Unicoin 黑客入侵 Google Workspace 帐户，导致员工数日无法进入

一名黑客入侵了 Unicoin 的 Google Workspace（以前称为 G-Suite）帐户，并更改了所有公司员工的密码，导致他们数日无法使用公司帐户。

A hacker managed to compromise Unicoin's Google Workspace (formerly G-Suite) account and changed the passwords for all company employees, an incident that locked them out of their corporate accounts for days on end.

一名黑客成功侵入 Unicoin 的 Google Workspace（以前称为 G-Suite）帐户，并更改了公司所有员工的密码，这一事件导致他们连续几天无法使用公司帐户。

Unicoin is an asset-backed, audited, and publicly reporting cryptocurrency project. It is the official token of the “Unicorn Hunters” business series, focused on providing novel investment opportunities.

Unicoin 是一个由资产支持、经过审计且公开报告的加密货币项目。它是“独角兽猎人”商业系列的官方代币，专注于提供新颖的投资机会。

According to a filing with the U.S. Security and Exchanges Commission (SEC), after gaining access to the company's Google account, the threat actor proceeded to modify the passwords, thus denying employee access to all services in the environment, including Gmail and Drive.

根据向美国安全与交易委员会 (SEC) 提交的文件，在获得公司 Google 帐户的访问权限后，威胁行为者继续修改密码，从而拒绝员工访问环境中的所有服务，包括 Gmail 和 Drive。

Unicoin says that it managed to restore access for its staff to G-Suite about four days later, on August 13.

Unicoin 表示，大约四天后，也就是 8 月 13 日，它设法恢复了员工对 G-Suite 的访问。

“On August 9, 2024, Unicoin Inc. detected an unknown threat actor had gained access to the Company’s Google G-Suite account and changed passwords of all users of the Company’s G-Suite products (i.e., G-Mail, G-Drive and other related G-Suite functionality), thereby denying access to all users having an “@unicoin.com” email address,” reads the SEC Form 8-K filing.

“2024 年 8 月 9 日，Unicoin Inc. 检测到一名未知威胁行为者已获得该公司 Google G-Suite 帐户的访问权限，并更改了该公司 G-Suite 产品（即 G-Mail、G-Drive 和其他相关的 G-Suite 功能），从而拒绝所有拥有“@unicoin.com”电子邮件地址的用户的访问，”SEC 8-K 表格文件中写道。

“On or about August 13, 2024, the company was able to remove the threat actor’s access to the G-Suite accounts and restore access to its internal users.”

“在 2024 年 8 月 13 日左右，该公司能够删除威胁行为者对 G-Suite 帐户的访问权限，并恢复对其内部用户的访问权限。”

During this time, the threat actor could freely access confidential information present in internal communications.

在此期间，威胁行为者可以自由访问内部通信中存在的机密信息。

The company is still assessing the extent and impact of the incident but has already found the following evidence of data access, manipulation, and fraud attempts:

该公司仍在评估该事件的范围和影响，但已经发现了以下数据访问、操纵和欺诈企图的证据：

Despite the breach of the company’s cloud environment for productivity and collaboration, Unicoin does not believe that the event will have a material impact on its financial status and has seen no evidence of crypto assets or cash losses linked to the event.

尽管该公司的云环境对生产力和协作造成了破坏，但 Unicoin 认为该事件不会对其财务状况产生重大影响，并且没有发现与该事件相关的加密资产或现金损失的证据。