Connect Now

‘Dronejacking’ may be the next big cyber threat

Posted on December 5, 2016 //
Next targets: Companies like Amazon, DHL and UPS are expected to use drones for package deliveries – becoming potential targets for criminals, the report said. — Deutsche Post/DHL

test

WASHINGTON: A big rise in drone use is likely to lead to a new wave of “dronejackings” by cybercriminals, security experts warned.

A report by Intel’s McAfee Labs said hackers are expected to start targeting drones used for deliveries, law enforcement or camera crews, in addition to hobbyists.

”Drones are well on the way to becoming a major tool for shippers, law enforcement agencies, photographers, farmers, the news media, and more,” said Intel Security’s Bruce Snell, in the company’s annual threat report.

Snell said the concept of dronejacking was demonstrated at a security conference last year, where researchers showed how someone could easily take control of a toy drone.

”Although taking over a kid’s drone may seem amusing and not that big of an issue, once we look at the increase in drone usage potential problems starts to arise,” he said.

The report noted that many consumer drones lack adequate security, which makes it easy for an outside hacker to take control.

Companies like Amazon and UPS are expected to use drones for package deliveries – becoming potential targets for criminals, the report said.

”Someone looking to ‘dronejack’ deliveries could find a location with regular drone traffic and wait for the targets to appear,” the report said.

”Once a package delivery drone is overhead, the drone could be sent to the ground, allowing the criminal to steal the package.”

The researchers said criminals may also look to steal expensive photographic equipment carried by drones, to knock out surveillance cameras used by law enforcement.

Intel said it expects to see dronejacking “toolkits” traded on “dark web” marketplaces in 2017.

”Once these toolkits start making the rounds, it is just a matter of time before we see stories of hijacked drones showing up in the evening news,” the report said.

Other predictions in the report included a decrease in so-called “ransomware” attacks as defences improve, but a rise in mobile attacks that enable cyber thieves to steal bank account or credit card information.

The report also noted that cybercriminals will begin using more sophisticated artificial intelligence or “machine learning” techniques and employ fake online ads. — AFP

Source: The Star Online

Filed Under: Security, Technology //

Apple lists top 25 apps hit by malware in first major attack

Posted on September 25, 2015 //
An Apple logo hangs above the entrance to the Apple store on 5th Avenue in the Manhattan borough of New York City, July 21, 2015. Reuters/Mike Segar


An Apple logo hangs above the entrance to the Apple store on 5th Avenue in the Manhattan borough of New York City, July 21, 2015.
Reuters/Mike Segar

Apple Inc said the WeChat messaging app and car-hailing app DiDi Taxi were among the 25 most popular apps that were found to be infected with malicious software, the first-ever large-scale attack on its App Store.

The company had not previously disclosed which apps had been affected, although many had been identified by third parties.

Apple said on Sunday it was cleaning up its App Store after several cybersecurity firms reported that unknown hackers had embedded a malware, dubbed XcodeGhost, in hundreds, possibly thousands, of Chinese apps.

“We have no information to suggest that the malware has been used to do anything malicious,” Apple said in its XcodeGhost Q&A Web page on Thursday.

Other infected apps include Baidu Inc’s Baidu Music app, a music app from Internet portal NetEase Inc and the 58 Classified-Job, Used Cars, Rent app.

Tencent Holdings Ltd owns WeChat.

This is the first reported case of large number of malicious software programs making their way past Apple’s stringent app review process.

Cyber security firm FireEye Inc said earlier this week that the security breach was much bigger than previously thought, affecting more than 4,000 apps on the App Store, compared with the earlier estimate of 39.

Prior to this attack, a total of just five malicious apps had ever been found in the App Store, according to cyber security firm Palo Alto Networks Inc.

Apple said on Thursday it was working with developers to get the apps back on the App Store and was blocking new apps that contained the malware.

The company also said some of the affected apps could be fixed through updates.

The hackers targeted the App Store using a counterfeit version of Xcode “toolkit”, Apple’s app-building software.

Many Chinese app developers downloaded the tainted software kit instead of the original one because of the slow download speeds from Apple’s official servers located overseas.

