hack - Pwim.Net

Fusion Hacked? CEO Says That 10M FSN Tokens are Gone

The blockchain-based financial platform, Fusion Network has announced a compromised wallet on Sept. 28. The Fusion swap wallet compromise resulted in a theft of 10 million native FSN tokens.

On Sept.28, Fusion Foundation’s CEO, DJ Qian announced in the official telegram group that the token-swap wallet with an Ethereum address to swap ERC-20 FSN tokens for the tokens on the FSN mainnet had been compromised.

Qian announced on the telegram group:

“After it was stole, we found the [thief] kept moving those stolen FSN in order to wash the address holding FSN, and sent part of the them to exchanges to sell.”

The theft was due to a compromise of the swap wallet’s private key after the private key was stolen, abnormal wash-trading of the tokens were observed, in exchanges such as Bitmax and Hotbit. The loss of funds appeared to have been worth approximately $6.4 million at the time of the hack.

The remaining tokens in the wallet had been moved to a cold storage address, while major exchanges such as OKEx, Huobi, and Bitmax had been contacted.

Qian stated that a certain individual with access to the foundation’s wallet’s private keys was to blame and has collected evidence that is substantial enough to be reported to the police.

Forbidden Wealth: 80,000 Bitcoin Abandoned for Nearly a Decade

A Bitcoin wallet address said to be associated with the now-defunct Mt. Gox Exchange holding an estimated 80,000 Bitcoin worth around $800 million, is said to be untouched revealed by a sourceon Feb 17. The asset is shown to have remained untouched since the days after the hack of the once renowned exchange.

With the funds on the wallet already tainted and duly tagged as high risk making it quite difficult to cash out, spectators are left to wonder if the wallet will ever see withdrawal or transfer of funds as all eyes are well fixed on it from the period after the hack.

As the years after the Mt. Gox disaster continues to roll by, the situation still leaves a bitter taste in the cryptocurrencyworld. Recalling the year 2011, when the now liquidated exchange suffered a high profiled hack and breach of security of the exchange at a time when it boasts of a whopping 70% of Bitcoin’s overall global trade volume.

The official accepted report claimed hackers exploited the already breached Mt. Gox admin account to crash the price of Bitcoinon the exchange. With price artificially pushed down, the hackers went to town, buying up super cheap Bitcoin in large quantities.

Accounts of the exchange users were also targeted, and an estimated loss of 25,000 Bitcoin was stolen from 478 accountstotaling to a huge $8.75 at the time of the hack.

Recent news credited to a Redditor (jwinterm), claims the Bitcoin address, the sixth-largest Bitcoin Address associated with the original Mt. Gox hack has been unearthed. With a balance of 75,957.20 BTC, clearly showing no single satoshi has ever been moved out of it.

Chainalysis, a blockchain analytics firm that has been keeping a close watch on the stolen Bitcoin while speaking to Decrypt, suggested that the issues surrounding the address have kept the funds in a state of being treated as a poisoned chalice that should be distanced from.

According to Chainalysis representatives Maddie Kennedy, it is of the opinion that there exist two assumed possibilities why the funds have not been moved, which includes loss of access to the address or simply the fear of moving the funds without being tracked down.

Image via Shutterstock

Ledger and Tezor Dismiss Rumor That Hackers Have Stolen Data from Popular Crypto Wallet Providers

Cybersecurity company “Under The Breach” has revealed that customers who have bought products using Shopify and bought items from companies such as KeepKey, Trezor, Bnktothefuture, and Ledger may have had their data leaked.

The cybersecurity company tweeted screenshots from a hacker trying to sell stolen data from KeepKey, Ledger, Trezor, and Bnktothefuture users.

The ‘Rumored’ Hack

The cybersecurity company further mentioned that the data was stolen after the hacker exploited weaknesses in the e-commerce website Shopify. The cybersecurity company posted screenshots in which the hacker advertised huge databases with information associated with an alleged 80,000 customers. This includes the customer’s name, email address, residential address, phone number, and other pieces of data.

The hacker is claimed to be the same individual who hacked the forum Ethereum.org in 2016. The hacker is now claiming to have the databases for Ledger, Trezor, and KeepKey users, including other important information. The hacker also claims to have hacked the Bnktothefuture SQL database and stole identify information from the investment platform. The databases are up for sale, but it may turn out to be false and publicity stunt.

A communications manager at Shopify said: “We investigated these claims and found no evidence to substantiate them, and no evidence of any compromise of Shopify’s system.”

