NZX Ltd, operator of New Zealand’s stock exchange, halted trading for a few hours yesterday as it sustained a cyberattack. Reuters reports that it was the second such attack the exchange had suffered in as many days. According to Security Brief, the incident was a distributed denial-of-service (DDoS) attack, specifically a “volumetric distributed denial of service attack from offshore.” The attack remains under investigation.
Infosecurity Magazine reports that CISA and the FBI have issued a joint flash alert concerning the GoldenSpy malware embedded in tax software that Beijing requires businesses operating in China to use.
Two mercenary groups are drawing attention. The first, “DeathStalker,” identified (and named) by Kaspersky, targets financial services and legal firms. DeathStalker doesn’t seem to be monetizing its hacking in any obvious way: it’s not demanding ransom, and its take hasn’t been seen for sale in any of the usual dark web souks. This suggests that it’s a hack-for-hire operation.
Bitdefender describes the other mercenary crew, which so far hasn’t been named, as a commercial espionage outfit. The target is an unnamed luxury real estate company with a large architectural practice, and the hackers used a maliciously crafted plugin for Autodesk 3ds Max, a widely used 3D computer graphic tool. The plugin deploys a backdoor used to scout for valuable files. Command-and-control telemetry suggests there may be other, unidentified victims in South Korea, United States, Japan, and South Africa.
The Washington Post reports that Thailand is cracking down on social media critical of the country’s monarchy.