hacker

It took a hacker two and a half hours to steal thousands of personal data from Endesa customers. Endesa took a week to notify

by

Endesa Energy has confirmed a cyberattack on its trading platform that has exposed critical information of millions of customers. The breach includes identity documents, bank accounts and data from electricity and gas contracts, which places those affected at risk of fraud and identity theft. What exactly happened. A cybercriminal has managed to circumvent the security measures of Endesa’s commercial platform and access sensitive customer information related to their energy contracts. According to has recognized the company in communications sent to those affected, during the security breach contact information, ID and IBAN numbers from bank accounts would have been extracted. The company ensures that the access passwords have not been compromised. The magnitude of the incident. The hacker responsible, who identifies himself as “Spain,” posted on January 4 on BreachForums, a popular forum in the dark webdetails of the attack claiming to have obtained more than 1 TB of information corresponding to more than 20 million people, according to reported the Digital Shield medium. The cybercriminal assured this medium that he had gained access in less than two and a half hours, and has gone so far as to leak data samples from a thousand clients to demonstrate the authenticity of the stolen information. What type of data is at stake. The hacker claims to have obtained basic personal data (names, surnames, postal addresses and contact information), financial information (IBAN, billing data and account history), energy data (CUPS, active electricity and gas contracts, supply point information) and regulatory data. The risks for clients. Although Endesa considers it “unlikely” that the theft will result in “a high-risk impact on the rights and freedoms of users,” the company warns of several real dangers in its official statement. Cybercriminals could try to impersonate customers, post the data on digital forums, or use it for phishing and spam campaigns. Josep Albors, Director of Research and Awareness at ESET Spain, explains that “the risk does not end with the notification of the breach” and that the exposed information can be reused for months or years to launch targeted fraud. Endesa’s response. The energy company has taken almost a week to publicly acknowledge the incident since the leak became known. The company claims to have immediately activated security protocols, blocked compromised access and notified the competent authorities of the case. In addition, it has enabled telephone lines to resolve doubts: 800 760 366 for Endesa Energía customers and 800 760 250 for those of Energía XXI, its distributor in the regulated market. We have contacted the company to find out more information about it, so we will update the article in case of news. What should those affected do? The problem with this security breach is that the data is surely used for advertising campaigns. phishing and targeted spam. As explained by ESET, the first thing we should keep in mind as affected parties is to distrust any communication that appears to come from Endesa and that includes links, attachments or urgent requests, always contacting the company through official channels. This has not been the case, but it never hurts to frequently review bank accounts to detect unauthorized movements and change passwords, even if the company claims that they have not been compromised, activating security protocols whenever possible. two factor authentication. Free and useful websites like ‘Have I Been Pwned‘ allow us to check if the data has appeared in other known breaches by entering our email. The extortion attempt. According to account According to Escudo Digital, the hacker has tried to negotiate directly with Endesa through emails, although at the moment he has not set a specific ransom figure. The cybercriminal, who says he is not affiliated with any group of ransomware known, has received offers from third parties of up to $250,000 for half of the database, although he claims to have not sold anything yet. “I prefer to wait for Endesa to decide,” he told the media. A worrying trend. Just like they count From the media Expansión, this attack places Endesa on the growing list of large Ibex 35 companies that have suffered cyberattacks in recent months. Companies such as Iberdrola, Iberia, Repsol and Banco Santander have been victims of similar incidents that have compromised customer data. And they have not been the only ones, since cyberattacks and data leaks They are now much more common. In the case of Endesa it seems that we will have to wait for the company to offer more information on the matter. Cover image | Endesa In Xataka | OpenAI just assumed an uncomfortable truth about AI browsers: there is one type of attack that is impossible to block

Having an AI browser that does things for you sounds good. Until a hacker uses it to steal all your money

by

Ask the AI ​​to make a summary of that article that you just saw in Reddit can be very expensive. It is what They just revealed Those responsible for Brave, who have discovered a surprisingly simple way to hack the browser of the perplexity comet to do not only what the user asks, but what an attacker has managed to convince him to do. The danger of leaving everything in the hands of AI is evident. What happened. Brave’s experts, a browser that competes with Chrome or Firefox and also has AI functions, wanted to analyze the risk of using an agetic browser like the one It offers perplexity right now with Comet. And what if they have done it. The browsers with ia promise a lot. Thanks to tools like Comet – Openai too has its chatgpt agentheir of Operator-, It is possible that the browser becomes a kind of digital butler and do things for us autonomously when visiting websites. Thus, you can summarize a news, tell you which song appears in that YouTube video, look for offers, answer emails or complete purchase processes. A priori the advantages are huge, but be careful, because there are also important risks. But be careful to let go of the steering wheel. However, delegating everything in the browser can raise a real threat to the safety and privacy of our data. If we trust them too much, these browsers may have access to all our data, since theoretically they will benefit from access to our email, but also to banking and financial data and even health. What happens if the amazing model or makes mistakes? Or worse: What happens if someone modifies the content in a malicious and invisible way for ia agents to follow malicious instructions? Having the AI. That is just what They discovered in Brave When trying a simple technique. They published a malicious comment on a Reddit thread, and then asked Comet to summarize the article. When they went to do it they verified how Comet did not know whether the content of that thread could or not contain malicious instructions: he simply met them and followed them. And in thread, as can be seen in the video, there were some simple instructions that stole the credentials of their perplexity account and even intercepted the verification code that the platform sent to the user to log in the service. Result: Automatic account by the attacker thanks to the AI. How the attack works. As Brave experts explain, the problem is that the way of hacking this type of browse is not hacking the browsers, but hacking the content, something that is very, very simple. The steps are the following: Configuration: An attack writes Malicious instructions in some content on the web. If you control that site, you can hide instructions using blank text if the background is also white, or in comments or other invisible elements. They can also do it directly “injecting” those instructions through comments in publications on social networks such as Reddit or Facebook. Activation: A user sails to that website and uses the browser with AI. If you do something simple as “Summarize this page“Or ask that certain information be extracted, these malicious instructions are activated. Injection: As the AI ​​processes the information on the page, see those malicious instructions and follow them. It is not able to distinguish whether the content has a malicious purpose or not, and considers everything as part of what you should do at the request of the user. Exploitation: these malicious commands and instructions indicate to the navigator’s tools to perform various actions, such as navigating the user’s bank account, Extract stored passwords In the browser or collect information to a remote server controlled by the attacker. Possible solutions. Those responsible for the study indicate that to protect themselves from these types of problems, agricultural browsers must first differentiate between what the user has asked for and what the user content is. The content of a website “should always be treated as non -reliable.” In addition, the browser with AI should necessarily ask for the user’s interaction to perform certain actions, how to access passwords or perhaps send an email. Restrict permissions to the agetic browser and make good use of Two -step verification systems “With mobile applications such as Google Authenticator, for example,” are also adequate ways to mitigate a problem that can put in many problems the deployment of these tools. Outstanding image | Perplexity, Xataka with mockuuups studio In Xataka | I have tried day, the browser that replaces ARC and bets everything to AI. It hasn’t come out as expected

