from

now browsing by tag

 
 

When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company

When hackers get hacked” should become the tagline of 2018. After several other similar incidents, it is now the turn of an Android spyware maker that advertises its spyware to be used against children and employees. A target of a vigilante hacker, the company known as SpyHuman offers surveillance software for Android devices that enables its users to intercept phone calls, text messages, track GPS locations, read messages on WhatsApp and Facebook, and use the target device’s microphone.

It now appears that a hacker has stolen customer text messages and call metadata from the spyware company. Call metadata includes phone numbers the target devices dialled or received calls from along with their duration and dates. Hackers managed to access over 440,000,000 call details through exploiting a basic security flaw in the website.

advertisement:

nso-pegasusRELATEDControversial Israeli Spyware Firm Robbed by Its Own Employee Who Tried Selling Code for $50 Million!

“These spy apps should be out of market, most people spy on girls and [their] data image […] always sensitive,” the hacker wrote in a message that was obtained by Motherboard. “No one have rights to do that and same these apps and provider making money by doing this.”

While SpyHuman sells its spyware as a tool to monitor children and employees, it’s mostly used to illegally spy on partners and spouses without their consent. “Several review websites and social media posts do push the app for such purposes, and archives of particular SpyHuman pages include phrases such as ‘know if your partner is cheating on you,’ and suggests monitoring your husband’s texts in case he is having an affair,” the publication reports.

The company gave the following (non)explanation when asked about how it makes sure its software isn’t being used for illegal surveillance:

staff-surveillance-2RELATEDMicrosoft Exposes FinFisher Gov Spyware – Says Windows Defender ATP Can Now Detect the Notorious Spyware

“As a precaution, at an initial stage of our app installation, we always ask users that for what purposes they are installing this app in the target device. If they select child or employee monitoring then our app stays hidden and operate in stealth mode. Otherwise, it will create visible Icon so that one can know that such app is installed on his/her devices.”

As is apparent, since its users can always select a child or an employee – which in itself raises several questions – they don’t necessarily have to reveal if they are using the product for spying on people, mostly partners, without their consent.

– If you are a victim of spyware or technology-facilitated abuse, this is a very comprehensive resource list offering guidelines and help.

The post When Spies Get Hacked… Hackers Steal Customer Data from Android Spyware Company appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

#Hacker Steals $13.5 Million From #Bancor #Cryptocurrency #Exchange

In a statement published hours ago, Israeli-based cryptocurrency exchange Bancor fessed up to a security incident following which a hacker made off with roughly $13.5 million worth of cryptocurrency.

The hack took place yesterday, July 9, at 00:00 UTC, according to Bancor, after an unknown intruder(s) gained access to one of the company’s wallets.

This was a big deal because Bancor doesn’t run as a classic exchange platform, but uses a complex mechanism based on smart contracts running on the Ethereum platform to move funds at a quicker pace than classic exchange platforms.

The compromised wallet also granted the attacker access to updating the smart contracts responsible for converting user funds.

Bancor says the hacker used this access to withdraw 24,984 Ether (ETH) coins (~$12.5 million) from Bancor smart contracts and sent the Ether to his own private wallet.

Similarly, he also withdrew 229,356,645 Pundi X (NPXS) coins, worth another $1 million.

Security feature prevents theft of another $10 million

The hacker also withdrew 3,200,000 Bancor tokens (BNT) (worth around $10 million), which Bancor had issued last year as part of its ICO that raised over $150 million, but Bancor says a security feature in Bancor tokens allowed it to freeze the funds and prevent the hacker from cashing it out at other exchanges.

“It is not possible to freeze the ETH and any other stolen tokens,” Bancor says. “However, we are working together with dozens of cryptocurrency exchanges to trace the stolen funds and make it more difficult for their thief to liquidate them.”

Bancor said the hacker didn’t compromise any user wallets. The theft appears to have affected only Bancor’s reserves, which the company held to facilitate the cryptocurrency exchange process.

Bancor did not reveal how the hack took place but promised more updates in the following days via its website and its Twitter account. Bancor’s platform is currently down and undergoing maintenance work.

Last year, a security researcher criticized the Bancor platform for using smart contracts that contained several security flaws.

