Articles for March 2018

Leader of Carbanak (Cobalt) Hacker Group Who Stole Over €1BIL Arrested in Spain

Europol announced today that Spanish police has arrested a man suspect of being the mastermind behind the Carbanak hacking group, known for some of the biggest bank cyber-heists in recent years.

Europol said the Carbanak gang —also known as Cobalt— had carried out over 100 hacks across 40 different countries, stealing over €1 billion ($1.24 billion), with a hack average of €10 million ($12.4 million) per heist.

Source: Leader of Carbanak (Cobalt) Hacker Group Who Stole Over €1BIL Arrested in Spain

Facebook Collected Your Android Call History and SMS Data For Years

Facebook knows a lot about you, your likes and dislikes—it’s no surprise.

But do you know, if you have installed Facebook Messenger app on your Android device, there are chances that the company had been collecting your contacts, SMS, and call history data at least until late last year.

tweet from Dylan McKay, a New Zealand-based programmer, which received more than 38,000 retweets (at the time of writing), showed how he found his year-old data—including complete logs of incoming and outgoing calls and SMS messages—in an archive he downloaded (as a ZIP file) from Facebook.

Source: Facebook Collected Your Android Call History and SMS Data For Years

 

U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

The United States Department of Justice has announced criminal charges and sanctions against 9 Iranians involved in hacking universities, tech companies, and government organisations worldwide to steal scientific research resources and academic papers.

According to the FBI officials, the individuals are connected to the Mabna Institute, an Iran-based company created in 2013 whose members were allegedly hired by the Iranian government for gathering intelligence.

Though the content of the papers is not yet known, investigators believe it might have helped Iranian scientists to develop nuclear weapons.

 

Source: U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

 

Facebook and Cambridge Analytica – What’s Happened So Far

Top Story— Facebook has just lost over $60 billion in market value over the past two days—that’s more than Tesla’s entire market capitalisation and almost three times that of Snapchat.

Facebook shares plunge over revelations that personal data of 50 million users was obtained and misused by British data analytics firm ‘Cambridge Analytica,’ who reportedly helped Donald Trump win the US presidency in 2016.

The privacy scandal that rocked the social media giant was revealed earlier this week when Chris Wylie, the 28-year-old data scientist who worked with a Cambridge University academic, turned into a whistleblower and leaked to the newspapers how poorly Facebook handles people’s private information.

Wylie claims Cambridge Analytica created “Steve Bannon’s psychological warfare mindf**k tool” that profiles citizens to predict their voting patterns based on the personal information gathered from a variety of sources and then helps political parties target voters with tailored advertisements and messages.

Source: Facebook and Cambridge Analytica – What’s Happened So Far

 

Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files

You have always been warned not to share remote access to your computer with untrusted people for any reason—it’s a basic cybersecurity advice, and common sense, right?

But what if, I say you should not even trust anyone who invites or offer you full remote access to their computers.

A critical vulnerability has been discovered in Microsoft’s Windows Remote Assistance (Quick Assist) feature that affects all versions of Windows to date, including Windows 10, 8.1, RT 8.1, and 7, and allows remote attackers to steal sensitive files on the targeted machine.

Source: Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files

Old banking Trojan TrickBot has been taught new tricks | ZDNet

The banking Trojan is back with a range of new capabilities.

The TrickBot Trojan has been upgraded with new modules to make detection, and defense, more difficult.

First discovered in 2016, TrickBot is a financial Trojan which targets the customers of major banks.

The Trojan is most commonly connected to phishing campaigns which trick users into entering their credentials into phishing and fraudulent banking websites, designed to appear as legitimate services.

Source: Old banking Trojan TrickBot has been taught new tricks | ZDNet

Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week

A massive malware outbreak that last week infected nearly half a million computers with cryptocurrency mining malware in just a few hours was caused by a backdoored version of popular BitTorrent client called MediaGet.

Dubbed Dofoil (also known as Smoke Loader), the malware was found dropping a cryptocurrency miner program as payload on infected Windows computers that mine Electroneum digital coins for attackers using victims’ CPU cycles.

Dofoil campaign that hit PCs in Russia, Turkey, and Ukraine on 6th March was discovered by Microsoft Windows Defender research department and blocked the attack before it could have done any severe damages.

Source: Trojanized BitTorrent Software Update Hijacked 400,000 PCs Last Week