hackers

This week in cybersecurity was defined by major attacks and global concern - here are the biggest cybersecurity stories of the week as chosen by the IBTimes UK tech desk.

The National Audit Office (NAO) led an investigation into NHS response to the cyberattack, one of the largest to hit the healthcare service.

The Basetools site went offline shortly after the hacker dumped a sample of Basetools' database and posted the ransom demand.

The scam involves hackers tricking victims into divulging their wallet account passwords, which they would then use to clear out the victims' wallets.

Dark web vendors are selling credentials to hacked Remote Desktop Protocol (RDP) servers, which allow hackers to spy on and steal data from companies, without using malware.

The data of Tarte Cosmetics' customers was left publicly exposed via two unsecured MongoDB databases, which were later accessed by the Cru3lty ransomware gang.

The malware is capable of stealing victims' contacts, reading and sending SMS messages and locking out users from accessing their phones.

The London Bridge Plastic Surgery confirmed the hack and the data theft, adding that it is still working on determining what kind of data was compromised.

NCSC head Ciaran Martin confirmed that "hostile" nation-state hackers had hit Northern Ireland infrastructure in "significant" attacks.

Experts from ESET, a Slovakian antivirus company, said this week (23 October) that both Google and the real Poloniex crypto exchange have been notified.

The DHS and FBI said in a joint report that the threat actors are "actively pursuing their ultimate objectives over a long-term campaign".

Hackers infected the installers of the Eltima Player and Folx apps with the Proton malware, which in turn was downloaded by unsuspecting users.

Research suggested that the new botnet is evolving at a rapid pace, and could soon be weaponised to launch cyberattacks in the same fashion as "Mirai" last year.

The programme encourages researchers to scour for bugs in select popular apps created by Google as well as third-party developers,

The zero-day vulnerability, which was previously exploited by the BlackOasis group, was made public and patched on 16 October.

Malaysian technology website Lowyat reported that the files were offered for sale by an unknown user of its forums.

The hacker group has been active since 2014 and is particularly interested in naval industries, primarily focusing on targets in the US, Western Europe and the South China Sea.

Hackers have now reportedly launched a new site called ATMjackpot that sells a modified version of CutletMaker, complete with video tutorials on how to successfully exploit it.

Norwegian Consumer Council (NCC) released a report this week detailing the issues after testing a number of the devices: the Gator 2, Tinitell, Viksfjord and Xplora.

The latest cryptominer comes amid an uptick in cryptocurrency mining malware campaigns and growing JavaScript-based cryptominers

Microsoft believed that no customer was put at risk by the loss of data. As a result, officials decided not to tell the public about the breach.

BlackOasis targets various figures involved in Middle Eastern politics, including people in the UN, opposition bloggers, activists and regional news reporters, researchers said.

Security experts say the attack was reminiscent of the infamous $81m Bangladesh Bank cyberheist, with similar malware and hacking tools used.

Entitled 'Opposite Number' the 10-part Channel 4 TV drama that was being produced by Mammoth Screen. The show, set in Pyongyang, was targeted by hackers in 2014.

The spam email campaign was sent from domains that closely resembled those used by the legitimate HMRC – in this case it was using hmirc-gov.co.uk, Trustwave experts said.

Pizza Hut said that its website was compromised and hackers stole some of its customers' card data between 1 and 2 October.

The news comes as US President Donald Trump refused to certify the landmark 2015 Iran nuclear deal, which he has continued to describe as a "terrible" deal.

DoubleLocker is based on a banking trojan and could become a "ransom-banker" that tries to wipe out victims' bank or PayPal accounts.

Security experts say that the cybercriminals operating this scam have also been targeting customers of Wells Fargo, Comcast Chase Bank and TD Bank since June.

The internet's largest torrent portal is running Coinhive, which currently runs alongside the site's ads and mines Monero.