Below is Bancor’s initial statement regarding yesterday’s security breach.

Source: https://www.bleepingcomputer.com/news/security/hacker-steals-135-million-from-bancor-cryptocurrency-exchange/

advertisement:

The post #Hacker Steals $13.5 Million From #Bancor #Cryptocurrency #Exchange appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

UK #businesses face #growing #threat from #cyber-attacks

Criminal cyber-attacks on UK businesses increased last year, according to the annual report of the National Cyber Security Centre.

Firms face a growing threat from ransomware, data breaches and weaknesses in the supply chain, according to the report, published on Tuesday. Emerging threats include theft from cloud storage, which the NCSC argues too many businesses put their faith in.

“Criminals are launching more online attacks on UK businesses than ever before,” a summary accompanying the report said.

The NCSC, in effect the shop window for the government surveillance agency GCHQ, was set up in late 2016 amid alarm over potential attacks on UK institutions, infrastructure and businesses.

The report, Cyber Threat to UK Business Industry 2017-2018, is published to coincide with the opening of a organised by the NCSC, which is expected to attracted 1,800 cybersecurity experts from law enforcement, government and the private sector.

Ciaran Martin, head of the NCSC, said: “The last year has seen no deceleration in the tempo and volume of cyber incidents, as attackers devise new ways to harm businesses and citizens around the globe.

“The NCSC’s aim is to make the UK an unattractive target to cyber criminals and certain nation states by increasing their risk and reducing their return on investment.”

The report was written in collaboration with the National Crime Agency. Donald Toon, director of economic and cybercrime at the NCA, said: “UK business faces a cyber threat which is growing in scale and complexity. Organisations which don’t take cybersecurity extremely seriously in the next year are risking serious financial and reputational consequences.”

Under-reporting of cybercrime by businesses means crucial evidence and intelligence about threats and offenders can be lost. Toon called for full and early reporting of cybercrime.

by the NCSC show 34 significant cyber-attacks took place between October 2016, when the agency was launched, and the end of 2017. A further 762 attacks were less serious. “2018 will bring more of these attacks,” the report said.

It does not break down the figures to distinguish which attacks were purely criminal and which were state-sponsored. The report said that the distinction can be blurred, making attribution difficult.

Among the surveys cited was one by , which recorded a 91% increase in ransom attempts between the first and third quarters of last year.

Vulnerabilities highlighted in the NCSC report included the spread of the , which includes the interconnection of household appliances and other devices. “The internet of things and its associated threats will continue to grow and the race between hackers’ and defenders’ capabilities will increase in pace and intensity,” the report said.

“Many internet-connected devices sold to consumers lack basic cybersecurity provisions. With so many devices unsecured, vulnerabilities will continue to be exploited.”

The NCSC has also issued a warning over cloud security: “As more organisations decide to move data to the cloud (including confidential or sensitive information), it will become a tempting target for a range of cyber criminals.

“They will take advantage of the fact that many businesses put too much faith in the cloud providers and don’t stipulate how and where their data is stored. This could lead to high profile breaches involving UK citizen information.”

The report warns that no matter how good a company’s cybersecurity, it is at risk if this is not matched by the management of service providers and software, which can offer a potential stepping stone into the networks of thousands of clients.

“It is clear that even if an organisation has excellent cybersecurity, there can be no guarantee that the same standards are applied by contractors and third-party suppliers in the supply chain,” the report said. “Attackers will target the most vulnerable part of a supply chain to reach their intended victim.”

advertisement:

The post UK #businesses face #growing #threat from #cyber-attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S.

Computer hackers are getting more sophisticated. They are not afraid to hold cities, states, and companies’ hostage until they pay a ransom. Hackers are modern day tech pirates that disrupt computer programs and turn shareholders into anxiety-ridden puppets. Computer networks in Denver, Atlanta, and Baltimore, as well as a computer network of Boeing Airlines, are recent victims. Atlanta’s computers went down on March 22nd when a hacker locked important data behind an encrypted wall. The wall would stay in place, according to the hackers, until the city pays the hackers $51,000 in Bitcoins. Atlanta has a week to comply. If the city doesn’t pay, all that important data will vanish, according to the computer pirates. No one is sure if Atlanta paid the money, according to a Fox News report. But Mayor Keisha Lance Bottoms didn’t rule out payment.

