recentpopularlog in

charlesarthur : virus   13

Beware the Apple iCloud phone phishing scam • Frequent Business Traveler
:
<p>Scammers have a new and improved way to fool people. A new phone-based phishing scam spoofing Apple’s official support number is likely to take a lot of people by surprise and result in those being called providing the scammers with sensitive information.

The call mimics an official Apple support call, displaying Apple’s logo, Cupertino address, and real toll-free number (800 692-7753). This is the same number, displayed as 800 MY-APPLE, when Apple customers request a call from the company.

Several FBT staffers have reported getting such calls in recent weeks. The calls are not identified by T-Mobile (the mobile operator used by our parent company, Accura) as “Scam Likely” even though it is clear that Apple’s number is being spoofed.

The automated message states that the recipient’s iCloud account “has been compromised” and that he should “stop going online.” The automated message then prompts the caller to dial a toll-free number with an 866 prefix for Apple support.

Typically, Apple’s automated system would prompt the caller to press “1” to be connected to Apple support.

I tried calling the 866 number, which was answered by a main greeting that told me I had reached Apple support and provided an expected wait time. The call was answered by a man with a vague Indian accent who, after asking the reason for my call, disconnected it.</p>


So much excess capacity in Indian call centres; seems like they've found a new version of their virus scam.
india  callcentre  virus  scam  icloud 
5 weeks ago by charlesarthur
Revealed: how a secret Dutch mole aided the U.S.-Israeli Stuxnet cyberattack on Iran • Yahoo News
Kim Zetter and Huib Modderkolk:
<p>For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran’s nuclear program: How did the US and Israel get their malware onto computer systems at the highly secured uranium-enrichment plant?

The first-of-its-kind virus, designed to sabotage Iran’s nuclear program, effectively launched the era of digital warfare and was unleashed some time in 2007, after Iran began installing its first batch of centrifuges at a controversial enrichment plant near the village of Natanz.

The courier behind that intrusion, whose existence and role has not been previously reported, was an inside mole recruited by Dutch intelligence agents at the behest of the CIA and the Israeli intelligence agency, the Mossad, according to sources who spoke with Yahoo News.

An Iranian engineer recruited by the Dutch intelligence agency AIVD provided critical data that helped the US developers target their code to the systems at Natanz, according to four intelligence sources. That mole then provided much-needed inside access when it came time to slip Stuxnet onto those systems using a USB flash drive.</p>


Why the Dutch, you ask? Because:
<p>the centrifuges at Natanz were based on designs stolen from a Dutch company in the 1970s by Pakistani scientist Abdul Qadeer Khan. Khan stole the designs to build Pakistan’s nuclear program, then proceeded to market them to other countries, including Iran and Libya.</p>


I wonder if the Stuxnet story has been optioned for a film. It really should have been.
stuxnet  virus 
6 weeks ago by charlesarthur
Ebola now curable after trials of drugs in DRC, say scientists • The Guardian
Sarah Boseley:
<p>Ebola can no longer be called an incurable disease, scientists have said, after two of four drugs being trialled in the major outbreak in the Democratic Republic of the Congo were found to have significantly reduced the death rate.

ZMapp, used during the massive Ebola epidemic in Sierra Leone, Liberia and Guinea, has been dropped along with Remdesivir after two monoclonal antibodies, which block the virus, had substantially more effect, said the World Health Organization and the US National Institute of Allergy and Infectious Diseases, which was a co-sponsor of the trial.

The trial in the DRC, which started in November, has now been stopped. All Ebola treatment units will now use the two monoclonal antibody drugs.

“From now on, we will no longer say that Ebola is incurable,” said Prof Jean-Jacques Muyembe, the director general of the Institut National de Recherche Biomédicale in DRC, which has overseen the trial. “These advances will help save thousands of lives.”</p>
ebola  virus 
9 weeks ago by charlesarthur
Samsung accidentally makes the case for not owning a smart TV • The Verge
Jon Porter on Samsung's <a href="https://twitter.com/samsungsupport/status/1140409768743452672?s=12">bizarre tweet</a> suggesting owners of its smart TVs should do a virus scan every few weeks or so:
<p>There haven’t been any recent security vulnerabilities reported for Samsung’s smart TVs, but back in 2017 WikiLeaks revealed that the CIA had developed a piece of software called “Weeping Angel” that was capable of turning Samsung’s smart TVs into a listening device. Less than a month later a security researcher found 40 zero-day vulnerabilities in Samsung’s smart TV operating system, Tizen. At the time, Samsung released a blog post detailing the security features of its TVs, which includes its ability to detect malicious code on both its platform and application levels.

