Hackerzhome

hackerzhome-logo-bg
Hackerzhome-logo-sm

Cybersecurity news all over the world

HACKERZHOME NEWS

January 26, 2023

www.hackerzhome.org

Thursday

Alleged League of Legends source code is being sold by hackers

The claimed source code for Riot Game’s League of Legends and the Packman anti-cheat program, which was confirmed to have been taken in a recent hack of the game company’s developer environment, is currently being auctioned off by threat actors.


Riot Games revealed last Friday that its development environment had been breached, allowing threat actors to acquire the source code for the company’s Packman legacy anti-cheat technology, Teamfight Tactics, and League of Legends (LoL).


The business announced yesterday that it had received a ransom note from the threat actor but that it would not be paying one. This ransom note was discovered by Vice.com, and it requested $10 million to stop the release of the stolen material.


On a well-known hacker site, the threat actor behind the attack started selling the purported source code for League of Legends and the original Packman anti-cheat platform last night.


According to the threat actor, Packman and the League of Legends source code are on sale for at least $1 million.


The threat, despite refusing to provide more evidence of the stolen source code, claimed to have shared it with Ryscu, a YouTuber who specializes in videos about League of Legends.

NEWS 1
Alleged League of Legends source code is being sold by hackers

Breaking news

LIVE

You are not up to date!

Subscribe to our newsletter and stay updated on cybersecurity news

More than 4,500 WordPress websites were compromised, redirecting users to dubious ad pages.

Over 4,500 WordPress websites have been infected as part of a large-scale effort that has reportedly been ongoing since at least 2017.

A malicious domain called “track[.]violetlovelines[.]com” is hosting obfuscated JavaScript viruses, according to GoDaddy-owned Sucuri, which is intended to reroute users to undesired websites.

Using information from urlscan.io, it has been estimated that the most recent operation has been running since December 26, 2022.

More than 3,600 sites were affected by an earlier wave that was observed in early December 2022, while more than 7,000 sites were affected by an attack wave that was observed in September 2022.

The malicious code is added to the WordPress index.php file, and according to Sucuri, it has been deleted from more than 33,000 other files on the hijacked sites over the course of the last 60 days.

Therefore, a traffic direction system is used to start a redirect chain when unwary people visit one of the compromised WordPress sites, leading the victims to pages presenting dubious adverts for products that ironically combat intrusive ads.

NEWS 2

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

January 26, 2023 /

Thursday

Hackerzhome News

2

Have your heard ?
Hackers Demand Extortion From Riot Games, But The Company Declines To Comply Know more!

Critical Windows CryptoAPI spoofing flaw has an exploit available

Critical Windows CryptoAPI spoofing flaw has an exploit available

Researchers from Akamai have revealed proof of concept exploit code for a significant Windows CryptoAPI flaw that allowed MD5-collision certificate faking and was found by the NSA and UK’s NCSC.

This security weakness, identified as CVE-2022-34689, was fixed with security patches that were made available in August 2022, however, Microsoft didn’t make this information public until the advisory was first published in October.

This flaw, which Redmond has classified as having a critical severity, can be used by unauthenticated attackers to launch simple attacks.

Today, security experts from the Akamai cloud security company provided an OSQuery and a proof of concept (PoC) exploit to assist defenders in identifying CryptoAPI library versions that are vulnerable to attacks.

Given that the digital signature appears to come from a reliable and trustworthy supplier, the targets would therefore be unaware that the file is actually malicious.

If a CVE-2022-34689 exploit-based attack is successful, it might potentially give attackers access to user connections to the compromised program, including web browsers that use Windows’ CryptoAPI encryption library, enabling them to conduct man-in-the-middle attacks and decode sensitive data.

NEWS 3

820,000 clients are impacted by a data breach at Zacks Investment Research

820,000 clients are impacted by a data breach at Zacks Investment Research
NEWS 4

The company Zacks Investment Research (Zacks) was infiltrated by hackers last year, allowing them access to 820,000 clients’ sensitive and personal data.

Zacks learned that some client details had been accessed without permission at the end of the previous year. A threat actor entered the network somewhere between November 2021 and August 2022, according to an internal examination of the incident.

Zacks started the password-reset process for accounts that had been compromised after discovering the incident, requiring users to select new credentials when logging in the following time.

Although it is unknown if any data was stolen, the breach exposed user passwords for the Zacks.com website as well as full names, addresses, phone numbers, and email addresses.

According to the company, additional security measures have been added to the network, and it is currently developing and installing new security systems with the help of an outside cybersecurity expert.

Those who use SMS-based two-factor authentication (two-factor authentication) to secure online investment accounts should change their phone number or 2FA technique because the disclosed data can be used by SIM swappers to port the numbers to clone cards and access the secured accounts.

Recent blog posts

Windows is the target of attacks from new stealthy Python RAT malware

A new Python-based malware has been discovered by the public that has the ability to control compromised systems via remote access trojan (RAT) technology.

The new RAT, dubbed PY#RATION by researchers at threat analytics firm Securonix, communicates with the command and control (C2) server using the WebSocket protocol and steals data from the target computer.

The business’s technical study examines the malware’s operation. Since the PY#RATION campaign began in August, the researchers have observed various versions of the RAT, which indicates that it is still under active development.

A phishing effort using password-protected ZIP file attachments that contain two shortcuts is used to spread the PY#RATION virus. image-like LNK files called front.jpg.lnk and back.jpg.lnk.

When launched, a driver’s license’s front and back are visible to the shortcut victim. Malicious code is also run in order to download two.TXT files (called “front.txt” and “back.txt”) and contact the C2 (Pastebin in later assaults), both of which are afterward renamed to BAT files in order to accommodate the malware execution.

Windows is the target of attacks from new stealthy Python RAT malware
NEWS 5

For placing advertisements and promotions in this newspaper, or anywhere on our website, contact us through email at [email protected] or fill out this contact form.

Share this news:

Cyberghost

Cyberghost

A Computer science Engineer, Certified Ethical hacker (CEH), Offensive Security Certified professional (OSCP), SOC Analyst & Content Creator.

Leave a Reply

Your email address will not be published. Required fields are marked *