The hacking group calls itself “SamSam.” SamSam is not new to the hacking world. The group pocketed more than $800,000 in 2017. The city of Leeds, Atlanta paid SamSam $12,000 in February 2018 to release their data. But Atlanta is not the only city that SamSam has in its hacking sights this month. Officials in Baltimore said their 911 dispatch system was under attack. The system was down for 17 hours recently to prove the hackers were serious. The hackers were able to get into the system after the city made an internal change to their firewall. But the Baltimore hackers didn’t ask for money, and that is concerning, according to Frank Johnson, Baltimore’s chief information officer.

Boeing, the world’s top aerospace company, is also under attack by the now famous WannaCry ransomware. WannaCry is the same ransomware that crippled Britain’s healthcare services in 2017. The Boeing attack is not as serious as the attack in Britain, according to Boeing’s head of communications Linda Mills. Mills also said the 777 jet program was not part of the hack. Mills said only a few company machines were under attack.

Denver also had a suspicious outage when denvergov.org and pocketgov.org, as well as other online services, suddenly stopped in March. Some city staffers lost access to their email account. Denver officials claim the shutdown was the work of a computer bug, but Colorado’s Department of Transportation was a SamSam victim in February. The hackers said the information would come back to them if Colorado paid in Bitcoins, according to a news report by Denver7.

advertisement:

The post Computer #Hackers Are #Demanding #Money From #Cities, #States, And #Companies In The #U.S. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Strengthening #Plans to Protect #California #Elections From #Hackers

Concerned about cybersecurity, California is inspecting and reinforcing its elections systems on a daily basis.

That’s what the Secretary of State told NBC Bay Area’s and Telemundo 48’s public affairs show, “Comunidad Del Valle.”

“In 2016 there is absolutely zero evidence that there was any hack, or breach, or compromise of any type, by the Russians or anybody else.“, said Secretary of State Alex Padilla. “Not that they weren’t trying.”

Padilla says California is already implementing some of the procedures suggested this week by the U.S. Senate’s Intelligence Committee. Committee member and U.S. Senator Kamala Harris said this week that the nation should implement a paper-only ballot system to avoid hacking by foreign entities.

Padilla says those threatening entities include Russia, North Korean and China.

“A lot of the recommendations you’re going to hear come out of Washington are from a national perspective… a lot of those recommendations are based on what California already has in place,” Padilla said.

In a wide-ranging interview, Padilla also said his office’s pre-registration program has seen a huge spike in sign-ups since the high school shooting in Florida.

The program allows teens to register to vote before they turn 18, so they can hit the ground running when they become of age.

Read More….

advertisement:

The post Strengthening #Plans to Protect #California #Elections From #Hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

More #countries are #learning from #Russia’s cyber #tactics

When British and US officials blamed Russian military hackers for last summer’s NotPetya ransomware attack, they were confirming long-held suspicions among western governments that Russia is stepping up its hostile cyber capabilities.

The announcement in February was consistent with the recent rhetoric of political and military leaders in the UK and the US as the two countries turn up the heat on Russia and other state adversaries they hold responsible for a string of aggressive cyber attacks. “I think we have been watching nation states grow steadily more aggressive in their use of cyber capabilities,” says John Hultquist, director of intelligence analysis at FireEye, a cyber security company.

February brought a second Russia-related cyber security controversy. On February 16 an indictment filed by Robert Mueller, the US special counsel who is investigating Russian meddling in the 2016 US Presidential elections, charged 13 individuals and three entities with conducting “information warfare” against America.

The work of the Internet Research Agency, a Saint Petersburg-based company accused of creating fake news and setting up phoney US social media accounts to attract online political audiences, may not be a cyber attack in the strictest sense. However, it fits a broader pattern of online warfare being waged by Russian president Vladimir Putin to disrupt the west and its institutions.

Read More….

advertisement:

The post More #countries are #learning from #Russia’s cyber #tactics appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How can you #protect your #website from #malware and #cyberattacks?

Source: National Cyber Security News

From defacements to backdoor files, what kinds of malware should you be aware of?

