Category: News

Sydney Teen Arrested for SMS Scam Utilizing Leaked Info from Optus Data Breach

A 19-year old teenager from Sydney, Australia has been arrested by the Australian Federal Police (AFP) for allegedly attempting to extort 93 Optus costumers whose personal information was compromised by last month’s data breach. The suspect sends threatening SMS to the victims demanding AUD $2000 to be transferred to his Commonwealth Bank of Australia account else risk their details to be misused for fraudulent activities. The AFP identified the account and was able to obtain info from the bank regarding its holder. It executed a search warrant at the offender’s home in Rockdale, a southern Sydney suburb, leading to the seizure of the mobile phone used to send the text scam.

The suspect has been charged with the following two offenses:

a. Using a telecommunication network with the intent to commit a serious offence, contrary to section 474.14 (2) of the Criminal Code Act 1995 (Cth), where the serious offence is blackmail, contrary to section 249K of the Crimes Act 1900 (NSW). This offence is punishable, upon conviction, by a penalty not exceeding that of the serious offence, being a maximum penalty of imprisonment for 10 years; and

b. Dealing with identification information, contrary to section 192K of the Crime Act 1900 (NSW). This offence is punishable by a maximum penalty of imprisonment for 7 years.

Luckily, none of those customers who received the said text messages transferred money to the scammer’s account.

Apple Launches ‘Lockdown Mode’ to Protect Targeted Users from Spyware and Hackers

Tech giant Apple recently introduced a new security feature called the Lockdown Mode to protect high-profile users. This is designed to improve device security warding off hacking and targeted spyware. Lockdown Mode is built into iOS 16, iPadOS 16, and macOS Ventura and will be available this fall later this year across Apple’s devices–iPhones, iPads, and Macs.

With this feature on, it includes the following protections:

  • Messages: Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
  • Web browsing: Certain complex web technologies, like just-in-time (JIT) JavaScript compilation, are disabled unless the user excludes a trusted site from Lockdown Mode.
  • Apple services: Incoming invitations and service requests, including FaceTime calls, are blocked if the user has not previously sent the initiator a call or request.
  • Wired connections with a computer or accessory are blocked when iPhone is locked.
  • Configuration profiles cannot be installed, and the device cannot enroll into mobile device management (MDM), while Lockdown Mode is turned on.

Apple announced that it will continuously add new protections to the Lockdown Mode. Through its Security Bounty program, Apple will reward researchers who can discover flaws and bypass or break through the new feature.

Emotet Variant Surges, Steals Credit Card Info from Chrome Users

The Emotet malware, first detected in 2014 as a banking trojan, is back at it again. Chrome users are at risk of being comprised. Last June 6, cybersecurity company Proofpoint observed a new #Emotet module being dropped by the E4 botnet. It was a credit card stealer that was solely targeting the Google Chrome browser. After gathering the data it harvests (name of user, card number and its expiration date), this notorious botnet will then send it to C2 or command-and-control servers different than the ones the Emotet card stealer module uses.

As of April of this year, Emotet is still the top global malware threat impacting 6% of organizations worldwide. It was thought to have been put to rest in January 2021 after taken down by Europol and global law enforcement agencies. But unfortunately, it started returning late 2021. The Emotet malware family will most likely continue to evolve with new variants thus it is extremely important that everyone’s aware that it mainly spreads through spam mail. Users should be careful in clicking infected files or malicious links attached to these kind of emails.

Google to Roll Out Air Raid Alerts Feature to Ukraine Android Phone Users

Before expected attacks by Russian forces happen, Google announced that Android users in Ukraine will now receive raid alerts on their phone. This feature was adapted from Google’s earthquake alert system. By deploying the air raids alert feature, Ukrainians will be able to prepare themselves to safety from incoming airstrikes. They will get notification when an air raid alert is issued as well as when the raid alert is cancelled.

“This feature uses only your device’s approximate location to send notifications about potential air raids. Google does not use this location information to track or identify you.”

Kent Walker, Google’s President of Global Affairs, said they rolled out this alerts system at the request and help of the Ukrainian government. “Air raid alerts and sirens in Ukraine are a tragic daily reality, and we’re doing all we can to help people get these crucial alerts as many ways as possible”.

The air raids alert feature will work on phones running Android 5 or later. The device must have Internet connection and location must be turned on.

Scam: Online Posts Promoting Amazon Cryptocurrency

Despite many social media posts online, retail giant Amazon says the claim that it has begun a presale of its own cryptocurrency tokens is fake.

A Facebook post from December 27, 2021 that has since been removed said, “The Amazon Token payment system will facilitate a more accessible, more connected global financial system”. A similar post on Facebook says, “The ‘Amazon Token’ Presale Has Started”, along with a photo of Amazon founder Jeff Bezos linked to the purported “official Amazon Token” site. All these have been proven fake.

