No, I think this is just called a bounty: Invoking imagery from Lee Major’s Fall Guy or Keira Knightley’s Domino, a cryptography borrowing and savings company has offered an attacker $200,000 as a bug bounty in return for the $2m in funds they stole late last week. Gibraltar-based Akropolis was attacked on Thursday, when an individual exploited a bug in the deposit logic of its SavingsModule smart contract to make off with a little over two million in DAI virtual currency. However, the firm’s security company PeckShield claimed to have located the attacker’s Ethereum account, where the funds were transferred to, and said it is monitoring it for any further movement. Read more here.
Kim Jong Un at it again?: Lazarus malware has been tracked in new campaigns against South Korean supply chains, made possible through stolen security certificates. On Monday, cybersecurity researchers from ESET revealed the abuse of the certificates, stolen from two separate, legitimate South Korean companies. Lazarus, also known as Hidden Cobra, is an umbrella term for select threat groups — including offshoot entities — suspected of being tied to North Korea. Read more here.
An Apple a day keeps the hacker away? : Apple has been forced to clarify how its Gatekeeper anti-malware platform works after security researchers suggested the system was violating privacy. The company, as spotted by 9to5Mac, has updated its support documentation to explain that the system does not track what its users are doing. At the same time, Apple has said that it will change how Gatekeeper functions in future to further minimize future risks. Read more here.