This hacker began to collaborate with the secret service after being arrested. What nobody knew is that he kept stealing big

by

In the summer of 2003, a routine investigation for a series of robberies in Manhattan led to unexpected finding. An undercover agent of the New York Police Department followed a young man who behaved suspiciously and observed him for several minutes in the lobby of an ATM. I was extracting money with one card after another, All of them falsifiedtaking advantage of the day change to overcome the daily limits of withdrawal. That scene was just the tip of the iceberg of a much more complex criminal network, as detailed years later The New York Times. That young man was called Albert Gonzalez, although on the Internet he preferred to hide After alias as “Soupnazi”. What he did was known in the criminal forums as “CASHING OUT“: Use cloned cards to get cash before banks could react. His detention opened the door to an unprecedented operation. The agents discovered that he stored millions of card numbers on their computer and that, in addition to executing fraud, it had detailed knowledge about cybercrime techniques. Gonzalez was not any criminal The role of this individual in the community of cyber criminals was highlighted: he exercised as a moderator in Shadowcrew, a forum that centralized the exchange of stolen banking data, tools for falsifying cards and advice to exploit vulnerabilities in the financial system. When it was arrested, As NPR points out, He chose to collaborate with the authoritieswhich allowed him to dodge an immediate conviction and become an informant of the Electronic Crimes Unit of the Secret Service. For months, he collaborated in an undercover operation within Shadowcrew and facilitated an international maneuver that culminated in October 2004 with 28 arrested in several countries. The operation, Baptized as Firewallbecame a reference for cybercrime investigations. But the story did not end there. While working for the Government, Gonzalez parallelly built a much more ambitious criminal network. Using various techniques, it accessed internal systems of large American clothing and distribution chains such as TJX (owner of TJ Maxx and Marshalls), Offemax (stationery and office material) or DSW (footwear). Justice data indicate that he and his collaborators stole more than 40 million numbers of credit and debit cards. These intrusions included the installation of “sniffer” programs capable of capturing in real time the data of the cards used in point of sale. The numbers were subsequently encoded on virgin cards and used to remove cash in ATMs. Arrested in the middle of the Firewall operation The final jump came with the use of the SQL injection technique, which allowed to remotely access databases from web forms. With her, Gonzalez and her team They managed to infiltrate Companies servers such as Heartland Payment Systems, one of the main payments processors in the United States. The attack committed the data of millions of transactionsaffecting more than 250 financial entities, and went down in history as the greatest robbery of cards recorded until then. This was detailed by the United States Department of Justice in an official statement issued in 2009. Chains such as 7-Eleven (convenience stores) and Hannaford Brothers (supermarkets) were also affected. Albert González While collaborating with the day authorities, at night he continued to send stolen databases through contacts in Eastern Europe. He used ghost companies, opaque transfer systems and mules to bleach millions. He even sold committed information to hackers who were being investigated, thus feeding new lines of accusation. Finally, after a series of key arrests and the tracking of an email account linked to their old alias, the agents closed the fence. He was arrested in 2008 at a Hotel in Miami. Shortly after, he led researchers to a bidon buried at their parents’ house With more than one million dollars in cash. American justice condemned in 2010 to 20 years and one day in prison for crimes of conspiracy, computer fraud, aggravated identity theft and money laundering. It also imposed two fines of $ 25,000 each, which total a total of $ 50,000, and three years of freedom guarded. The ruling grouped the causes presented in Massachusetts, New Jersey and New York. Albert Gonzalez, who, According to Podcast Malicious Life and The New York Timeshad come to hack NASA being a teenager and had caught the attention of the FBI, ended up becoming one of the greatest traitors of the hacker ecosystem and a key figure to understand the evolution of cybercrime in the era of electronic commerce. On September 19, 2023, he ceased to be in custody of the Federal Bureau of Prisons, As stated in the records of the American prison system with the number 25702-050. Since then, his trail has become discreet, as if he tried to definitely move away from his past. Images | Screen capture | Secret service (1, 2) In Xataka | Some users are using OPENAI O3 and O4-Mini to find out the location of photos: it is a nightmare for privacy

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.