The DAO (Decentralised Anonymous Organisation) fund has been attacked, and public blockchain platform Ethereum has lost some $50 million in cryptocurrency. Funds stolen can’t be used for almost a month, and an attempted rollback will serve as a test case for blockchains’ self-healing abilities.
While most speculation about the Bangladesh Bank hack and other SWIFT-linked fraud have centered on North Korean Lazarus Group code found in the affected systems, the presence of Dridex leads others to suspect Russian gang involvement.
Guccifer 2.0 released Democratic Party donor lists late last week, and also emails purporting to show longstanding DNC preference for the party’s presumptive nominee. None of this is surprising. But Guccifer 2.0 insists he’s (she’s? they’re?) not the Russian government. There are clues in leaked material pointing to Russian speakers, but that needn’t mean the Russian government. There’s inevitable speculation that Guccifer 2.0 is a false flag for Russian intelligence services, and CrowdStrike has been standing by its attribution. Wikileaks says it’s received more compromised DNC documents.
Malwarebytes reviews the disappearance of the Angler exploit kit and its replacement by Neutrino.
In industry news, a Parliamentary committee in the UK suggests CEOs whose companies are hacked should have their pay docked. CRN reports that Tanium rejected acquisition bids from VMware and Palo Alto Networks. The Motley Fool thinks the two suitors FireEye rejected earlier this year were Symantec (which picked up Blue Coat instead) and Cisco (possibly).
Observers look into the failure to recognize the Orlando shooter as a threat.
A note to our readers: this Wednesday the CyberWire will be down in Laurel, Maryland, covering Cyber 7.0. Watch for our usual live-tweeting and special report on the proceedings.