Two of the four firms have taken the allegations seriously.

Ledger made a follow-up on the matter, terming it as a rumor. The hard wallet provider claims that so far, the allegedly hacked database does not match its real database. Ledger said that it is likely that the hacker is totally lying. The company confirmed that it will be continuing its investigations on the issue.

Trezor tweeted its confirmation that there are rumors going around that its e-shop database has been attacked through a Shopify exploit. The company clarified that its e-shop doesn’t use Shopify, thus making a Shopify-related hack impossible. The firm said: “We are nonetheless investigating the situation. We’ve been also routinely purging old customer records from the database to minimize the possible impact.”

The hacker has several dubious claims and is reported to have databases for almost 20 crypto exchanges globally. Nobody can confirm whether or not the hacker truly does have these databases. So far it appears to be more hearsay.

US Law Firms Had Data Stolen and Encrypted by Hackers Demanding Crypto Ransoms

Various big companies seem to have been the victim of recent cyberattacks, which has led to the theft of a massive amount of private information from customers. Hackers have recently breached five US law firms and encrypted their data, thus forcing each firm to pay 100 Bitcoins (about $918,500 at the time of this report) to restore their access. The hacker group identified as “Maze” also has threatened to sell some stolen data in case the firms refused to pay a ransom. The hackers have developed the habit of publishing small parts of stolen data and release more and more sensitive aspects until victimized firms pay a ransom. Hackers demanding ransoms in Bitcoin have a negative impact on the public image of cryptos, making people believe that such coins are just meant for criminals. Last year was marked not only by multiple ransoms demanding cryptocurrencies but also by major cryptocurrency scams.

Image via Shutterstock

Twitter Hack Goes Viral as Bill Gates, Elon Musk, and Biden Hit by Massive Bitcoin Scam

Twitter has gone haywire as news of a Bitcoin scam hack targeting multiple high-profile figures such as Bill Gates, Elon Musk, Joe Biden, Jeff Bezos, and even multinational tech company Apple has broken out.

The scammers that hijacked multitudes of verified Twitter accounts belonging to celebrities and key influential figures issued the same message across all platforms:

“I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.”

This type of promise is a common technique used by crypto scammers to incite people to wire funds straight to their digital wallets.

On Tesla CEO Elon Musk’s account, hackers posted a pinned Tweet entailing that the entrepreneur was going to double any Bitcoin (BTC) amount sent to his BTC wallet address. The multi-faceted entrepreneur is known to possess 0.25 Bitcoins.

Ten minutes into the post, the wallet address displayed on Musk’s Twitter had already received 3.64 Bitcoins, which translated to $34 498 at the time of the reporting. The original tweet was soon deleted by Twitter Support. However, soon after the original post was removed, a new version popped up within seconds, clueing investigators into the fact that the Bitcoin attack was still ongoing.

Donations to another Bitcoin address created by crypto scammers were said to have surpassed $100,000 in collected funds.

After numerous influential Twitter accounts were discovered to be compromised — Kim Kardashian, Kanye West, Bill Gates, Barack Obama, Michael Bloomberg, Uber, Binance, Coinbase, to name a few— scam tweets were still up and running for more than an hour.

Presidential runner Joe Biden’s official Twitter account was among those that were hijacked by scam artists. The scam was however contained and the post deleted within minutes. Chief executive of cybersecurity firm SocialProofSecurity Rachel Tobac addressed the issue and expressed her surprise as to Twitter not going “completely dark to prevent misinformation campaigns and political upheaval.” However, she said that it was a stroke of luck that the attackers were Bitcoin and money-motivated and not aiming for chaos and destruction.

Twitter support then went on to temporarily prevent all verified accounts on their social media platform from tweeting for about half an hour. They tried to reassure their social media community by tweeting that they were working on the security incident and investigating further to fix the breach. Updates will soon be provided, Twitter Support posted.

DOJ Extradites Bitcoin Thief From Cyprus Along With Hezbollah Terrorist

The US Department of Justice has extradited two criminals from Cyprus—one with known connections to terrorism and the other on suspicion of stealing thousands in Bitcoin.

Two accused criminals have been extradited from Cyprus by the DOJ, one for stealing thousands of dollars worth of Bitcoin, and the other is a money launderer connected to the terrorist organization Hezbollah.

