Daily Drop (210)
Google Deletes 50 Apps Infected From Joker Malware Attack
FROM THE MEDIA: If you are using an Android phone, you need to be careful. This is why we are saying because the Joker malware has started spreading its terror again. According to Zscaler Threatlabz, the Joker malware has infected 50 apps on the Google Play Store. However, Google immediately removed them from its app store. We have given the list of infected apps below. Experts say that if you are still using any of these apps on your phone, uninstall them immediately. According to the JScaler ThreatLabs team, the Joker, FaceStealer and Copper malware families have recently been found to spread through apps. When the ThreatLabs team informed the Google Android security team about this threat, they quickly removed these malicious apps from the Google Play Store.
READ THE STORY: Globe News Insider
Russian facebook Malware Gang Makes a Comeback
FROM THE MEDIA: The Koobface Gang gained notoriety from 2008 to the 2010s for spreading malware via Facebook and other social networks. Believe it or not, the gang amassed millions of dollars from their online scams while hiding in plain sight in St. Petersburg, Russia. After being publicly identified in 2012, the gang members shut down their operations. A decade has passed since then but the gang or at least one or a couple of its members is back to doing no good. WhoisXML API threat researcher Dancho Danchev uncovered tons of web properties owned by the Koobface gang.
READ THE STORY: Circle ID
North Korea-linked SharpTongue spies on email accounts with a malicious browser extension
FROM THE MEDIA: The SharpTongue’s toolset was detailed in a report published by Huntress in 2021, however, in September 2021, Volexity began observing the use of a previously undocumented malware family. In the last 12 months. Volexity has responded to multiple security incidents involving SharpTongue and, in most cases, threat actors used a malicious Google Chrome or Microsoft Edge extension tracked as “SHARPEXT”. Unlike other extensions used by the Kimsuky APT group, SHARPEXT does not try to steal usernames and passwords, rather, it accesses the victim’s webmail account as they browse it. The current version of the extension supports three web browsers and is able to steal the content of e-mails from both Gmail and AOL webmail.
READ THE STORY: Security Affairs
Microsoft servers are hacked to add proxies
FROM THE MEDIA: The bandwidth of endpoints has been monetized by hackers installing malware on Microsoft SQL servers. Ahnlab discovered a new type of malware known as proxyware, which converts the host device into a proxy(opens in new tab) server that remote users can use for a variety of purposes ranging from testing to content distribution. To encourage people to use proxyware, malware owners pay them a portion of the proceeds; according to the researchers, some can earn up to $6,000 per month for renting out excess bandwidth.
READ THE STORY: BOL News
Staying Ahead of the Distortion of a Cyber Attack
FROM THE MEDIA: Hackers will use data distortion when attacking businesses. For example, suppose criminals hack into your company’s cloud. In that case, they may upload fake documents that tell employees to transfer money from their accounts into the criminals’ accounts or compromise their security even more. A company’s loss of control over its business practices may lead to various risks, which cybercriminals quickly exploit. More and more businesses are using artificial intelligence (AI) to improve efficiency. However, deploying unproven artificial intelligence (AI) could result in unexpected outcomes, including a higher risk of cybercrime.
READ THE STORY: Security Boulevard
Chainalysis Launches Government-Focused Team Offering Solutions for Crypto Crimes
FROM THE MEDIA: After striking up deals with the US government worth tens of millions, Chainalysis has doubled down its efforts to support public agencies’ crypto investigations by providing data tools and advanced technology to track blockchain transactions. In 2020, the firm signed a $625K contract with IRS to develop a tool for tracking privacy coins like Monero and second-layer solutions like Lightning Network, given that the authority aimed to detect and track illicit crypto transactions.
READ THE STORY: CryptoPotato
The “KILL CHAIN” And Why India Should Be Worried
FROM THE MEDIA: “The term kill chain is a military concept, framework, strategy or a doctrine – you may call it by any name – that identifies the all the possible structures of an enemy attack. It consists of: identification of target, dispatching of forces to target, initiation of attack on target and; the destruction of target. Conversely, the idea of “”breaking”” an opponent’s kill chain is a possible method or doctrine of defense which would then dictate either preemptive actions or combative actions. Lockheed Martin has developed a parallel framework for cyber warfare – the Cyber Kill Chain.
READ THE STORY: HWNEWS
The 15-year-old boy who stole 24 million dollars in cryptocurrency
FROM THE MEDIA: Clyde Barrow first struck at age 16. He borrowed a used car from a dealership outside of Dallas and “forgot” to return it. Alphonse “Al” Capone participated in the robbery of a Brooklyn store at 19, his first crime, which secured him the meager amount of just over 10 dollars. Precocious criminals? Perhaps, but wait until you read this. At just 15 years old, Ellis Pinsky, a teenager of Russian descent who was raised in a middle-class home in Irvington, New York, stole the equivalent of 24 million dollars in cryptocurrency. It was not his first cybercrime, but it was his largest and most profitable one.
READ THE STORY: El Pais
A Cyberattack Illuminates the Shaky State of Student Privacy
FROM THE MEDIA: The software that many school districts use to track students’ progress can record extremely confidential information on children: “Intellectual disability.” “Emotional Disturbance.” “Homeless.” “Disruptive.” “Defiance.” “Perpetrator.” “Excessive Talking.” “Should attend tutoring.”
Now these systems are coming under heightened scrutiny after a recent cyberattack on Illuminate Education, a leading provider of student-tracking software, which affected the personal information of more than a million current and former students across dozens of districts — including in New York City and Los Angeles, the nation’s largest public school systems.
READ THE STORY: NYTIMES
India must prepare for AI warfare
FROM THE MEDIA: In 2016, banks had reportedly announced a leak of personal information of 3.2 million debit cards. In 2018, Pune-based Cosmos Bank lost Rs 94 crore in a malware attack. In 2019, the Kudankulam plant was attacked using malware.