Apple said it was working to make Xcode faster for Chinese developers to download.

Source: Reuters

Filed Under: Security //

WhatsApp bug opened door to hacking

Posted on September 11, 2015 //
Fixed: A flaw in the Web version of WhatsApp made it possible for hackers to hide malicious code in seemingly innocent “vCards” containing contact information. — AFP

Fixed: A flaw in the Web version of WhatsApp made it possible for hackers to hide malicious code in seemingly innocent “vCards” containing contact information. — AFP

SAN FRANCISCO: WhatsApp recently patched a flaw that left 200 million users vulnerable to being hacked using booby-trapped digital cards for contact details, according to a US computer security firm.

Facebook-owned messaging application WhatsApp boasts more than 900 million users, some 200 million of them who access the service on computer browser software that mirrors activity from mobile devices.

A flaw in the Web version of WhatsApp made it possible for hackers to hide malicious code in seemingly innocent “vCards” containing contact information.

Opening tainted cards allowed viruses to infect computers, potentially allowing hackers to steal control or information, according to an online post by Check Point computer security firm.

Hackers would only need a target’s smartphone number and for the person to open the “vCard.”

Check Point said that it disclosed the vulnerability to WhatsApp last month and that an updated version of the application was released. — AFP

Source: The Star Online

Filed Under: Mobile World, Security, Technology //

Google Malaysia service disrupted by hackers

Posted on April 14, 2015 //
A computer user poses in front of a Google search page in this photo illustration taken in Brussels

A computer user poses in front of a Google search page in this photo illustration taken in Brussels, May 30, 2014. Reuters/Francois Lenoir

 

Internet users were denied access to Google Inc’s Malaysia website on Tuesday, and were redirected to a hacked page saying “Google Malaysia Hacked by Tiger-Mate #Bangladeshi Hacker.”

The company has reached out to the organization that manages the domain name to resolve the issue, MYNIC, a Google Malaysia spokesperson said in a statement to Reuters.

MYNIC is operated by the country’s ministry of communications and multimedia, and is the administrator for all websites ending with “.my,” according to the company’s website.

The website for Malaysia Airlines experienced a similar problem in January, but the airline quickly reassured users that their bookings and private data had not been compromised.

Source: Reuters

Filed Under: Security //

China shuts 50 websites and social media accounts

Posted on January 14, 2015 //
A picture illustration shows a WeChat app icon in Beijing, December 5, 2013. Credit: Reuters/Petar Kujundzic

A picture illustration shows a WeChat app icon in Beijing, December 5, 2013.
Credit: Reuters/Petar Kujundzic

China has closed 50 websites and social media accounts for violations ranging from pornography to “publishing political news without a permit”, Beijing’s cyberspace watchdog said on Tuesday.

The government is pursuing a crackdown on unwanted material online. Critics say the increasing restrictions further limit free speech in the one-party Communist state.

Authorities shut 17 public pages on the mobile social messaging app Weixin, also known as WeChat in English, as well as 24 websites and 9 channels or columns on websites, the Cyberspace Administration of China (CAC) said in a statement on its website (www.cac.gov.cn).

The Weixin accounts were shut down during the past two months, the state-run news agency Xinhua said.

Some of the other offences listed by CAC include publishing fake information under the guise of the government or media, and publishing information related to gambling or fraud.

Jiang Jun, a spokesman for the cyberspace watchdog, said the CAC would regularly publish a “black list” of violators, according to the statement.

Last fall, Xinhua said the cyberspace watchdog had closed nearly 1.8 million accounts on social networking and instant messaging services since launching an anti-pornography campaign earlier in the year.

In 2014, authorities received almost 11 million reports of what was described as harmful information online, Xinhua reported separately on Tuesday.

In November, Chinese officials called for controls on the Internet to preserve stability.

With a population of 1.4 billion and 632 million people online, China is a market no one wants to miss out on. But it also has the world’s most sophisticated online censorship system, known outside the country as the Great Firewall.

It blocks many social media services, such as Twitter, Facebook, YouTube, Instagram, Snapchat and Google, along with many rights groups sites and some foreign media agencies.

