Tens of thousands of New Zealanders have been sent an unprecedented email from our National Cyber Security Centre.
It's emailed 26,000 addresses warning malicious software, called Lumma Stealer, could have infected their devices.
It's designed to steal sensitive information - and some stolen passwords are connected to Government agency systems and bank accounts.
Aura Information Manager, Patrick Sharp, says international partners revealed the threat to our cyber security centre.
He explained that presumably means an agency's uncovered a trove of stolen data and alerted the NCSC about the email addresses of concern.
LISTEN ABOVE
See omnystudio.com/listener for privacy information.
Episode Transcript
New Zealand Cyber Agency is warning twenty six thousand kiwis
that their computers have been infected with malicious software. The
National Cybersecurity Center or NCSC, which sent out the emails
today warning users about a possible infection. They say the
software has stolen sensitive information connected to bank accounts and
government systems. So what is it? Who got it? How
(00:22):
do we know? Patrick Sharp, general manager of AURA Information Security,
joins me. Now, Patrick, good afternoon.
Speaker 2 (00:28):
Good afternoon, So how did this?
Speaker 1 (00:30):
Can we go back to the beginning. Do we know
how this malware might have got into our systems, what
sort of email it or how it got in?
Speaker 2 (00:41):
So this sort of malware can actually be delivered through
a range of different mechanisms. There is some mechanisms such
as people going on Facebook and getting links to download
aim this generation software, just malicious websites. There's one instance
of the game having this in it, so it could
be a variety of different means.
Speaker 1 (01:02):
So not necessarily because I always think if I don't
click on any emails, then I'm not going to get
in any trouble. But actually you could just go to
a website and click on something and pick it up
potentially yes, yeah, okay, what's the software called the malicious software?
And what does it do?
Speaker 2 (01:17):
So it's called Luma Steeler and it's what's called a
Steeler malware. So basically what it does is steel information.
Pretty obvious. I guess that might include things I use, passwords,
created a card, information, anything saved in your browser, even
files from your computer.
Speaker 1 (01:34):
Is it on my phone or my hard computer laptop?
Speaker 2 (01:38):
This one seems to be affecting Windows based systems, so
it'll be your computer, okay.
Speaker 1 (01:44):
And how does the government know whether my computer, my
Microsoft computer has been infected?
Speaker 2 (01:54):
So nccly noted that they've been alerted to this by
their partners. That presumably means that another organization overseas has
actually found a trove of data which has been stolen
and then has said to NCC, there's a group of
email addresses here, and be concerned with how do I know.
Speaker 1 (02:12):
If I've I mean, aside from the government email I
means saying, oops, you've got this. How do is there
any sign that you would have this on your computer?
Speaker 2 (02:20):
No, these are this kind of software is designed to
run quietly in the background, so you wouldn't know the
only unless you're running antivirus software which has then detected
it and hopefully cleaned up after that.
Speaker 1 (02:35):
Would antivirus software have detected.
Speaker 2 (02:36):
This I presumably. However, these the sort of malware has
often changed, and so antivirus software has to continuously change
in order to update and make sure it can detect
new versions of it. So presumably for a period of
time it wasn't detected.
Speaker 1 (02:57):
Patrick, Today we're talking about twenty three thousand email is
twenty three thousand people. In ten years time we'll be
talking about everyone. I mean, should we be putting any
of our information, our private information anywhere on our computers
or the internet generally?
Speaker 2 (03:13):
Reality, this is a huge problem, these sorts of the
sort of malware and lots of data in general. But
we can't simply not put our data online. So we
have to become very aware of how we're actually managing
our data, where we're putting it, where it's been saved,
and who has access to it.
Speaker 1 (03:32):
Patrick, appreciate your time this afternoon. Thank you very much,
Patrick Sharp, general manager at AURA Information Security. For more
from Heather Duplicy Allen Drive, listen live to news talks
it'd be from four pm weekdays, or follow the podcast
on iHeartRadio,
Popular Podcasts
Betrayal Season 5
Saskia Inwood woke up one morning, knowing her life would never be the same. The night before, she learned the unimaginable – that the husband she knew in the light of day was a different person after dark. This season unpacks Saskia’s discovery of her husband’s secret life and her fight to bring him to justice. Along the way, we expose a crime that is just coming to light. This is also a story about the myth of the “perfect victim:” who gets believed, who gets doubted, and why. We follow Saskia as she works to reclaim her body, her voice, and her life. If you would like to reach out to the Betrayal Team, email us at betrayalpod@gmail.com. Follow us on Instagram @betrayalpod and @glasspodcasts. Please join our Substack for additional exclusive content, curated book recommendations, and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience, and healing. Your voice matters! Be a part of our Betrayal journey on Substack.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by Audiochuck Media Company.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.