India’s national airline Air India has said a cyber-attack on its data servers affected about 4.5 million customers around the world. The breach was first reported to the company in February 2021. In a major cyber-attack, over 2,000 websites were hacked by hacker groups from Indonesia and Malaysia earlier this month.
READ THE STORY: Sunday Guardian Live
India: China compromised US Fed to obtain information, says Senate report
FROM THE MEDIA: In what should trigger alarm bells in the North Block and South Block in New Delhi and the Reserve Bank of India (RBI), a recently released report by United States lawmakers says that China, for the last 10 years, has been infiltrating the Federal Reserve System, the central banking system of the US, to obtain crucial information by recruiting employees working with the organization.
The 48-page report titled, “China’s threat to the Fed: Chinese influence and information theft at US federal reserve banks”, which is a result of the investigation carried out by Republican members on the Senate Homeland Security Committee, states that investigation done by the Fed, too, had identified several employees with connections to Chinese talent recruiters, as well as efforts to gain insight into monetary policy and access to internal data.
READ THE STORY: Sunday Guardian Live
India: China mastermind running sextortion racket on pretext of loan app
FROM THE MEDIA: China mastermind running sextortion racket on pretext of loan app-based sextortion racket on the pretext of offering instant loans.
After pocketing more than Rs50 lakh by threatening over 500 victims in last few months, two of the gang’s operatives — Kaif Ibrahim Sayyed (25) and Irshad Ismail Shaikh (32) — were picked up from Karad in Satara by a team of Ajni police station under zonal deputy police commissioner (DCP) Noorul Hasan on July 25.
READ THE STORY: Times of India
Why dangerous content thrives on Facebook and TikTok in Kenya
FROM THE MEDIA: The shooter approaches from behind, raising a pistol to his victim’s head. He pulls the trigger and “pop,” a lifeless body slumps forward. The shot cuts to another execution, and another. The video was posted on Facebook, in a large group of al-Shabab and Islamic State supporters, where different versions were viewed thousands of times before being taken down.
As Facebook and its competitor TikTok grow at breakneck speed in Kenya, and across Africa, researchers say the tech companies are failing to keep pace with a proliferation of terrorist content, hate speech and false information , taking advantage of poor regulatory frameworks to avoid stricter oversight.
READ THE STORY: WashingtonPost
Drone explosion hits Russia's Black Sea Fleet HQ
FROM THE MEDIA: A drone-borne explosive device detonated Sunday at the headquarters of Russia's Black Sea Fleet, injuring six people, officials said. The explosion at the headquarters in the city of Sevastopol on the Crimean peninsula that Russia annexed from Ukraine in 2014 caused cancellation of observances of Russia's Navy Day holiday.
The Black Sea Fleet's press service said the drone appeared to be homemade. It described the explosive device as “low-power” but Sevastopol mayor Mikhail Razvozhaev said six people were injured in the blast. There was no immediate information on where the drone began its flight; Sevastopol is about 170 kilometers (100 miles) south of the Ukrainian mainland and Russian forces control much of the mainland area along the Black Sea.
READ THE STORY: ABCNEWS
Islamabad: FIA initiates crackdown against dark web operators
FROM THE MEDIA: The Cyber Crime Circle of the Federal Investigation Agency (FIA) is concentrating on people involved in trade of child pornography and sexual harassment through social media. It has initiated a countrywide crackdown on people involved in child pornography trade, the FIA said on Saturday.
Data compiled by different circles of Cyber Crime Wings of FIA indicate most of the cases of trade of children pornography have been busted in Islamabad by the Cyber Crime Wing, which arrested suspect Hasan Nawaz, son of Akhtar Nawaz, who was found involved in child pornography.
READ THE STORY: The News
Items of interest
How to Use Irregular Warfare to Support Partners and Deter Adversaries
FROM THE MEDIA: Recent history has shown that irregular warfare (IW) can be used as a tactic and a strategy to grind down the willingness and capacity of a larger power to pursue its objectives. In Iraq and Afghanistan, the U.S. experienced firsthand the difficulty of engaging combatants dedicated to irregular methods. Now, IW is playing a key role in Ukraine’s ability to resist Russia’s invasion. In the future, it can and likely will be a crucial aspect of small states’ resistance to revanchism. Drawing from recent and ongoing conflicts, the U.S. can harness its knowledge and experience in IW to counteract China and Russia on the global stage, while continuing to engage non-state violent extremist organizations (VEOs). This can be accomplished primarily in two ways: preparing partners and allies to engage in irregular warfare in the event of an attack, and intimidating adversaries by utilizing the prospect of IW as a deterrent.
READ THE STORY: Small Wars Journal
Cyberwarfare: How World War 3 Will Be Fought (Video)
FROM THE MEDIA: Will the next evolution in war technology lead to a war that is fought entirely through hacking and digital attacks? Military technology has changed dramatically in the last 100 years and the digital revolution has only accelerated innovation. Could a war in the digital age kill millions without firing a single bullet?
Cybersecurity, Cyberwarfare and AI (Video)
FROM THE MEDIA: Sean Plankey joins Dave Anderson in this session to chat live about his experience working in the White House for the US Government defining a cyber strategy that changed the way in which the US responds to cyber criminals. Today Sean is a leader at DataRobot, utilizing AI to fight cyber within Enterprise and Government accounts.
These open source products are reviewed from analysts at InfoDom Securities and provide possible context about current media trends in regard to the realm of cyber security. The stories selected cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not specifically endorse any third-party claims made in their original material or related links on their sites, and the opinions expressed by third parties are theirs alone. Contact InfoDom Securities at email@example.com