According to the DOJ, a Cypriot national named Joshua Polloso Epifaniou stands accused of conspiracy to commit wire fraud, identity theft, and extortion. The DOJ alleges that Epifanou, along with his co-conspirators, targeted a Californian online game publisher, a hardware company in New York, an online sports website and an employment website in Virginia—to steal users personal information between 2014 and 2016. Epifaniou allegedly gained access to these networks and managed to defraud them of over $55,000 dollars in Bitcoin.

Per the report, “After obtaining the personal identifying information, Epifaniou allegedly used proxy servers located in foreign countries to log into online email accounts and send messages to the victim websites threatening to leak the sensitive data unless a ransom was paid. He is alleged to have defrauded the entities of $56,850 in bitcoin, and two victims incurred losses of over $530,000 from remediation costs associated with the incident.”

In addition, Epifaniou has been accused of organizing a brute force attack on Ripoff Report in 2016. A brute force attack is a trial-and-error method used to obtain information, such as a user password or personal identification number. Epifaniou allegedly used the attack to successfully override Ripoff Report’s login and password protection to access its database through an existing account for a ROR employee. He then allegedly held the database ransom for $90,000.

The other man extradited from Cyprus is Ghassan Diab who has been identified by the DOJ as a member of Hezbollah. The Lebanese national, Diab is suspected of money laundering over $100,000 and conspiring to launder a further $100,000 as well as standing accused of the unlicensed transmission of currency.

The news comes just days after another criminal complaint was filed on July 9 by the DOJ charging a New York resident—Douglas Jae Woo Kim, 27 years old, with wire fraud in where he allegedly conned three investors out of over $4.5 million of Ethereum and Bitcoin.

Ethereum Calls On Hackers to Attack Ethereum 2.0 in Exchange for Bug Bounty

With Ethereum’s plans to launch its 2.0 protocol network, the open-source platform has also decided to tweak its blockchain project to perfection by calling all hackers and challenging them to break into two Ethereum 2.0 attack networks.

Ethereum Creates the “Hacking Challenge”

What an attack network basically entails is a virtual attempt to break into an organization’s network, without the necessary authentication access passwords and locks required. Usually, the objective of an attack network is simply to steal data or perform other malicious activities.

In the case of Ethereum’s public “attack network” launch, it is mainly to test the vulnerabilities and potential security loopholes of Ethereum 2.0, which consists of an upgrade from the Ethereum blockchain. The cryptocurrency platform hopes that with this “attack network” set in place, Ethereum 2.0 will be perfected — shortcomings of the blockchain may be brought to light with the challenge, that simple testing just won’t be able to reveal.

How to Overcome the Attack Networks

The goal of the attack challenge launched by Ethereum is to prevent finality for 16 consecutive epochs on a network. This means that in order to successfully accomplish the digital mission, hackers would need to be able to intercept “finality” from happening for at least 102 minutes (1 h 42 min). “Finality” simply refers to a type of faster on-chain communication, where a block transaction, once finalized, will not be reversible and will therefore not have to wait for multiple acknowledgments before proceeding forward.

The objective of these attack networks is for others to find potential vulnerabilities and security loopholes that simple testing might not reveal.

In exchange for hackers’ efforts, Ethereum will award a $5000 bounty for each individual hacker or hack group who successfully completes their request.

Ethereum Co-Founder Speaks of 2.0 Project

Vitalik Buterin, one of Ethereum’s most recognized co-founders, is particularly proud when speaking of his Ethereum 2.0, and he emphasizes the fact that the data capacity of the developing blockchain will be immense. However, as his blockchain ecosystem is still developing, the upgrade will not translate to higher scalable transactions, meaning that the blockchain will not necessarily process more transactions.

Another key feature of Ethereum 2.0 is the fact that it will run on a Proof-of-Stake consensus algorithm instead of the current Proof-of-Work Ethereum mainnet. This will enable users in the Ethereum network to lock up their accumulated digital coins and get paid for helping secure the blockchain.

Charles Hoskinson Proposes Solution to Fix Twitter’s Problem, Taking Digital Identity to the Blockchain Age

With the recent Twitter hack, implicating individuals including Elon Musk, Bill Gates, Joe Biden, and a few others, Cardano founder Charles Hoskinson spoke about the issue in his most recent Whiteboard video.

In proposing a solution to this problem, Hoskinson suggested that Twitter does not need to “change much,” and that “Twitter works.” He added that Twitter does not need to make radical changes and that the authentication and verification process should be easy to use and understand.

In addition, the IOHK CEO said that the process should be built on solid foundations, no business model changes should be made, and it should be cheap and easy to maintain.

