Shuffle, the cryptocurrency based online casino, announced a security breach as a result of a 3rd party being compromised.

The 3rd party which was compromised is Fast Track. Fast Track is a CRM (Customer Relation Software) for managing things such as customer support tickets.

Shuffle has stated the 3rd party compromise has resulted in the exfiltration of the following data:
- Email
- Name (Full name not specified)
- Addresses (Unspecified in crypto address or physical)
- Transactions (Unspecified historical or specific)
- Bet data

This is eerily similar to the recent Discord Zendesk 3rd party compromise.

Dawg, if it comes out that this online casino was compromised as a result of an Insider Threat (bribery), I'm going to lose my mind

Whoa whoa whoa. Interesting update.

Yesterday Discord silently updated their breach notification press release.

They name dropped the BPO.

Why? 🤔

https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service

Part of me wonders if since I posted the compromise was the result of a BPO they decided to release more details on it.

Or maybe it's completely unrelated and just a coincidence, but it was unveiled at the same time

Probably just a coincidence, but I like to hope

"The weird stinky goth cat malware people said it was a BPO, we can say the public knew first. Post it!!!!?"

(Would be hilarious)

I get messages around the clock from nerds

I get information on products, breaches, forum drama, Threat Actors, what cybersecurity companies are doing, etc

Sometimes I feel like I've got an international network of spies that feed me intelligence. It's fucking badass

Unironically, if it's not news or gossip, it's pictures of kitty cats. Basically, I'm living the dream

SLSH, DO NOT drop anything tonight. Have some common courtesy and release shit on Monday or something dawg. I do NOT want to have to deal with this shit on a weekend

Bro, c'mon. It's a fucking holiday weekend. Don't be like this. Wait until like, Tuesday or something. C'mon bro. You got all the time in the world to extort people

Dawg, Microsoft found a Threat Actor that compromised a company and modified the internal payroll system so when paychecks were scheduled to be deposited it went into THEIR accounts, NOT the employees.

That's fucking badass wtf I've never seen that before

I don't endorse crime, and I'm sorry people didn't get paid. But... bro, c'mon. That's fucking sick nasty. I've never seen that before. I'm so impressed.

YoUvE nEvEr HeaRd oF ThIs?

No, I haven't. I don't know everything. I'm not an omnipotent being. Let me enjoy something I just learned and let me enjoy sharing it with others.

Two online casinos announced a compromise this week as a result of a 3rd party Customer Management Relationship software called Fast Track

Every second something is pirated

Because of this theft, groups like Metallica, or celebrities like Dwayne "The Rock" Johnson, may be unable to purchase their next series of mansions.

Dwayne "The Rock" Johnson only made $88,000,000 from the film "Red One". How will he survive?

I've made so many updates to vx-underground (while simultaneously schizo posting), it cannot fit in a single post without it looking like garbage.

Here is a PasteBin link with the latest updates from the past 10 days (it's a lot)

https://pastebin.com/raw/EsErG6uV

In case you missed it, I'm aiming to collect every publicly released malware analysis paper (ever) and link it with the corresponding files listed in the paper. At my current pace it's going to take me about 3 years and 4 months to do everything from 2007 - present