The US Navy continues to be relatively close-lipped about Chinese exfiltration of sensitive information from a contractor's systems. The unnamed contractor, working for the Naval Undersea Warfare Center in Rhode Island, is said to have reported a cyber incident, losing information that's believed to concern sensors, submarine cryptographic systems, and weapons.
The cyberespionage threat actor Patchwork, also tracked as Dropping Elephant, is showing renewed interest in US think tanks, repurposing think tank articles and studies as phishbait. Volexity calls the group out as an Indian unit.
Banco de Chile disclosed the loss of about $10 million during a May attack, when hackers successfully took the money via electronic transfer. The criminals used wiper malware to corrupt the master boot records of some 9000 systems. This aspect of the attack was apparently misdirection intended to distract IT staff while the hackers accomplished their main objective: SWIFT transfer fraud.
Coinrail, a cryptocurrency exchange based in South Korea, disclosed yesterday that it had been the victim of a cyberattack in which ICO tokens for Pundi X, NPER, and Aston were taken. There's also the possibility that tokens for Dent and Tron were stolen as well. The exchange estimates that between $30 million and $40 million were taken; it's working to freeze the stolen assets. The incident spooked investors: cryptocurrency valuations took a significant hit as speculators dumped their holdings.
The G7 (maybe all seven, but at least six of them) agreed to take coordinated, concerted action in response to cyberattacks by hostile states.