With the foundations of solving the issue, Hoskinson explained that cryptographic signatures could be a part of the solution for “fixing Twitter.”

“A signature is where somebody takes a message, […] and they sign it with a mathematical function using their private key, and that creates a signed message.”

Verification can be authenticated as the public key will be able to determine whether the course of action taken is legitimate.

Digital Identification Foundation

Hoskinson introduced a new standard, called the DID (decentralized identification) standard, which originated from the W3C. DID provides a standard to handle online identities using public and private keys. DIF, the digital identity foundation utilizes the DID standard, which is made up of members including Microsoft, IBM, Hyperledger, IOHK, Accenture, and others. He added, “There are lots of standards and we’re building this as a community in an ecosystem.”

The DID standard, as explained by Hoskinson, can be used for cryptocurrencies, as a part of the public key function.

Introducing the idea of “Verified Tweets”

The Cardano founder’s idea of a “verified tweet,” includes the process of sending out the tweet, then creating a hash related to the tweet, and finally a signature with the user’s private key. The hash is linked to the tweet, to verify the tweet hasn’t been tampered with, and the private key is used to sign the tweet.

This would process would result in two tweets, a verified tweet, and a regular tweet. The verified tweet would have the display of the tweet along with a verified symbol, while the regular would not. Hoskinson argues that this process would not be changing the Twitter verification process drastically. He added:

“A verified tweet would allow me to verify that the person tweeting controls it. […] The issue with the Twitter hack is Twitter itself was hacked, so how about we implement this type of solution without requiring Twitter much for that?”

Hoskinson’s proposed solution for Twitter

A user can simply create a new decentralized identifier, or import an existing DID to a whitelisted ID verifier. The whitelisted ID verifier could be a government identity or VeriSign, and this entity could check with all the supporting evidence provided in the process to ensure that the identity presented is legitimate. The verifier would then sign with their key, which then sends it back to Twitter.

Once Twitter receives the DID, they will be able to sign it as well, as long as it meets Twitter’s standards. The DID will have two signatures, one from the whitelisted authority, and the other from Twitter. The user would not be able to forge the signatures, as the user does not have those private keys. However, the user would be able to control the private key associate with the DID. The DID will then be embedded in a blockchain.

Taking the Cardano blockchain as an example, there would be beneficial features, including timestamping, auditability, and immutability. Hoskinson added:

“When the DID is embedded there, you have an ordering of events. You know when it first came in, and you can change it over time. It’s always there. Audit means that anybody can check it, in the entire world, no one can restrict your ability to check that and immutable means that nobody can change the record once it’s there.”

Cardano’s Prism framework

Charles Hoskinson further elaborated on Cardano’s Prism, which has a lot of built-in capabilities that would make the verification process easy on both providers, Twitter, and the whitelisted ID verifier.

With this proposed process, even if Twitter gets hacked and the hackers decided to send out a tweet from a user, the user would only be able to send out unverified tweets. Hoskinson said:

“You can even have a policy for high-value users that they can only send verified tweets, they can’t send anything else, meaning no one can tweet on their behalf.”

By utilizing the Cardano Prism framework, capabilities including threshold proofs, which requires the users to have certain qualities, including age or access. This would be enabled by zero-knowledge proofs. Hoskinson explained:

“The benefit to the end-user is that when we see Trump, or Bill Gates, or Elon Musk tweeting, we now have verified tweet to verify that it’s actually coming from them. No more giveaway scams, they die forever. No more impersonations, if Twitter itself gets hacked, doesn’t matter — no one can actually compromise the account.”

According to Hoskinson, the option of multi-sig tweets would allow for an extra layer of security and curation by having chains of signatures.

The IOHK CEO said that he would be happy to build this process, concluding, “Jack [Dorsey] you know where to find me, send me a private message, I’m sorry you guys went through this but […] great companies always recover, and they recover through great ideas.”

Apple Co-Founder Steve Wozniak Sues Google and YouTube Over Fraudulent Bitcoin Scam Videos

Legal team for Steve Wozniak, co-founder of tech powerhouse Apple, announced a lawsuit against YouTube and their parent company Google, alleging that the media companies failed to take down fraudulent videos that impersonated Wozniak. The videos were created in the purpose of driving Bitcoin funds.

Apple Demands Justice

Wozniak mentioned that the videos were not only impersonating him, but also other key tech celebrity figures such as Elon Musk and Bill Gates in the efforts of accumulating Bitcoin (BTC) assets. The scam videos in question would illustrate images of Wozniak and misled YouTube subscribers to think that if they sent cryptocurrencies to a designated wallet address, they would receive twice the amount of BTC back. The Apple co-founder stated in his lawsuit that YouTube should have been the one responsible for removing the Bitcoin scam videos.

