Hong Kong finance professional swindled out of $25 Million in first of its kind Deepfake video conference scam
In a groundbreaking scam in Hong Kong, a finance professional at a multinational company was deceived into transferring $25 million (HK$200 million) due to a sophisticated deepfake ruse.
The scam involved a video conference call where the victim encountered what appeared to be his CFO from London. Despite initial suspicions triggered by the CFO's slightly odd appearance, the presence of recognisable colleagues on the call eased the victim's concerns.
The Hong Kong police disclosed that the scam unfolded with the deepfake CFO making urgent requests for money transfers, leading to 15 transactions into five local accounts.
This elaborate fraud utilised AI to mimic past genuine conferences, enhancing the deception with WhatsApp, emails, and direct video chats. Senior Superintendent Baron Chan Shun-ching of the Hong Kong police highlighted the use of artificial intelligence to craft convincing fake voices. The true extent of the scam's sophistication varied in reports, but all concurred on the use of AI-generated personas. The fraud came to light only after the victim reached out to his corporation's head office. This incident, marks the first publicly disclosed case of a deepfake video conference scam.
AnyDesk Confirms Security Breach: Credentials Compromised, Thousands Sold on Dark Web
AnyDesk, a leading provider of remote desktop software, disclosed that it experienced a significant security breach on February 2nd , revealing that hackers infiltrated its production systems. In response, AnyDesk immediately launched a comprehensive remediation effort with cyber security specialists, successfully mitigating the threat. The company has since revoked all compromised security certificates and passwords, reassuring users that the network is secure and urging them to update their software and change passwords used elsewhere.
However, on February 4th a cyber security firm detected the sale of thousands of AnyDesk credentials on the dark web. The compromised credentials were being marketed by multiple hackers, including one with over 18,000 AnyDesk customer credentials.
Despite initial fears, further investigation by threat intelligence providers suggested these credentials likely stemmed from malware infections rather than the direct breach. Nevertheless, it highlighted the urgent need for AnyDesk customers to update their credentials, especially as evidence suggested some accesses occurred post-remediation.
This situation underscores the importance of vigilance and prompt action in securing online credentials in the wake of cyber security incidents.
US sanctions Islamic Revolutionary Guard Corps members for cyber-Attacks on water systems amid rising tensions
The U.S. has sanctioned six members of Iran's Islamic Revolutionary Guard Corps (IRGC) for cyber-attacks that targeted American water systems last year. The move follows the recent drone attack in Jordan, near the Syrian border, that resulted in the deaths of three U.S. soldiers, an act the U.S. attributes to an Iranian-backed militia. Brian Nelson, the U.S. Under Secretary of the Treasury for Terrorism and Financial Intelligence, condemned Iran's cyber actions against critical infrastructure.
The sanctioned individuals are from the IRGC's Cyber-Electronic Command (IRGC-CEC), including Hamid Reza Lashgarian, a commander in the IRGC-Quds Force, known for overseas operations and alleged Middle Eastern attacks.
The Cyber security & Infrastructure Security Agency (Cisa) emphasized the vulnerability of America's water systems, which are essential for clean water. One incident involved the IRGC-affiliated Cyber Av3ngers hacking the Municipal Water Authority of Aliquippa, Pennsylvania, and other water systems, exploiting technology from Israeli company Unitronics.
Federal officials are increasingly concerned about the escalation of such attacks and the exposure of vulnerabilities in U.S. water systems. Cisa warns that several countries, including Iran, China, Russia, and North Korea, are exploiting cyber security gaps, with Iran's cyber capabilities continuously evolving.
Philippines Repels China-Linked Cyberattack; Lawmakers Call for National Security Briefing
Philippines' government agencies successfully thwarted a cyberattack linked to China last weekend sparking legislative demands for a detailed national security briefing.
Jeffry Ian Dy from the Department of Information and Communications Technology (DICT) revealed the assault targeted various departments, including the Philippine Coast Guard and the President's website.
The attacks were traced back to China through state-owned Unicom's services. Despite the evidence, DICT clarified they are not accusing China directly but appealed for assistance in preventing future incidents. House Speaker Martin Romualdez emphasized the attack's gravity on national security, calling for an urgent, transparent briefing to address and bolster cyber security measures.
The event intensifies existing tensions between the Philippines and China, particularly over South China Sea disputes.
Reykjavík University Hit by Russian Hacker Group Akira
Reykjavík University has been grappling with a cyberattack since last Friday. The attack has since been attributed to the Russian hacker group Akira, known for ransomware attacks. The university's systems were significantly compromised, leading to an intensive effort to restore operations and secure data. Although the breach mainly exposed basic student information, the university advised students and staff to change passwords used elsewhere and adopt two-factor authentication to safeguard against phishing. The attack follows Akira's pattern of targeting institutions, including recent disruptions in Sweden's government services. HR is working diligently to recover affected systems, with plans to resume classes by February 5th, ensuring the university community stays informed of progress.
