Posted on

One Million IP Addresses Used In Brute-Force Attack On A Bank

Cisco says in just one week in February they detected 1,127,818 different IP addresses being used to launch 744,361,093 login attempts on 220,758,340 different email addresses — and that 93% of those attacks were directed at two financial institutions in a massive Account Takeover (ATO) campaign.

 

Crooks used 993,547 distinct IPs to check login credentials for 427,444,261 accounts. For most of these attacks, the crooks used proxy servers, but also two botnets, one of compromised Arris cable modems, and one of ZyXel routers/modems. Most of these credentials have been acquired from public breaches or underground hacking forums.

 

For more information, read the full article here.

Posted on

Cryptocurrency raider takes $60 million in digital cash

A cryptocurrency is only as reliable as the technology that keeps it running, and Ethereum is learning this the hard way. An attacker has taken an estimated $60 million in Ethereum’s digital money (Ether) by exploiting vulnerabilities in the Decentralized Autonomous Organization, an investment collective. The raider took advantage of a "recursive call" flaw in the DAO’s code-based smart contracts, which administer the funds, to scoop up Ether many times in a single pass.

 

Ethereum’s Vitalik Buterin has revealed a planned software fork that would prevent the intruder from using the ill-gotten goods, but there are still plenty of headaches in store for both contract creators and investors. Contract makers will have to take extra care to avoid the flaw and limit the value of their contracts so that a bad actor doesn’t make off with a huge sum of cash. Buterin says that Ethereum itself is safe — miners can carry on, and users should "sit tight and remain calm" while they wait to trade again. Still, it’s easy to imagine everyone being nervous.

 

The kicker? People were convinced that the bug posed no risk to DAO funds just a few days prior. Clearly, that wasn’t true. While the invader didn’t get away scot-free, the breach has caused a lot of chaos. And while one person’s claims that they legitimately took the funds is sketchy, Bloomberg notes that the code defining the smart contracts may have explicitly allowed this attack even if that’s not what the DAO wanted. This may not be so much a hack as exploitation of poorly-defined terms, and there may not be a legal recourse. In short: basing an investment framework around code instead of human-made contracts may have been too optimistic.

 

Read the full article here.

Posted on

Corporate Email Phishing Scams Result in $3.1B Loss, Near 1300% Increase in 18 Months

Total number of Business Email Compromise (BEC) related crimes have reached epidemic levels, at nearly $3.1 billion in losses and involving 22,143 victims worldwide since January 2015, according to a new FBI report.

 

BEC or Business Email Compromise is defined by FBI as "a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds."

 

Most victims, according to reports to FBI, "use wire transfers as a common method of transferring funds for business purposes; however, some victims report using checks as a common method of payment. The fraudsters will use the method most commonly associated with their victim’s normal business practices."

 

The BEC scam continues to grow, evolve, and target businesses of all sizes the FBI reports. Since January 2015, there has been a 1,300% increase in identified exposed losses (i.e. Exposed dollar loss which includes actual and attempted loss in United States dollars.) The scam has been reported by victims in all 50 states and in 100 countries. Reports to FBI indicate fraudulent transfers have been sent to 79 countries with the majority going to Asian banks located within China and Hong Kong.

 

Characteristics of BEC Complaints

The IC3 has noted the following characteristics of BEC complaints

•  Businesses and associated personnel using open source email accounts are predominantly targeted.

•  Individuals responsible for handling wire transfers within a specific business are targeted.

•  Spoofed emails very closely mimic a legitimate email request.

•  Hacked emails often occur with a personal email account.

•  Fraudulent email requests for a wire transfer are well-worded, specific to the business being victimized, and do not raise suspicions to the legitimacy of the request.

•  The phrases “code to admin expenses” or “urgent wire transfer” were reported by victims in some of the fraudulent email requests.

•  The amount of the fraudulent wire transfer request is business-specific; therefore, dollar amounts requested are similar to normal business transaction amounts so as to not raise doubt.

•  Fraudulent emails received have coincided with business travel dates for executives whose emails were spoofed.

•  Victims report that IP addresses frequently trace back to free domain registrars.

The FBI recommends victims to always file a complaint regardless of dollar loss or timing of incident at www.IC3.gov.

Read the full article here.

Posted on

Problems With Chrome? Use Google’s Free Cleanup Tool.

Google Chrome recently overtook Internet Explorer to become the most-used browser on the web. To be fair to Microsoft; however, we should note that Windows 10 encourages people to use the new Edge browser and so it was always inevitable that IE usage would decline. Still, it’s a great achievement by Google and, in my own experience, Chrome is an excellent, fast browser.