Cybersecurity is at the forefront of many businesses’ strategies for 2018, as the breaches, malware incidents and disclosure of many vulnerabilities last year showed just how weak the defences of some of the world’s largest firms really are.

Website owners are at an elevated risk of compromise and, with nearly every business required to have an online presence, the dangers could affect everyone from SMEs to large corporations.

Threats come in all shapes and sizes

Malware comes in a deceptive amount of incarnations, from phishing kits to simpler, flat HTML files. SiteLock was able to examine its categorisation data to find that cyber-criminals are seeking out long-term access to targets in order to facilitate complex malware that steals traffic, spreads more malware and lines the pockets of additional malware.

General malware

General malware or unique encoded malware accounts for 44.04pc of all instances detected by SiteLock’s scanners. Although this type of content can be heavily obfuscated and is often generated at random, there are key indicators that give it away, such as the context of the file’s location based on how the website is structured, file behaviours and how exactly the file is obfuscated.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Hacker #stole £10k from #jazz #charity

Source: National Cyber Security News

A jazz centre, headed up by Westcliff musician Digby Fairweather, was targeted by an online fraudster, it has been revealed.

Hackers accessed an account belonging to the Southend-based Jazz Centre UK and stole £10,000.

Fortunately, the charity had its money refunded by the bank, but Mr Fairweather said people must be vigilant to rising cyber crime.

He said: “The Jazz Centre UK online account had two payees set up at the time for small sums. Someone hacked into the account and moved £4,950 twice in a day into these accounts. He then rang both firms saying he was from the jazz centre and the sums had been transferred by mistake and that we owed the money to someone else.

“He asked them to pay it back and then gave them his own account number.”

Mr Fairweather added: “It was virtually all the Jazz centre UK funds but after an inquiry it was the fault of the bank and all the money was refunded – apart from £216.

“It made us very wary of online banking. It could have left us in a great deal of trouble.”

The incident, which happened in October, came to light after it was raised in Parliament by Southend West MP Sir David Amess.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Canada #build digital #Bitcoin vault to #protect investors from hacking

Source: National Cyber Security News

A CRYPTOCURRENCY vault aimed at protecting online currencies such as Bitcoin from hacking is about to be launched by a digital Canadian bank, it has been reported.

It comes after last month Japanese cryptocurrency exchange Coincheck announced it would have to pay back more than £300million to customers after their system was hacked, affecting 260,000 customers.

Now, Canadian bank VersaBank has announced they are setting up a “Blockchain-based digital safety deposit box” for digital currencies to protect investors from such attacks.

Announcing their brand new vault, VersaBank said: “Your digital assets are just as valuable as any family jewellery, property deed or stock certificate, but protecting them isn’t nearly as simple.

“No storage device or commercial cloud service is completely safe, and most blockchain-based secure storage is only for crypto-currency and offered by companies you’ve never heard of, in places you don’t know.

“Like a safety deposit box, only you have access to what’s inside, and like a safety deposit box, it’s been built by an institution you can trust to be there for the long run.”

President and CEO of the bank, David Taylor, has said he hopes his company’s latest offering to customers will help cement Canada as a cryptocurrency world leader.

Read More….

advertisement:

View full post on National Cyber Security Ventures

What is #cryptojacking? How to #prevent, #detect, and #recover from it

Source: National Cyber Security News

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.

Either way, the cryptojacking code then works in the background as unsuspecting victims use their computers normally. The only sign they might notice is slower performance or lags in execution.

Why cryptojacking is on the rise

No one knows for certain how much cryptocurrency is mined through cryptojacking, but there’s no question that the practice is rampant. Browser-based cryptojacking is growing fast. In November, Adguard reported a 31 percent growth rate for in-browser cryptojacking. Its research found 33,000 websites running cryptomining scripts. Adguard estimated that those site had a billion combined monthly visitors.

“Cryptomining is in its infancy. There’s a lot of room for growth and evolution,” says Marc Laliberte, threat analyst at network security solutions provider WatchGuard. He notes that Coinhive, the most popular JavaScript miner that is also used for legitimate cryptomining activity, is easy to deploy and generated $300 thousand in its first month.

Read More….

advertisement:

View full post on National Cyber Security Ventures