Wrapping oneself in an allegedly altruistic motive does not remove the criminal stench from such intrusion, theft, and fraud." "These actions can increase vulnerabilities for everyone from large corporations to individual consumers. "Stealing credentials and data, and publishing source code and proprietary and sensitive information on the web is not protected speech - it is theft and fraud," said Acting U.S. Then last Friday, Swiss authorities raided Kottmann's apartment and seized the hacker's electronic devices at the behest of U.S. Kottmann, who calls the hacktivist collective "Advanced Persistent Threat 69420," told Bloomberg the breach "exposes just how broadly we're being surveilled, and how little care is put into at least securing the platforms used to do so, pursuing nothing but profit," while attempting to justify their actions as part of a "fight for freedom of information and against intellectual property." The defendant's long list of victims includes Nissan, Intel, Mercedes-Benz, and many others, including the Verkada breach that happened earlier this month, thereby gaining access to more than 150,000 of the company's cameras installed in various locations ranging from Tesla warehouses to gyms, psychiatric hospitals, and health clinics. Federal Bureau of Investigation (FBI) seized the domain that was used to publish hacked data online. Additionally, the prosecutors said the U.S. Kottmann is alleged to have cloned the source code and other confidential files containing hard-coded administrative credentials and access keys, using them to infiltrate the internal infrastructure of victims further and copy additional records and intellectual property. Till Kottmann (aka "deletescape" and "tillie crimew"), 21, of Lucerne, Switzerland, and their co-conspirators were accused of hacking dozens of companies and government agencies since 2019 by targeting their "git" and other source code repositories and posting the proprietary data of more than 100 entities on a website called gitrip, according to the indictment. Department of Justice (DoJ) on Thursday with conspiracy, wire fraud, and identity theft. Department of Justice yesterday announced updates on two separate cases involving cyberattacks-a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company.Ī Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S. IoT is going to be pervasive, so are the associated security concerns Incidents like this reveal the lack of robust IoT security practices.The U.S. The hackers obtained the "root" access on the cameras, which enabled them to pivot and access the broader corporate network of Verkada's customers or hijack the cameras and use them as a platform to launch future hacks. Hackers gained access to Verkada through a "Super Admin" account, details of which were publicly exposed on the internet, allowing them to access all of its customers' cameras. The hackers obtained access to 222 cameras in Tesla's factories and warehouses. In addition, hackers got access to Verkada's entire video archive of all of its customers. Companies whose feeds were exposed include the electric car maker Tesla and cloud security provider Cloudflare. In this event, a group of hackers claimed to have gained access to the live footage of 150,000 surveillance cameras from various locations, including jails, hospitals, gyms, companies, and schools. Recently, the Sequoia-backed start-up Verkada suffered a major cyber-attack.
0 Comments
Leave a Reply. |