Cybersecurity News - August 2023

With cybercrime on the rise in recent years, it’s important for businesses and cybersecurity professionals alike to keep their thumb on the pulse of the most recent headlines throughout the industry. This is DOT Security’s cybersecurity news update.

Being aware of the most recent cybersecurity news is one thing, defending yourself and your business against it is a whole other game. Check out where your cybersecurity posture stands with DOT Security’s Cybersecurity Checklist: How Covered is Your Business?

The Discord.io Breach

Discord is a social text messaging and VoIP (voice over internet protocol) platform. It allows users to send instant messages, conduct voice or video calls, and exchange other media either in a private chat or a community-based group referred to as a server.

Discord.io is a third-party app that allows users who run servers on Discord to create and deliver customized invites. It was also the target of a vicious cyberattack that resulted in a data leak affecting 760,000 members.

After confirming the validity of the breach, Discord.io put a temporary halt on all services and operations to mitigate the extent of the damage and address the situation with an appropriate response. An important note to make is that this breach has not affected the actual Discord platform.

The breach is thought to have started with a vulnerability in the website’s code. The entry point that the hacker exploited gave them access to the site’s database, which they then proceeded to download. After successfully downloading the database, the hacker, known as ”Akhirah,” put the information up for sale on a cybercrime auction site, Breached.

What’s arguably the most interesting aspect of this breach is that Akhirah isn’t necessarily concerned with monetary gain. Rather, it seems they have a moral issue with some of the content available on Discord.io, claiming it’s “illegal and harmful.”

"It's not just about money, some of the servers they overlook [are] talking about pedophilia and similar things, they should blacklist them and not allow them," Akhirah told BleepingComputer.

In fact, in the same interview with BleepingComputer, Akhirah said they would prefer not to sell the leaked data, and would rather Discord.io contact them about removing the alleged harmful content.

Whether the allegations toward Discord.io hold any merit or not, this breach demonstrates just how vital data protection is, especially in such a connected network. This single vulnerability led to a data leak impacting 760,000 users and Discord.io is now facing extended periods of downtime due to it, not to mention a seriously bruised reputation.

Prioritizing cybersecurity, especially when handling mass amounts of user data, is an absolute must in the modern era.

The Duolingo Data Scrape

Duolingo is a language learning application that helps users learn new languages through a progression of lessons. Founded in 2011, it boasts over 500 million registered users, and over 60 million active monthly users.

Recently, however, the popular language learning tool was scraped by a hacker who then – you guessed it – put the scraped data up for auction on a cybercrime forum. The scraped data bank, affecting 2.6 million users, was the result of an issue with Duolingo’s API (application programming interface).

While it seems that Duolingo’s actual network hasn’t been breached, the user data compromised in the leak consisted of the following.

“The shared sample of data contains email addresses, usernames, names, and phone numbers (if provided by the user), information about social networks, and other generic info such as language studies, experience, progress and achievements, etc.”

So as things stand, Duolingo is investigating further to see what additional action, if any, they need to take to protect users.

Phishing with QR Codes

There’s been a recent surge in the volume of phishing attacks utilizing QR codes. Although this attack was launched against multiple industries, the most heavily targeted was a United States energy company who saw the bulk of these phishing emails.

Rather than a typical phishing email, this cyberattack leveraged scannable QR codes embedded in image files. The main reason for this is that by embedding the phishing link in a QR code that’s then embedded in an image file, the email itself has a much higher chance of making it into a target's actual inbox.

There is also a fairly high chance this offensive was a trial run to test how well phishing with QR codes works. QR codes aren’t necessarily ideal for phishing since they’re most often scanned by a smart device with a camera which then shows the user an actual preview of the link the QR code will send them to.

This means that attentive users have a good chance of avoiding harmful links when they’re hidden in a QR code.

The QR code phishing campaign goes to show that cybercriminals are getting cleverer and working on formulating and testing new social engineering cyberattacks. More than ever before, employee cybersecurity awareness needs to be a main initiative in your business.

The better your staff is trained on current cybersecurity and social engineering protocols, the safer and more secure your network will be.

Recapping Cybersecurity News in August

The digital era has arrived with a full head of steam and no one is taking advantage of sophisticated technologies the way hackers and cybercriminals are. Data is swiftly becoming one of, if not the, most valuable currencies there is, and not every hacker wears the gray hat Akhirah does.

Protect the data of your staff, clients, and the organization as a whole by building a comprehensive cybersecurity strategy that addresses modern day threats and sophisticated cyberattacks, no matter what form they take.

Put your cybersecurity posture to the test with DOT Security’s Cybersecurity Checklist: How Covered is Your Business?