Virus scans are another reminder of how annoying modern smart TVs can be. Sure, they have pretty much every streaming app under the sun built in, and Samsung’s models can even be used to stream games from a local PC. But they also contain microphones that can be a privacy risk, and are entrusted with credit card details for buying on-demand video content. Even when everything’s working as the manufacturer intended, they can be yet another way of putting ads in front of you, either on your home screen or even in some cases directly into your own video content.

Samsung’s little PSA about scanning for “malware viruses” (eh hem) might be a sound security practice on a Samsung smart TV, but it’s also an excellent reminder for why you might not want to buy one in the first place.</p>


The microphones are obviously for voice commands. The world is full of microphones.
security  samsung  tv  virus 
june 2019 by charlesarthur
Hated and hunted: the ransomware cracker • BBC News
Joe Tidy:
<p>[Fabian Losar's] unassuming terraced house on the outskirts of London has no decorative furnishings at all. No pictures or paintings adorn the walls. No lamps or plants. The shelves are empty except for a collection of Nintendo games and some computer coding manuals.

He owns one board-game called Hacker: The Cyber Security Logic Game, which he admits he’s very good at - although he’s only ever played it alone. In short, his home isn’t very homely but this cheery, energetic young German doesn’t seem to mind. He even admits to spending “98%” of his time at home as he works from his office upstairs.

“I’m one of those people who if I don’t really have a reason to go outside, I won’t,” he says.

“I don’t really like to leave the house unless I have to. I do nearly all my shopping online and get everything delivered. I don’t really like too many things around as I spend nearly all of my time working.”

Strangely, Fabian has chosen the smallest room in his house to set up his office. This is where, with the curtains closed, he toils away for most of his waking life gaining grateful fans and hateful, dangerous enemies around the world.

He works remotely for a cyber security company, often sitting for hours at a time working with colleagues in different countries.

When he’s “in the zone”, the outside world becomes even less important and his entire existence focuses on the code on his screen. He once woke up with keyboard imprints all over his face after falling asleep during a 35-hour session.

All of this to create anti-ransomware programs that he and his company usually give away free. Victims simply download the tools he makes for each virus, follow the instructions and get their files back. You can see how he has built up such a vengeful group of angry cyber criminals.</p>


Losar has moved to an "unknown location" since he spoke here. You can imagine there are some people who really wish very bad things for him.
internet  ransomware  virus  hacking 
march 2019 by charlesarthur
Iran accuses Israel of failed cyber attack • Yahoo News
<p>Iran's telecommunications minister accused Israel on Monday of a new cyber attack on its telecommunications infrastructure, and vowed to respond with legal action.

This followed comments from another official last week that Iran had uncovered a new generation of Stuxnet, a virus which was used against the country's nuclear program more than a decade ago.

"The Zionist regime (Israel), with its record of using cyber weapons such as Stuxnet computer virus, launched a cyber attack on Iran on Monday to harm Iran's communication infrastructures," Telecommunications Minister Mohammad Javad Azari-Jahromi said.

"Thanks to our vigilant technical teams, it failed," he said on Twitter. Iran would take legal action against Israel at international bodies, he added, without giving details.</p>


Follows on from this in the Times of Israel:
<p>Iranian infrastructure and strategic networks have come under attack in the last few days by a computer virus similar to Stuxnet but “more violent, more advanced and more sophisticated,” and Israeli officials are refusing to discuss what role, if any, they may have had in the operation, an Israeli TV report said Wednesday.