Wozniak filed the legal complaint under the pretense that YouTube and Google had repeatedly ignored requests to take down crypto scam videos, and that they knowingly promoted and made a profit of the fraudulent streams, by providing advertising on top of it. According to Joe Cotchett, who is part of the Apple co-founder’s legal team, presented this argument:

“When Twitter was hit with a massive hack of 130 celebrity accounts, they were quick to shut down the Bitcoin scam in a day. In a stark contrast, the Complaint alleges that YouTube knowingly allowed the Bitcoin scam to go on for months promoted it and profited from it by selling targeted advertising.”

YouTube Joins Twitter in BTC Scams

What Joe Cotchett was referring to is none other than the infamous Twiter hack attack that happened last week, and that ironically went viral. With investors hoping that the price of Bitcoin will surge on the crypto market, Bitcoin scams are becoming increasingly common.

Last week, Twitter suffered from a similar BTC scam that was so successful and invasive that it locked down the platform for a while. The hack attack was unlike anything Twitter has ever experienced and created quite a ripple, with multiple celebrity verified accounts being compromised. World-famous verified accounts that were ceased ranged from Kanye West’s to political figures Joe Biden and Barack Obama’s Twitter, and similar messages appeared on all platform.

The messages linked the hackers’ wallet address and was used to channel Bitcoin funds straight into the crypto scheme artists’ digital pockets.

Unfortunately, YouTube still appears to be dominating in terms of the platform which scam artists resort to the most. The video content platform has been receiving alot of backlash lately, not only from multimedia tech company Apple, but also from other digital ecosystems that have filed lawsuits for similar reasons.

Ripple Also Rips at YouTube

In fact, earlier this week, cryptocurrency exchange Ripple’s legal team also filed a lawsuit against the video content platform for not taking down XRP crypto scam videos impersonating Ripple Labs Founder Brad Garlinghouse. The crypto exchange founder was even more angered by the fact that YouTube could benefit from paid ads that streamed on their platform and that was generated automatically with the scam videos.

Twitter CEO Jack Dorsey Apologizes for Bitcoin Hack, But Not Before Dutch Politician Was Compromised

Twitter CEO Jack Dorsey came forward on Thursday to apologize thoroughly for his social network company’s failure to prohibit and shut down Bitcoin scam artists’ digital heist of important verified accounts, that ranged from that of tech moguls Elon Musk and Bill Gates to political figure Joe Biden.

The hack was reported to be the biggest one that Twitter has suffered in all of its history, resulting in the seizure of at least 130 accounts on the social platform. All pertained to prominent figures and celebrities, and hackers tweeted out the same message through at least 45 of those accounts, demanding for Bitcoin (BTC) funds. The message that appeared on Elon Musk’s verified account was formulated as so:

“I am giving back to the community. All Bitcoin sent to the address below will be sent back doubled! If you send $1,000, I will send back $2,000. Only doing this for 30 minutes.”

Other accounts, such as that of coin exchange Binance, depicted that the coin exchange had partnered with “CryptoForHealth” and was looking to give back 5000 BTC to the community.

Did Hackers Have a Political Agenda?

Of all the accounts, hackers accessed the private messages of 36 verified accounts. CEO Dorsey revealed that one of those accounts belonged to an elected political official in the Netherlands. Twitter however does not believe any other former or current elected political figures’ direct messages were accessed. This may come as a bit of reassurance to former President of the United States, Barack Obama, and political runner-up, Joe Biden, who also had compromised social media accounts.

Identity of Hacked Political Account Comes to Light

Though Twitter has not disclosed the identity behind the Netherlands elected official’s hacked account, recent information has come to light that may suggest that it belonged to no other but Dutch politician Geert Wilders.

The far-right politician told BBC news recently that Twitter was referring to his verified account when it mentioned that one of the 36 accounts that had their direct private messages snooped through belonged to an elected political official.

Political Figure Spills the Beans

During the Twitter Bitcoin scam attack last week, Wilders’ profile picture was replaced with a cartoon of a black man, and his account’s background picture was switched to the Moroccan flag. The far-right Dutch politician is quite a figure in the Netherlands, as his Freedom Party is the second biggest part in the Netherlands’ House of Representatives.

