Week in review: Cell phone money laundering, hardware Trojans and iOS flaw that allows downloading of malicious code
Here’s an overview of some of last week’s most interesting news and articles:
Browser bloat and privacy concerns
An increase in browser-based bloat and malware, and growing concern over online tracking technology, will top the technology trends in 2012.
Brazilian ISPs hit with massive DNS cache poisoning attacks
A massive DNS cache poisoning attack attempting to infect users trying to access popular websites is currently under way in Brazil.
20-fold increase in fraudulent spam
The quantity of fraudulent messages is striking, but so is the variety of social engineering techniques deployed.
Another Dutch CA confirms breach, stops issuing certificates
According to the company’s statement the breach seems to have happened four years ago, and was discovered because the company initiated internal and external audits of its system following the recent spate of CA compromises.
Why do malicious Android apps come from China?
It seems like every time we hear about a malicious application aimed at Android users, it is always distributed by third-party Chinese app markets.
Anonymous admits leaking personal info on 16,000 Finns
Anonymous has taken responsibility for the personal information of some 16,000 Finns ending up on a file sharing site on Saturday, and has additionally made public the membership application database of the Kansallinen Vastarinta (the online magazine of the Finnish militant Neo-Nazi organization Suomen Vastarintaliike) website.
SCADA systems flaws exploited to open prison doors
The discovery of the Stuxnet worm has alerted governments around the world about the possibility of industrial control systems being targeted by hackers and has made a lot of security researchers concentrate on preemptively finding out bugs that plague them so that they can be patched before the attackers have the chance to exploit them.
Spammers’ URL shortening sites highlight weakness of old security
A recent Web threat report warned that spammers are now using their own URL shortening services to lure spam recipients into clicking on malicious web links. These use the “.info” top level domain and are open to the public to use for shortening Web links.
Hybrid social engineering attacks
Fraudulent phone calls are increasing in popularity. One possible use for these bogus “bank’ calls is to utilize personal identification information stolen using malware to give fraudsters credibility as they collect the missing information required to “pull off’ their scams.
iOS flaw allows App Store apps download malicious code
Well-known Mac hacker and researcher Charlie Miller has discovered a flaw in Apple’s restrictions on code signing on iOS devices which would allow attackers to use applications sneaked into the App Store to download and run additional, unsigned code.
Angry Birds know where you live
75% of the public may be giving away their physical location when downloading smartphone applications.
DARPA invites white hats to help with U.S. cyber defense
The Defense Advanced Research Projects Agency (DARPA) is asking the government to ramp up its cyber research funding from $120 million to $208 million for 2012, and in the coming years aims to spend a greater part of its budget on cyber research than ever before.
Cybercrime and Espionage
Cybercrime and espionage are topics that I always enjoy reading about. I was primarily interested in how the authors combined these two seemingly different worlds into one concept and was curious to see the prime focus of the subversive multivector threats (SMT) mentioned in the title.
Protection against Duqu malware
A new vulnerability in Windows has been recently identified and is already exploited in the wild. For now, only a handful of targeted attacks have been found. The vulnerability exists in Windows TrueType Font Parsing Engine and affects most Windows versions, including Windows 7.
The 12 scams of Christmas
‘Tis the season for consumers to spend more time online – shopping for gifts, looking for great holiday deals on new digital gadgets, e-planning family get-togethers and of course, using online or mobile banking to make sure they can afford it all.
FBI arrests six for DNS hijacking scam worth $14 million
Charges against six Estonian nationals and one Russian national for engaging in a massive and sophisticated Internet fraud scheme that infected with malware more than four million computers located in over 100 countries have been raised by the United States Attorney for the Southern District of New York.
How does cell phone money laundering work?
In Russia, most cell phone SIM cards are prepaid. One of the major Russian operators offers a legal service that allows anyone to transfer the prepaid amount of money from a SIM card to a bank account, a credit card, another cell phone number (via a text message) or to express money transfer service Unistream. This particular service is heavily misused by cyber crooks who use it to launder money collected through ransomware campaigns, mobile malware and SMS scam campaigns.
Cybercriminals exploiting user inexperience
Noteworthy threats in October 2011 included the return of a rogue web browser, a phony hacking tool for Gmail account password recovery and malware disguised as advertisements on Yahoo and Bing.
New techniques for detecting hardware Trojans
Most Internet users know about the existence of software Trojans, but that of hardware ones is less known. They consist of integrated circuits that have been modified by malicious individuals so that when triggered, they try to disable or bypass the system’s security, or even destroy the entire chip on which they are located.
100% of enterprises reported cyber attacks
Attacks are becoming more difficult to defend against and are expensive to mitigate, with traditional safeguards falling short.
Steam server attackers grabbed passwords, credit card data
As Bethesda Software was preparing to release Skyrim, the latest installment of its mega popular Elder Scrolls series, news that the forum of Steam, the online platform/distibution network of Valve Corporation, have been defaced and possibly breached has made gamers anxious.