The report came hours after Israel said its Mossad intelligence agency had thwarted an Iranian murder plot in Denmark, and two days after Iran acknowledged that President Hassan Rouhani’s mobile phone had been bugged. It also follows a string of Israeli intelligence coups against Iran, including the extraction from Tehran in January by the Mossad of the contents of a vast archive documenting Iran’s nuclear weapons program, and the detailing by Prime Minister Benjamin Netanyahu at the UN in September of other alleged Iranian nuclear and missile assets inside Iran, in Syria and in Lebanon.</p>


Pretty difficult to figure out what's going on. Probably more than Iran is admitting, less than Israel is claiming.
iran  israel  virus  cyberattack 
november 2018 by charlesarthur
A deepfakes spinoff website is quietly mining cryptocurrency under the guise of fake porn • Motherboard
Samantha Cole:
<p>“Deepfakes” are videos created using a machine learning algorithm that swaps one person’s face onto another person’s body. Most frequently, this is used to put a celebrity’s face on a video of a porn performer.

Some deepfakes fans are attempting to avoid watchful admin eyes by setting up their own websites, independent of other platforms. But at least one of these websites, called Deepfakes.cc, contains malware that hijacks visitors’ computing power to mine cryptocurrency without alerting the user. Deepfakes enthusiasts may make particularly good miners: The profitability of cryptocurrency mining depends on a computer’s power, and people running machine learning programs may have more powerful CPUs than the average consumer.

A member of the r/fakeapp subreddit (which was not banned because it does not allow porn) first pointed out the surreptitious mining on deepfakes.cc, in an attempt to alert other members of the issue. Motherboard ran the site through an online antivirus program; it showed that deepfakes.cc is running code from Coinhive’s in-browser miner.

This appears to be a Coinhive browser miner. Motherboard viewed the site’s source code and confirmed that mining is taking place…</p>
Virus  bitcoin 
february 2018 by charlesarthur
Exclusive: Hackers hit Russian bank customers, planned international cyber raids • Reuters
Jack Stubbs:
<p>Russian cyber criminals used malware planted on Android mobile devices to steal from domestic bank customers and were planning to target European lenders before their arrest, investigators and sources with knowledge of the case told Reuters.

Their campaign raised a relatively small sum by cyber-crime standards - more than 50 million roubles ($892,000) - but they had also obtained more sophisticated malicious software for a modest monthly fee to go after the clients of banks in France and possibly a range of other western nations.

Russia's relationship to cyber crime is under intense scrutiny after U.S. intelligence officials alleged that Russian hackers had tried to help Republican Donald Trump win the U.S. presidency by hacking Democratic Party servers.

The Kremlin has repeatedly denied the allegation.

The gang members tricked the Russian banks' customers into downloading malware via fake mobile banking applications, as well as via pornography and e-commerce programs, according to a report compiled by cyber security firm Group-IB which investigated the attack with the Russian Interior Ministry.

The criminals - 16 suspects were arrested by Russian law enforcement authorities in November last year - infected more than a million smartphones in Russia, on average compromising 3,500 devices a day, Group-IB said.</p>


This seems to have been taking advantage of flaws in Android OS, but without more detail it's hard to be sure. Killer quote from a Sherbank spokeswoman:
<p>"It isn't clear which specific group is being referred to here because the fraudulent scheme involving Android OS (operating system) viruses is widespread in Russia and Sberbank has effectively combated it for an extensive period of time."</p>
russia  malware  virus  banking 
may 2017 by charlesarthur
Software security suffers as upstarts lose access to Google-owned virus data | Reuters
Joseph Menn:
<p>A number of young technology security companies are losing access to the largest collection of industry analysis of computer viruses, a setback industry experts say will increase exposure to hackers.

The policy change at the information-sharing pioneer VirusTotal takes aim mainly at a new generation of security companies, some with valuations of $1 billion or more, that haven't been contributing their analysis. Older companies, some with market valuations much smaller than the upstart rivals, had pressed for the shift.