Wilders told BBC that he had been using Twitter’s direct message tool for about 10 years now. He went on to say that he was informed by Twitter following the fraudulent hack that not only had his Twitter account been hacked for some days, but the hackers also posted tweets on his account and sent DMs in his name. He confirmed that the hackers indeed got full access to his DMS, which “is totally unacceptable in many ways.”

The Dutch politician is extremely concerned with the Twitter security breach, as his Freedom Party had campaigned to ban Muslim immigration and shut down mosques. He expressed his view:

“People critical of Islam or regimes in the Middle East [including those] from within countries like Iran, Saudi Arabia and Syria [have sent me DMs over 10 years] and I do hope they will not be in danger if their identity would be exposed because of this hack. I had deleted most of them but maybe some were left there for the hacker to see and copy.”

CEO Jack Dorsey and Twitter Apologizes

Twitter took matters into their own hands and commented on the incident, saying that they have recently implemented safeguards to improve the firewall security of their internal systems. They went on to add that they were working in collaboration with law enforcement to further the investigations of the infamous Twitter BTC scam. Twitter also apologetically said that they are committed to regaining “the trust of all their stakeholders with their every action, including how they address the security issue.”

Twitter Not The Only Victim of Bitcoin Schemes

Bitcoin scams are becoming increasingly common on social media networks, as Twitter is not the only platform that has been targeted in such fraudulent attacks. YouTube has also recently been faced with a lot of backlash, resulting in lawsuits, due to the volume of cryptocurrency scam videos streaming through their platform.

Apple Sues YouTube

In recent news, co-founder of Apple Steve Wozniak filed a lawsuit against YouTube for the video content platform’s failure to take down fraudulent videos that impersonated Wozniak in an effort to extort XRP funds from YouTube subscribers. Google is also implicated in the lawsuit, as they are the parent company of YouTube.

Ransomware Attacks Target English Football League, Data Withheld for $3.8 Million Bitcoin

The UK National Cyber Security Centre (NCSC) has issued a warning saying that football teams are at increased risk of phishing campaigns and ransomware attacks. On July 23, the agency published a 28-page report titled (The Cyber Threat to Sports Organizations) stating that ransomware is a significant threat for sports organizations.

The National Cyber Security Centre is a UK government institution that offers support and advice for the private and public sectors on how to avoid computer security threats. The institution is based in London and started its operations in 2016.

Football Teams Have Become Perfect Targets

According to the NCSC’s report, the English Football League (EFL) club has recently become a victim of cyber-attack. The hackers encrypted all security and corporate systems of the club and demanded a ransom of 400 Bitcoins value of $3.8 million in order to release the decryption key.

Since the owners of the club refused to pay the stated amount, the hackers took revenge to further encrypt the club’s end-user devices.

It is not clear what kind of attack vector used. However, the NCSC said that the initial infection was a result of either a phishing email or accessing the club’s CCTV system remotely and installing ransomware on the system.

Since all systems at the stadium were connected to one network, the infection of the attack spread quickly. It is estimated that the club lost several hundred thousand British pounds. Many servers were also affected, thus leaving the club unable to use their corporate email.

The stadium’s turnstiles and CCTV were non-operational, an incident that nearly resulted in a cancellation and postponement of fixtures.

Paul Chichester, NCSC director of operations, stated that football clubs might not view cybercrimes as a significant threat. But it remains a serious issue for the UK’s broader cybersecurity goals.

As per the report, football clubs are on a target and, therefore, they have to take this issue seriously. The report further mentioned that hackers recently attacked a prominent Premier League club. The hackers used fake emails to steal over one million pounds before someone at the club, detecting suspicious transactions, and taking action.

Hackers are casting a wider net in hopes of infecting as many individual machines as possible. According to NCSC’s warning, over 70% of UK sports organizations have experienced cybersecurity breaches in 2020. The watchdog, therefore, recommends that football clubs must allocate resources, money, and part of their time towards protecting their data to prevent such hacks.

Fears of More Hostage Situations

Sports organizations are some of the major institutions known as financially profitable and thus are becoming valuable targets for ransomware attacks. Attacks begin with an innocent email. When someone clicks the link the email, hackers quickly take over. It works like that. Computers at organizations are locked, and the only way for workers to get back their system is to pay the attackers thousands of dollars’ worth of Bitcoin.

There is no guarantee that hackers won’t do it again. Besides hospitals, local government offices, and schools, many attacks have targeted sports organizations this year. To make the matter worse, several organizations choose not to report such incidents as they want to avoid news coverage and resorting to sending payouts to attackers.