Huawei frustration boils over as CIA allegedly shows the goods | Telecoms.com
French government releases in-house IM app to replace WhatsApp and Telegram use | ZDNet
Congress sends letter to Google for details on Sensorvault location tracking database | ZDNet
Supply Chain Hackers Snuck Malware Into Videogames | WIRED
Source code of Carbanak trojan found on VirusTotal | ZDNet
A 'Blockchain Bandit' Is Guessing Private Keys and Scoring Millions | WIRED
Another dark web marketplace bites the dust --Wall Street Market | ZDNet
FBI: US companies lost $1.3 billion in 2018 due to BEC scams | ZDNet
Security flaw lets attackers recover private keys from Qualcomm chips | ZDNet
Security flaw in EA’s Origin client exposed gamers to hackers | TechCrunch
RCE in EA's Origin Desktop Client – Underdog Security – Our blog...
More Security Endpoint Tech Isn't Always Better | Decipher
Chaos on Twitter: "last week i got to witness an engineering department lose a full day's work because if you put an emoji in a git commit message, Atlassian Bamboo chokes on it forever and you're forced to rebase master, like you should NEVER DO. this was of course referred to as The Emojiency"
Australian Lime Scooters Hacked To Say Sexual Things To Riders | Gizmodo Australia
Demand More from Your Web Application Security | Signal Sciences