Alphabet Inc's Google runs the VirusTotal database so security professionals can share new examples of suspected malicious software and opinions on the danger they pose. On Wednesday, the 12-year-old service quietly said it would cut off unlimited ratings access to companies that do not share their own evaluations of submitted samples.</p>
security  virus  google 
may 2016 by charlesarthur
Malware is getting nastier, but that shouldn’t matter » Computerworld
Steven Vaughan-Nichols:
<p>Another thing to keep in mind is that there are overwhelming odds that you would have to be running Windows for the malware to pose any sort of threat to you. Sure, it’s possible to hack Linux and Mac OS X, but the vast majority of attacks are almost always on Windows PCs. That’s not because Windows users are dumber than Linux and Mac users (well, I’m not going to say that, anyway); it’s just that there are a whole lot more of them.

But let’s say that you are running Windows. That hardly means you’re doomed. For the malware to get a toehold, you need to open a Windows format file — from a stranger. And why would you do that? Opening a Windows format file sent by someone you don’t know has been a mug’s move since the late ’90s, when Word macro Trojans, such as Melissa, were the last word in malware attacks.

Let me remind you of some security commandments that many of you seem to have forgotten…</p>


Vaughan-Nichols then launches into a four-point list of mansplaining, or maybe virusplaining or Trojansplaining. Whichever, he completely misses the point. Users aren't "stupid" for doing things that <em>they have been trained by software companies to do</em> for years - such as clicking "update" or "open" and ignoring warnings, because the warnings are too frequent and the explanations of why doing them is bad are too obscure.

As for "the vast majority of attacks are almost always on Windows PCs" - this is hardly a surprise.
windows  virus 
april 2016 by charlesarthur
TeslaCrypt: Following the money trail and learning the human costs of ransomware « FireEye Threat Research
Nart Villeneuve:
We tracked the victims’ payments to the cybercriminals—available because the group used bitcoin—and determined that between February and April 2015, the perpetrators extorted $76,522 from 163 victims. This amount may seem trivial compared to millions made annually on other cyber crimes, or the estimated $3m the perpetrators of CryptoLocker were able to make during nine months in 2013-14.  However, even this modest haul demonstrates ransomware’s ability to generate profits and its devastating impact on victims.

The online correspondence between the victims and the cybercriminals provides context regarding the effect on peoples' lives. The victims were spread across the globe from students in Iran and Spain to regular folks in the United States, Brazil, Argentina, Germany, Croatia and Mongolia. Some feared being expelled from school or fired by their employers if they are unable to retrieve their files. Fathers and mothers were devastated by the loss of family photos. The TeslaCrypt ransomware also affected nonprofits, including an organization dedicated to curing blood cancer, as well as small businesses. Many of the victims were simply unable to afford to pay the ransom and gave up.


Some of the conversations are heartbreaking. Weirdly, the extortionists sometimes cut their price for personal circumstances.
ransomware  security  virus 
may 2015 by charlesarthur
Chinese internet users: beware mobile payment frauds » TechNode
Emma Lee:
Nowadays, Chinese internet users tend to make payments and bank transfers on-the-go, via public WiFi networks because it is just there and free. However, this habit could make you easy prey for hackers who set up fraudulent WiFi in shopping malls or entertainment centers.

Once WiFi squatters connect their mobile device to this network, their personal information is in danger of being stolen. If they conduct any kind of purchase or transfer in the meantime, hackers can record their IP address and information at the back-end, and then steal their accounts and passwords.

Although QR codes never quite took off in the West, they have become immensely popular in China as customers scan codes to find friends, make payments, exchange information, redeem coupons, follow services on WeChat, and so on. Hackers can embed a virus to QR codes so that anyone scanning them will automatically download a virus to their smartphones. Personal information from phone numbers to bank details and passwords can be stolen in seconds.

In this case, hackers send out short messages in fraudulent bank service numbers to lure users to log in to a fake website. Once customers input bank accounts and passwords on the site, hackers will steal the information and be able to access the money in their bank accounts.


Huh.
china  internet  qr  virus 
march 2015 by charlesarthur
Spam uses default passwords to hack routers » Krebs on Security
Brian Krebs:
In case you needed yet another reason to change the default username and password on your wired or wireless Internet router: Phishers are sending out links that, when clicked, quietly alter the settings on vulnerable routers to harvest online banking credentials and other sensitive data from victims.
banking  virus  router 
march 2015 by charlesarthur

Copy this bookmark:





to read