How the Newswire Hack Could Have Been Avoided

laptop computer on the table with notepad and coffee cup with Ntrepid logo in foam

Share this post

12Aug

How the Newswire Hack Could Have Been Avoided

Case Studies, Cyber Security

Tuesday’s indictment of nine people for hacking and insider trading shows once again the power of targeting, the vulnerability of browsers, and that everyone is a potential target.

The criminals hacked their way into three newswire services: PR Newswire, Marketwired, and Business Wire. They grabbed press releases during the interval between upload and release, sometimes as long as days, and traded on the publicly unknown information. Using this technique, they generated over $100 million in illegal gains.

It appears that the attackers used simple phishing emails with links to malware-loaded websites to compromise the newswire companies.

These were not general attacks. These companies and their individual email addresses were specifically targeted for this scam. The use of phishing links rather than attached files is consistent with the trend towards web-delivered malware as the most effective path for compromising endpoints.

That the attackers were able to continue their activities for five years shows the power of narrow and targeted attacks to avoid detection over long periods.

I believe that, had they been using a browser isolation and identity shielding solution like Passages, they might well have avoided most or all of these attacks.

Related Posts

24Feb

Generative AI: A New Frontier for the IoT

Have you happened upon ChatGPT? It’s likely that when you first give it a try, you’ll imagine yourself delivering in... read more

An image of a person on their phone, representing access of the Clubhouse feature.
28Sep

Clubhouse: Drop In and Speak Your Mind 

Clubhouse is an audio-based social app, originally built like an exclusive club, accessible on an iPhone by invite only. Today,... read more

An image of Bitcoin as physical coins with a blue layer over it.
29Aug

Cryptocurrency: Digital Wallets, Keys, and Security

Buying and selling items online has never been easier, thanks to cryptocurrency. A virtual form of payment, cryptocurrency promises efficient,... read more

An image of a woman choosing different social media icons, representing accessing Twitter through it's new Tor extension.
23Jun

Twitter Goes Dark: Twitter’s New Tor Extension for Private Tweeting

Twitter is now going dark with their new Tor extension that boasts more private and secure tweeting. The extension promises... read more

An image of a woman with icons on her face, representing the concept of a signature.
24May

Your Signature Is Everything

Every time you go online, you leave behind traces of yourself. This can include things like the browser you’re using,... read more

An image of a laptop with a skull on the screen, representing an image of the dark web.
25Mar

OSINT Techniques Series: Avoiding the Bugged Website

The risk of human error remains the greatest liability to national security organizations. Our OSINT techniques blog series aims to... read more

A map representing Geolocation and image OSINT.
10Mar

OSINT Techniques Series: A Geolocation Case Study

For many analysts, the OSINT process starts with a request for information (RFI), which results in analysts immediately collecting as... read more

law enforcement vehicle with flashing lights
20Oct

Case Study: Managed Attribution for OSINT Operations

Code Name Osian Osian’s mission is to conduct online research, gathering OSINT to build a narrative about groups of interest. Prior... read more