Source: Reuters

 

Filed Under: Business Tech, Mobile World, Security, Technology //

Banker Malware Targeting Malaysian Internet Banking User

Posted on September 25, 2014 //

MyCERT Alert

1.0 Introduction

MyCERT had received several reports regarding a malware that targets Malaysian Internet banking customers. Based on our initial analysis, we found this campaign uses the Zeus banking malware family as its Modus Operandi in this campaign.

Attacker will infect victim’s computers with Zeus banker malware which will inject modified fake contents or page while a user is browsing a legitimate online banking website.

2.0 Affected Systems

Based on our initial analysis of a sample incident, we found the below is the affected system:

2.1 Smartphone running on Android
2.2 Vulnerable and unpatched Windows Operating System

3.0 Impact

3.1 The malware will inject a modified fake contents that looks like a real online banking website when user is browsing a legitimate online banking website, in which the content will request victim’s smartphone operating system and mobile number.

3.2 The malware will SMS to the smartphone a malicious APK and infect the smart phone in order to establish callback with the attackers for further instructions.

4.0 Technical Details

Attacker will infect victim’s computers with Zeus banker malware which will inject modified contents when users is browsing a legitimate online banking website, as shown in the below sample image of the injected page.

mycert-636.jpg

The modified content will prompt user to choose their smartphone Operating System and provide their phone number as well. With the phone number information, attacker will send SMS containing link to a malicious APK known as Zitmo malware to the victim’s smartphone, purportedly to be a an online banking verification certificate.

Once the APK is installed in the smartphone, a popup message will appear and the Zitmo malware will attempt to make callback to attacker through SMS and wait for further instruction.

Few days later, attacker will login to victim’s online banking account using the stolen credentials and perform online transaction successfully by using intercepted TAC number.

The mobile malware has been discovered since late September 2010 but first time being used in malware campaign targeting Malaysian Online Banking users.

5.0 Recommendation

5.1 For laptop/PC User:

1) Install robust anti-virus, anti-spyware and firewall software on your computer and other devices and configure it to update regularly.

2) Perform regular scans of your systems for malware and other risks.

3) Operating system providers such as Microsoft, periodically releases updates and patches that improve the security of your operating system. You should periodically check for these updates and keep your system current or configure it to do so automatically.

4) When accessing to online banking, make sure there is no pop-up/window that requires personal info such as credit card number, smartphone platform(Android/iOS) etc. Do not enter those information if required.

5) Use only a dedicated computer or laptop to do online banking

6) If you suspect your bank account has been compromised or spot any activity you have not authorized, please notify your banking provider immediately.

7) Please ensure you logout properly at the end of each session by clicking log-out button. Do not exit by simply closing the browser window.

8) If you come across anything suspicious when you do banking online such as unusual web pages asking for banking information, notify your bank provider immediately.

9) Never respond to any email/advertisements requesting you to provide your login details or log in via a link sent in an email/applications. The bank will never send you a mail or provide links in any applications like that, and such a request is likely to be a phishing attempt.

5.2) For Smartphone Users:

1) Verify an app’s permission and the app’s author or publisher before installing it.

2) Do not click on adware or suspicious URL sent through SMS/messaging services. Malicious program could be attached to collect user’s information.

3) Since URL on mobile site appears differently from desktop browser, make sure to verify it first.

4) Always run a reputable anti-virus on your smartphone/mobile devices, and keep it up to date regularly.

5) Don’t use public Wi-Fi networks for bank transactions and turn off Bluetooth connection when not in use. These can be open windows for eavesdroppers intercepting the transaction or installing spyware and other malware on user’s smartphone/tablet.

6) Update the operating system and applications on smartphone/tablet, including the browser, in order to avoid any malicious exploits of security holes in out-dates versions.

7) Do not root or otherwise ‘Jailbreak’ your phone; avoid side loading
(installing from non-official sources) when you can. If you do install Android software from a source other than the Market, be sure that it is coming from a reputable source.

6.0 References

6.1. Kapersky report on Zitmo malware

6.2. ATSEngine

Source: CyberSecurity Malaysia

Filed Under: Mobile World, Security //