CyberWatch Weekly: Top 3 Cybersecurity News from August 3rd Week

This week’s cybersecurity stories highlight how weak defenses can open even the biggest organizations to exploitation. From a white-hat hacker exposing McDonald’s flawed systems, to North Korea’s Lazarus Group pulling off a $23 million crypto heist, and telecom giant Colt shutting down services after a breach, the incidents show the range of tactics attackers employ. Adding to the risks, social media storefront scams continue to spread malware and steal digital assets. Together, these events paint a troubling picture. Let’s look at this week’s top headlines.

Weak Passwords and Faulty Code Exposed McDonald’s to Hackers

A white-hat hacker uncovered critical vulnerabilities in McDonald’s digital systems, showing how poor security practices left the company open to abuse. The flaws existed because McDonald’s relied on weak client-side checks, faulty OAuth implementations, and exposed API keys, while lacking a proper vulnerability reporting process, such as a security.txt file. This combination created opportunities for attackers to order free food, hijack marketing materials, access corporate emails, and even tamper with franchise standards. The breach occurred because security validation was inconsistent and often bypassed by simple tricks, like altering URLs from “login” to “register.” Hardcoded API keys and plaintext credentials compounded the risks. In one instance, a job application bot used “123456” as its admin password, exposing the data of 64 million applicants.

Solutions include enforcing server-side validation, secure password policies, strong OAuth implementations, and encrypted credential handling. McDonald’s must also establish clear disclosure channels and bug bounty programs. Without consistent cybersecurity governance, even global giants remain vulnerable to avoidable exploitation.

Source: The Register

UK Authorities Blame North Korea’s Lazarus Group for $23 Million Crypto Heist

A major cyberattack has rattled the crypto sector as North Korea’s Lazarus Group stole $23 million from Lykke, a UK-based exchange operating out of Switzerland. The breach, involving 158 BTC and 2,161 ETH, forced Lykke UK and Lykke Corp AG to halt all trading and withdrawals.

The UK’s Office of Financial Sanctions Implementation has tied the attack to Lazarus, a state-backed group infamous for high-profile crypto heists. Exploiting technical vulnerabilities and weak compliance safeguards, Lazarus has pulled off some of the largest thefts in recent history. Just this year, they siphoned $1.5 billion from Bybit, $11.5 million from Taiwan’s BitoPro, and $3.2 million from Solana wallets. They are also suspected of the $44 million breach of India’s CoinDCX. Garden Finance, meanwhile, faces scrutiny for allegedly laundering funds from these hacks, raising alarms about platforms enabling illicit transfers.

As Lazarus ramps up operations, experts urge exchanges to implement stronger safeguards, such as multi-layer authentication, enhanced monitoring, and global collaboration, to protect both platforms and traders.

Source: 36Crypto

Ransomware Hits Colt: Telecom Giant Takes Systems Offline After Attack

A surge in online fraud has been linked to cybercriminals exploiting TikTok and Facebook storefronts to steal cryptocurrency and personal data. Analysts say the motive is clear: high profit with low traceability. Cryptocurrency’s irreversible nature makes it ideal for scams, while social media platforms provide access to millions of potential victims, especially younger users. The operation works by impersonating legitimate sellers, often using AI-generated images and branding to appear authentic. Fraudulent TikTok “Wholesale” or “Mall” pages and Facebook ads redirect users to phishing sites, where deposits are demanded into fake wallets or malware is silently installed. One strain, “SparkKitty,” can harvest data from mobile devices, maintaining access long after the initial compromise.

To combat such schemes, experts urge verifying URLs, avoiding too-good-to-be-true offers, and using only secure, traceable payment methods. Antivirus software with real-time protection, cautious link handling, and platform-level monitoring can help close loopholes. Ultimately, awareness and proactive cyber hygiene remain the strongest defenses against evolving social media scams.

Source: Capacity Media

Conclusion

These incidents reveal a common theme: inconsistent defenses, weak oversight, and exploitable systems remain major entry points for attackers. Whether targeting corporations, exchanges, or everyday users, cybercriminals exploit small cracks to cause big damage. Strong governance, layered security, and global collaboration are key to closing gaps before they widen.

Stay vigilant and informed, tune in next week for more updates in InfosecTrain’s CyberWatch Weekly!