Intelligence
Cyber Intelligence Weekly Echelon

Cyber Intelligence Weekly (January 12, 2025): Our Take on Three Things You Need to Know

By
Posted on Jan 12 / 2025

Welcome to our weekly newsletter where we share some of the major developments on the future of cybersecurity that you need to know about. Make sure to follow my LinkedIn page as well as Echelon’s LinkedIn page to receive updates on the future of cybersecurity!

To receive these and other curated updates to your inbox on a regular basis, please sign up for our email list here: https://echeloncyber.com/ciw-subscribe

Before we get started on this week’s CIW, I’d like to highlight Incident Response Planning & Tabletop Exercise practice.

From assessing your current capabilities to creating and testing detailed response plans, we provide the expertise and support you need to minimize downtime and mitigate impact. So you can focus on what you do best, your business.

Learn more: https://lnkd.in/exryhzQW

Away we go!

1.  Apple Settles Siri Privacy Lawsuit for $95 Million

Apple has agreed to a $95 million settlement to resolve a class-action lawsuit alleging its Siri voice assistant violated users' privacy by recording conversations unintentionally. Filed in federal court in Oakland, California, the settlement awaits approval by U.S. District Judge Jeffrey White. The lawsuit claims Siri’s accidental activations led to private conversations being recorded and shared with third parties, including advertisers, without users’ consent.

The class-action suit covers Siri-enabled devices, such as iPhones and Apple Watches, from September 17, 2014, to December 31, 2024. Plaintiffs reported incidents where unrelated advertisements followed discussions about specific products or services. For example, ads for sneakers, restaurants, or even surgical treatments appeared after conversations thought to be private. If approved, the settlement will allow tens of millions of affected users to claim up to $20 per eligible device.

While Apple denies any wrongdoing, the settlement highlights ongoing concerns about the privacy implications of voice-activated technology. Apple has yet to comment publicly on the case, but the settlement fund will also include $28.5 million for legal fees and $1.1 million for expenses.

This case follows a broader trend of legal challenges surrounding voice assistants, with a similar lawsuit involving Google Voice Assistant pending in the same California district. As companies like Apple continue to innovate, users are demanding stronger privacy safeguards for emerging technologies that are increasingly integrated into daily life.

2.  Over 4,000 Backdoors Neutralized Through Expired Domain Registration

Cybersecurity researchers from WatchTowr Labs, in collaboration with The Shadowserver Foundation, recently identified and neutralized over 4,000 active web backdoors by taking control of expired domains previously used for malicious command-and-control operations. These backdoors, often left abandoned yet still functional, were found on high-profile targets, including government and university systems, posing significant risks to their infrastructure.

Backdoors, commonly used by threat actors for persistent unauthorized access and remote command execution, were discovered in various forms, including well-known web shells like r57shell, c99shell, and China Chopper. Some of these backdoors exhibited behaviors linked to advanced persistent threat (APT) groups, such as the infamous Lazarus Group, although the researchers clarified that in certain cases, the tools were likely reused by other actors.

To mitigate the threat, WatchTowr researchers acquired more than 40 expired domains associated with the backdoors and set up logging systems to monitor incoming traffic. This approach allowed them to identify over 4,000 compromised systems from diverse locations, including government entities in China, Nigeria, and Bangladesh, as well as educational institutions in Thailand, China, and South Korea.

The effort underscores the risks of abandoned malicious infrastructure and highlights how cybercriminals can repurpose such tools by simply registering expired domains. The Shadowserver Foundation now manages the hijacked domains, sinkholing traffic to prevent future misuse, marking a critical step in protecting potential victims and mitigating future threats.

3.  New York Takes Action Against $2 Million Cryptocurrency Scam Exploiting Remote Job Seekers

The New York Attorney General's Office, in collaboration with the U.S. Secret Service and Queens County District Attorney's Office, has launched legal action to recover over $2 million worth of cryptocurrency stolen in a sophisticated remote job scam. The scammers targeted victims with fraudulent text messages promising high-paying online jobs, only to deceive them into purchasing cryptocurrency, which was then funneled to wallets controlled by the perpetrators.

The scam, which ran from January 2023 to June 2024, involved convincing victims to buy stablecoins like Tether's USDT and Circle's USDC under the guise of conducting product reviews on fake websites. Victims were told to make deposits as part of a registration process, with the promise of reimbursement along with payment for their reviews. When victims attempted to withdraw their funds, the scammers imposed fictitious fees, further exploiting them. One New York victim reportedly lost over $100,000 through this scheme.

New York Attorney General Letitia James emphasized the cruelty of preying on individuals seeking flexible work to support their families. Her office successfully worked with Tether and Circle to freeze some of the stolen cryptocurrency, which can now be reclaimed through court orders. This legal initiative also marks a novel approach in regulatory enforcement: for the first time, notice of litigation will be delivered to scammers via non-fungible tokens (NFTs) deposited into their digital wallets, linking to the Attorney General’s website.

This case underscores the increasing collaboration between crypto companies and law enforcement. Tether’s T3 Financial Crime Unit and other firms have frozen over $126 million in criminal assets globally, showcasing how blockchain technology can aid in tracing illicit activity. As cryptocurrency scams continue to evolve, this effort demonstrates the importance of vigilance and proactive measures in protecting consumers.

Thanks for reading!

About us: Echelon is a full-service cybersecurity consultancy that offers wholistic cybersecurity program building through vCISO or more specific solutions like penetration testing, red teaming, security engineering, cybersecurity compliance, and much more! Learn more about Echelon here: https://echeloncyber.com/about

Are you ready to get started?