 

As with all software, though, things can go wrong. Settings can become corrupted, or you may install an extension that has subsequently been identified as being malware.

 

Probably the most powerful tool to help clean up a Chrome installation is something called the Chrome Cleanup Tool. It’s an official Google release and is free of charge. You’ll find the Windows version at https://www.google.com/chrome/cleanup-tool/ and it’s a download of around 3 MB. The program is malware-free according to VirusTotal and Web of Trust.

 

Although the cleanup tool is very useful, do take heed of the warning screen when you run it. It will clear various settings, including your home page, so don’t use it until you actually have a real problem.

Posted on

LG Sells Mosquito-Repelling TV In India

In effort to fight Zika, dengue and malaria, LG has released the “LG 32LG52D” TV with “Mosquito Away Technology. According to Reuters, the TV uses ultrasonic waves that are inaudible to humans but cause mosquitoes to fly away. The TV has been released in India Thursday, and will go on sale next month in the Philippines and Sri Lanka, with no plans to market it elsewhere. It is available in two models, priced at 26,500 rupees and 47,500 rupees ($394 and $706). LG says the same technology used in its new TV has been used in some of its air conditioners and washing machines.

 

Source: https://news.slashdot.org/story/16/06/17/1943256/lg-sells-mosquito-repelling-tv-in-india

Posted on

How to Hack Someones Facebook Account Just by Knowing their Phone Numbers

Hacking Facebook account is one of the major queries on the Internet today. It’s hard to find — how to hack Facebook account, but researchers have just proven by taking control of a Facebook account with only the target’s phone number and some hacking skills.

 

Hackers with skills to exploit the SS7 network can hack your Facebook account. All they need is your phone number.

 

The weaknesses in the part of global telecom network SS7 not only let hackers and spy agencies listen to personal phone calls and intercept SMSes on a potentially massive scale but also let them hijack social media accounts to which you have provided your phone number.

 

SS7 or Signalling System Number 7 is a telephony signaling protocol that is being used by more than 800 telecommunication operators worldwide to exchange information with one another, cross-carrier billing, enabling roaming, and other features.

 

However, an issue with the SS7 network is that it trusts text messages sent over it regardless of their origin. So, malicious hackers could trick SS7 into diverting text messages as well as calls to their own devices.

 

All they need is the target’s phone number and some details of the target’s device to initiate the silent snooping.

 

The researchers from Positive Technologies, who recently showed how they could hijack WhatsApp and Telegram accounts, now gave the demonstration of the Facebook hack using similar tricks, Forbes reported.

 

Read the full article here.

Posted on

VDesk for Windows 10: launch programs on virtual desktops

VDesk is a free, open source, program for the Windows 10 operating system that extends a system’s virtual desktop functionality.

 

Microsoft added a virtual desktop feature to Windows 10 that is completely optional to use. It adds options to Windows 10 to create a number of virtual desktops that users can switch between to separate programs from each other.

 

Programs can be moved around between desktops, but there is no option to configure Windows to open programs on virtual desktops (all the time) when they are started.

 

Read the full article here.

Posted on

Singapore banks adopt voice biometrics for user authentication

Citi is launching voice biometric verification for customers in Singapore to help to cut user authentication time.

 

The bank has already implemented voice biometrics for consumer customers in Taiwan, with Singapore, Hong Kong and Australia to follow soon. The service will be available to all 12 of Citi’s consumer banking markets in Asia-Pacific by 2017.

 

Read the full article here.

Posted on

27% of cloud apps are high risk

As more and more organizations adopt cloud platforms, new shadow IT risk vectors are coming into play in the form of connected third-party apps, according to CloudLock CyberLab’s analysis across 10 million users, 1 billion files, and nearly 160,000 unique applications.

 

These apps (and by extension, their vendors) are authorized using corporate credentials, have API access to corporate data on multiple SaaS platforms via OAuth connections, and can act on behalf of users to access, delete, store, externalize and exfiltrate data.

 

The shadow IT dilemma is only becoming more challenging as usage is increasing exponentially year over year. From 2014 to 2016, we’ve seen nearly a 30x increase in apps from 5,500 to nearly 160,000. Each application instance represents a backdoor through which hackers can infiltrate and externalize sensitive corporate assets.

 

Measuring risk by a combination of access scopes, community-sourced ratings, and expert-driven analytics, the CloudLock CyberLab found that 27% of third-party apps are classified as high risk through which cybercriminals could gain programmatic access to corporate platforms impersonating end users.

 

Read the full article here.