Users may see a site that contains genuine-looking Amazon logos and offers free Amazon Prime memberships for purchasers while others clicking on links received a browser warning about a potentially malicious site.

On January 3, 2022, Amazon said that it has no cryptocurrency token and that claims to the contrary are part of a scam. “We take any attempts to misuse our brand seriously. We maintain a site to assist customers in identifying phishing attempts, including fake webpages. Amazon investigates these complaints and uses them to protect customers and hold the bad actors accountable”, a company spokesperson said.

“We have found that these new scams are very effective, yielding over USD $100,000. Over 300 Avast users have been protected from the scam in the past week”, said a December 14, 2021 blog post by Avast, which has noted a proliferation of scams seeking to lure consumers to a so-called Amazon Token.

Avast said the scheme appeared to be an effort to potentially steal personal information for malicious purposes and swindle people out of other cryptocurrencies. “These offers are propagating through malicious advertisements that imitate legitimate news sites and rely on rumors that have been around since July 2021 that Amazon will be offering Tokens for sale”, they said.

According to Avast, the fraudulent posts have appeared in more than a dozen countries and have come amid growing interest in cryptocurrencies such as bitcoin. Amazon has not indicated any participation in a new cryptocurrency, unlike Facebook that has been involved in an effort to launch a global digital coin known as Diem.

In July 2021, in response to a report that it could begin accepting cryptocurrency payments, Amazon indicated it was studying how it might use cryptocurrency but had no specific plans.

Nations Forced To Develop Newer Frameworks For Cybersecurity Due To Pandemic

Legal dignitaries and cyber experts who spoke online at an international conference on Cyberlaw, Cybercrime and Cybersecurity said that after the pandemic triggered a data avalanche on the Internet which dramatically increased vulnerabilities to cyberattacks, nations have been forced to introduce more extensive legal frameworks to ensure data security and privacy for their netizens and cyber sovereignty for themselves.

“It is critical for technology to accurately pinpoint people who contravene with personal data privacy, government security and break the rules of the Internet, the data superhighway. It could be something like a driver’s license as violations are trackable thus easily identifying violators”, said Vint Cerf, Google Chief Internet Evangelist, who is considered one of the ‘fathers of the Internet’.

Globally, some $6 trillion have been lost by nations to cybercrimes in 2020 and more than $8 trillion in losses are estimated in 2021. As per Gartner Research, 63% of the countries all over the world are planning to come up with cyberprivacy-related legislation by 2023 as cybersecurity issues have emerged as a top concern for several governments.

“With cyberlaw is a constantly evolving paradigm, most governments are working on holistic legal methods to safeguard their critical information infrastructure (CIS) and protect rights and digital independence of netizens. New technologies are increasingly putting the focus back on pushing the envelope of cyberlegal jurisprudence globally. So, nations have realized the importance of creating distinctive sub-disciplines of law under the cyberlaw umbrella such as cybersecurity, cybercrime, law for artificial intelligence, blockchain and IoT, among others”, said Pavan Duggal, cyberlaw expert and author of several books on cyber regulations.

At Least $48.9M Earned By Hackers Behind ‘Cuba’ Ransomware, Says FBI

On Friday, the FBI published a warning about a ransomware group Cuba’s attacks that have managed to extort $43.9 million from victims. The hackers have compromised at least 49 entities involved in critical infrastructure sectors, including healthcare, manufacturing, IT, government and finance, says federal investigators.

According to the FBI, the attacks were done through a Windows-based malware program called Hancitor. This program has been around since 2013 and uses phishing emails, Microsoft Exchange vulnerabilities, compromised data and legitimate tools such as PowerShell and PsExec to gain initial access and help spread the Cuba ransomware program across a victim’s network. Aside from downloading malicious programs, spam email campaigns are also one way Hancitor can be delivered to infect a PC. It then proceeds to encrypt files across a computer with the file extension “.cuba.” The ransomware group threatened to dump them over a website on the Dark Web unless ransom is paid thus the victims have to pay up in Bitcoin to decrypt the files. Cuba ransomware actors have received at least $43.9 million out of the $74 million demanded amount.

Some security researchers in Israel suspect that although the ransomware gang uses the name Cuba, they are actually based in Russia, a country that refuses to extradite criminal hackers to the US.

This warning was issued by the FBI as the Biden administration has made it a national security priority to stop ransomware. Victims are urged to report a ransomware attack as soon as possible, otherwise it may be too late for the FBI to respond.

FBI’s email system hacked, sends out fake cybersecurity warnings

The Federal Bureau of Investigation’s email servers were hacked thus sending out thousands of dummy messages. Bleeping Computer reported the fake email states that recipients have become the victims of a sophisticated chain attack. The Spamhaus Project, a nonprofit organization that investigates email spammers was the first to expose these emails.

