26/04/2021: Cybersecurity & Tech News Roundup

Welcome to this Monday’s tech news roundup – this is the place where we keep you up to date on the latest technology happenings, cybersecurity news, and more. Here’s what’s going on in the tech world today:

The Qlocker ransomware gang has generated over $250,000 by locking files on QNAP devices

Qlocker is a notorious group of hackers who have recently been targeting QNAP NAS users worldwide. This far-reaching attack is ongoing, and has led to the group generating over a quarter of a million dollars in less than a week. What type of attack can bring in sums this huge so quickly? Ransomware of course. The gang has been remotely encrypting files on the devices they’ve targeted using the 7zip archive utility, password-protecting the files on their targets’ NAS storage devices and then forcing them to pay up in order to get their data back.

Rather than trying to extract sums well into the millions by breaching a large organisation, Qlocker have opted to go for quantity over quality. They’ve managed to encrypt over a thousand devices since the 19th April, sending a ransom note to each target compelling them to cough up $555 in order to get their hijacked files back. With a current total scammed from users reaching a whopping $258,500 – this approach seems to be highly effective. Read more here.

Data belonging to 20 million BigBasket users has been leaked online

It wasn’t too long ago that BigBasket – a shopping and grocery delivery service – was hacked, but unfortunately it’s happened a second time in the past six months. Both times, ShinyHunters was behind it. Approximately 20 million users have had their personal info leaked, from passwords, to phone numbers, DoBs, addresses, even customer service conversations. While the blame for this falls ultimately on the hacker, and on BigBasket’s lack of robust security, it has been revealed that over 700,000 users used the “password” as their password for the site – a well known security faux pas. Read more here.

A software fault led to Post Office employees facing jailtime for a crime they didn’t commit

Usually, in modern organisations, software comes in to make employees’ lives easier, but in the case of the Post Office – the opposite was true. For the past 20 years, the Post Office has relied on Horizon, software that it insisted could be trusted, however it turns out that it had some serious bugs that affected staff in a big way.

Fatal flaws in the software made it appear that employees had been stealing tens of thousands of pounds, which resulted in many local postmasters getting convicted and even jailed. This all happened because the Post Office blindly trusted Horizon tech and didn’t trust employees, resulting in dedicated posties being imprisoned for theft. This nightmare is now coming to an end for many ex-Post Office workers though, with the bugs in Horizon’s software finally being revealed and this miscarriage of justice finally being rectified. We suspect a massive compensation pay out is soon to come. Read more here.

Want the latest technology news? Check out our Twitter page for upcoming tech world developments and data breach news, or get in contact with a member of our team to see how our security services can keep your organisation out of the headlines.