Cybersecurity Decrypted #42: Abacus Market Falls, Videogame Pirates Foiled, And McDonalds Avoids Being McHacked

• Major drug & cybercrime marketplace goes dark: Abacus Market, the Western world’s largest dark web marketplace, has shut down in a suspected exit scam, in which the site admin “cuts and runs”, taking users’ funds with them. 🔗
• FBI wins “major victory” for video game industry: The bureau has taken down multiple popular piracy sites that had been used to illegally download Nintendo Switch and PS4 games, resulting in an estimated loss of $170 million. 🔗
• Poor password practice puts McDonald’s applicants at risk: Security researchers Sam Curry and Ian Carroll have discovered a flaw in McDonalds’ McHire software with the power to expose the data of 64k applicants. The flaw, which has now been fixed, involved an IDOR and the ChatBot’s admin panel using the default credentials 123456:123456. 🔗

In recent months, we’ve seen a huge escalation of cyber-warfare activities globally: the DHS warned that pro-Iranian hacktivist groups are likely to launch attacks against US networks following US airstrikes on Iranian nuclear bases; the Israel-linked “Predatory Sparrow” group torched $90M on Iran’s largest crypto exchange; the Iranian-aligned hacking group “Bladed Feline” was seen targeting Middle Eastern governments;  and Russian- and Ukrainian-aligned groups have been consistently carrying out espionage attacks.

In last week’s issue of Decrypted, we discussed how cybercriminals are using AI to improve the efficiency of their attacks and the impact this could have on the threat landscape. But this week, the Pentagon has decided to embrace AI to turn the tables on cyber warfare.

On Monday, the US Department of Defense awarded four AI kingpins with $200 million contracts to help develop task-specific agentic AI systems for defense operations:

• OpenAI will provide its latest models and custom variants to be used for proactive cyber defense.
• Anthropic will provide new AI systems tailored to national security needs, focusing on adversarial risk mitigation and fine-tuning outputs on department data.
• Google will provide access to its secure AI infrastructure to help scale AI within the DoD’s enterprise architecture.
• xAI will provide a suite of custom-built tools for classified and national security environments for use across science, healthcare, and defense.

“We are moving into a threat landscape of autonomous cyber weapons,” SVP of Security and AI Strategy and Field CISO Nicole Carignan told Expert Insights this week. “There is going to be autonomous cyber warfare. And I think we are fully prepared and ready to defend against this type of threat —as long as organizations adopt this emerging technology safely, responsibly, collaboratively, and with trust in order to facilitate that protection.”

Industry news, including funding, acquisitions and new product releases to watch this week. 

• Exein raises €70 million in Series C funding: The IoT security firm will use the investment (the equivalent of $81 million) to seize M&A opportunities in the European and US markets. 🔗
• Microsoft and Accenture announce collaboration: The two companies plan to co-invest in the development of genAI-driven security tools. 🔗
• MITRE announces new crypto framework: Modelled after MITRE ATT&CK, the new AADAPT framework provides documentation for identifying, investigating, and remediating vulnerabilities in digital financial systems. 🔗

Threats and APTs

• 350M cars exposed to remote hacking: Researchers at PCA Cyber Security have discovered a vulnerability in the BlueSDK Bluetooth framework that could enable remote code execution in millions of car infotainment systems, allowing attackers to steal location and phone contact data, as well as record audio from inside the vehicle. 🔗
• 5M impacted by US healthcare breach: A recent attack against UnitedHealth subsidiary Episource exposed customers’ health insurance details, diagnosis records, and Social Security numbers. 🔗
• Retail hackers claim latest victim: The DragonForce RaaS group has claimed responsibility for an attack on North Carolina-based department store, Belk. (Cybersecurity Dive) 🔗
• Gemini flaw creates phishing messages: Security researcher Marco Figuera has discovered a prompt injection attack that tricks Google Gemini for Workspace into creating email summaries that direct users to phishing sites. 🔗

Government and Policy

• Salt Typhoon breaches National Guard: Following last month’s attacks against Canadian telecoms providers, the Chinese hacking group has successfully breached a US state’s Army National Guard network, giving them potential access to other units’ networks and state-level cybersecurity partners. 🔗
• UK’s NCSC launches Vulnerability Research Initiative: The new initiative will strengthen relations with external cybersecurity experts, improving the sharing of critical discoveries within the community. 🔗

No, it isn’t 2019 and this isn’t another Florida Man meme—it’s a real cybersecurity headline making the news this week.

A Palm Coast IT administrator was arrested on Wednesday on five felony charges, having allegedly carried out a cyberattack on his former employer’s computer infrastructure in retaliation for the company firing him.

41-year-old Richard Clayton Wozniak allegedly infiltrated the company’s firewall, email, and physical security systems just minutes after being let go back in October 2024, deleting company data and obstructing business continuity.

Wozniak faces three charges of computer fraud, one charge of tampering with computer intellectual property, and one charge of unlawful use of a two-way communication device—with a combined total of up to 35 years in prison if convicted.

The key takeaway? Always sign out or deactivate an employee’s account before firing them.

For more advice on how to prevent malicious insiders from harming your organization, check out our interview with Joseph Bell, CISO at Everfox.

Balancing growth and trust: Boris Logvinsky, VP of Product at Vanta, discusses the challenges of balancing business growth, risk management, and customer trust—and the potential of AI to streamline the compliance landscape. Listen now.

Is agentic AI really the future of cybersecurity? Ric Smith, President of Product, Technology, & Operations at SentinelOne, discusses the importance of balancing automation and human oversight as AI becomes more deeply integrated into security workflows. Listen now.

Subscribe today.

• Top RMM Solutions For MSPs
• Top Mobile Device Management (MDM) Solutions
• Top Email Security Gateways
• Top Email Security Solutions For Office 365
• Top Identity And Access Management Solutions
• Top Phishing Protection Solutions
• Top Phishing Simulation And Testing Solutions
• Top Cyber Threat Intelligence Solutions