The hackers managed to send these out to over 100,000 addresses, which were all scraped from the database of American Registry for Internet Numbers. Adding to its legitimate look, hackers used the FBI’s public-facing email system and the headers were authenticated as coming from FBI servers using the Domain Keys Identified Mail process that’s part of the system Gmail uses to stick brand logos on verified corporate emails.

In a press release made by the FBI, they only said that it is an ongoing situation with the impacted hardware already taken offline and that it doesn’t currently have any more information it can divulge.

According to Bleeping Computer, the spam campaign was likely carried out by an individual who goes by the name “Pompompurin” as an attempt to defame Troia. In the past, its the same person that has allegedly tried damaging Troia’s reputation in similar ways. Pompompurin also claims that the hack was meant to highlight the security vulnerabilities within the FBI’s email systems.

The individual said that they exploited a security gap on the FBI’s Law Enforcement Enterprise portal. With a one-time password embedded in the page’s HTML, they managed to sign up for an account. From there, Pompompurin claims they were able to execute a massive spam campaign by manipulating the sender’s address and email body.

With that kind of access, the attack could’ve been much worse than a false alert that put system administrators on high alert. Earlier this month, President Joe Biden mandated a bug fix that calls for civilian federal agencies to patch any known threats. Last May, in the wake of detrimental attacks on the Colonial Pipeline and SolarWinds, Biden signed an executive order that aims to improve the nation’s cyber defenses.

Microsoft To Cut Cybersecurity Workforce Shortage in 2025 By Offering 250,000 Jobs

Microsoft announced on Thursday that it will partner with community colleges in providing a free curriculum across the U.S. and provide free resources in an attempt to help end a shortage in cybersecurity workers. They will also provide training for faculty at 150 community colleges and give scholarships and resources to 25,000 students as part of the effort.

The company aims to help train and hire 250,000 people in the workforce of cybersecurity thus believing it can reduce the country’s workforce shortage by half by 2025.

Microsoft President Brad Smith said in a press conference on Thursday, “We think we can make a meaningful difference in solving half of the cybersecurity jobs shortage. We should be optimistic that in the next 12-24 months we can start to make a real dent.”

The campaign will not only address the shortage but will also play an important role in diversifying the industry. Microsoft found 80% of cybersecurity jobs are held by people who are white and men hold 82.4% of cybersecurity jobs in the US. According to their compiled data, 57% of community college students in the U.S are women and 40% of students identify as African American, Black or Hispanic.

Microsoft said it would spend $20 billion over five years to distribute more up to date security tools and invest $150 million to help government agencies widen training partnerships in cybersecurity and enhance their security systems.

Both the private sector and government officials have pointed to the workforce shortage as a persistent problem as they try to take on potential risks associated with cybercrime.

Top 5 Tips To Help You Combat Cyber-Related Crimes

Though October is Cyber Security Awareness Month, cyber scams are still on the rise. If you’ve noticed that you’ve been getting spam texts or phishy emails—you’re not alone. In fact, an uptick of complaints to FBI’s Internet Crime Complaint Center (IC3) were received. These include significant increase with both business and individual email compromise schemes or simply put, fraud perpetrated through email”, says Matt DeSarno, Special Agent in Charge of the FBI office in Dallas.

With that being said, top cyber security experts share their top 5 tips to help you combat cyber-related crimes.

TIP #1: REGULARLY BACK UP YOUR DATA

Back your files up to the cloud or a server that’s in a different location than where your computer is. Taking your data and just copying it in a different folder on the same computer is not going to work.

TIP #2: ALWAYS MAKE SURE THE SOFTWARE ON YOUR DEVICE IS UP-TO-DATE

Don’t ignore the pop-ups or reminders telling you to update, they’re there for a reason. Most people ignore these notifications and don’t realize that most of them are security updates.

TIP 3: THINK BEFORE YOU CLICK

If you receive emails from people whom you do not personally recognize or if their message somehow makes you suspicious, don’t open them. Right now more than ever, it’s critical to first ponder before you act. Scammers operate based on immediacy and fear, whether in the form of a call, text or email. They want you to respond fast without thinking.

TIP #4: MULTI-FACTOR AUTHENTICATION (MFA) IS ESSENTIAL

When it comes to protecting your accounts, MFA is vital and is not just an option you can forego. More websites are being compromised and being able to prove that you’re you in more ways than one is frankly critical at this point. If you have banks or other financial institutions that don’t offer multifactor authentication, you should bring your business somewhere else safer. 

TIP 5: EDUCATE YOURSELF

Be aware of what kinds of scams are out there. You can gather information from a lot of free online resources. Talk about it with your family and friends, especially grandparents and kids. Though kids are more likely to fall for scams, the elderly have more to lose because of their chance of being scammed for a higher amount. Loneliness is a big factor in being victimized too, as many elders fall into the trap of romance scams.

While these tips may seem basic, we should all take time to step up our game in keeping our information safe from scammers. #BeCyberSmart