An annual survey on cyber-crime tendencies found that computer hackers dedicated to accessing computers, stealing information and causing problems are more technologically advanced than those in charge of stopping them. The survey was sponsored by the consultancy firm PwC of San Jose California, the Secret Service, Carnegie Mellon University’s Program Engineering Institute and the specialized magazine CSO.
The survey of 500 business executives, police forces and US government agencies revealed that 75% of respondents had detected a security breach during the previous year, and each organization suffered an average of 135 intrusions. “Despite significant investments in cyber-safety technologies, cyber-criminals keep finding ways to bypass these technologies to obtain profit-generating susceptible information,” said Ed Lowery, chief of the Secret Services’ criminal investigation division.
Lowery said companies and the government should adopt “a radically different approach on cyber-safety,” one that transcends antivirus programs, employee training, close collaboration with contractors and the installation of more strict processes.
The five most frequent attack methods, according to the survey, are “phishing,” or mass email with fake senders to steal information and passwords, malware, network interruption, espionage software and service denial attacks. 28% of respondents said hackers were members of the organization, whether contractors, providers, employees or former employees.
A new fraud modality is gaining popularity in some business establishments of Caracas. A “trick” with POS terminals is the key of this swindle in which customers see double charges in their accounts. Learn about it step by step:
Users pay their purchases with their debit card as usual. After entering their pin, the receipt comes out blank.
The cashier says they made a mistake by installing the paper roll on the wrong side and guarantees the customer that due to the technical defect the money was not debited from their accounts. They then urge the customer to swipe their card a second time to they can pay for their purchase.
Customers agree to swipe the card one more time. At this point, the cashier uses a different POS that “isn’t damaged” to carry out the operation.
Customers swipe their cards and the transaction goes through.
Although there’s no receipt for the first transaction, the terminal’s screen indicates whether it was “approved” or “rejected.” In this scam, the money is taken from the account twice, once in the “damaged” POS and once in the one working fine.
The “trick” of using two different POS terminals is critical at the time of a complaint.
What to do?
Keep sight of your card and be aware of the operation of POS terminals.
If an irregular situation arises and you’re required to use your card a second time, make sure you’re making the transaction on the same POS terminal.
You may ask for a transaction report from the POS terminal in which you made your transaction. This report indicates all transactions that went through so far in the day and indicate the amount, card number (first four and last four digits), approval numbers and time. If different POS terminals were used, checking this information is more complex.
Contact your bank to verify whether the transaction went through.
WhatsApp is once again in the spotlight due to a new vulnerability found by two Spanish hackers that allows attackers to assume the sender’s identity. However, it’s a complicated bug and it’s not within reach for the average user.
This bug lets an attacker modify the sender of any WhatsApp message to pretend being someone else, such as a friend, and thus tricking them into visiting a link containing malware.
The vulnerability has been informed to the App’s representatives as their goal is to solve these problems to prevent their use by hackers with worse intentions. However, it’s a weakness that can be easily exploited by unscrupulous hackers.
Although it’s hard to use, the dangerous potential will force WhatsApp to take measures to solve this issue.
Android keeps getting stronger in the market: currently, 81% of devices have this operating system installed. In the Trends 2014 reports: the challenge of Internet privacy, developed by ESET (a computer safety firm) in November, 2013, showed the increasing number of attacks against the platform, as comparing single detections in 2012 and 2013, it is possible to device a 63% increase worldwide.
Moreover, last year, ESET researchers identified new Android threats that were previously known for Windows and other non-mobile platforms: DropperTrojan, ClickerTrojan and Bank Trojan. Also, in 2013, the company released a research paper on Hesperbot, an advanced bank trojan. Part of this malware’s model was based on violating apps for Android, Symbian and Blackberry OS and thus avoiding the multifactor authentication they use when they sign into some banks.
Here are a few tips for users to stay clear of these threats:
Only install applications from the official app store. Using genuine software from official sources and repositories helps minimize the possibility of becoming a victim of malware code.
Implement an integral security solution. It must be able to proactively detect malware, screen unwanted messages, checking your phone’s right settings and offering the possibility to remotely erase all the information stored in case of robbery or loss.
Update your smartphone’s operating system and applications. As with computers, updating the operating system and programs is necessary to obtain security updates and new functionalities.
A group of cybercriminals developed a system to rob ATMs by sending them an SMS that activates a malware inside them so they spit bills out, reported the firm Symantec.
The attack is based on the malware Ploutus, which was detected in ATMs in Mexico. This malware takes advantage of a vulnerability of Windows XP, which is in 95% of ATMs in the world.
To load Ploutus in an ATM they need to access the CD-ROM unit or a USB port, something attackers have previously done by breaking the locks or simply drilling holes in the box to get to the computer and then covering them.
In this modified version, it is necessary to connect a mobile telephone to the ATM using tethering USB, which allows the machine to share internet with the mobile device, and also keeps it charged. Then, the criminals send commands via SMS to the phone connected to the ATM, activating the malware Ploutus. With this activation, the ATM instantly spits out the amount of money previously setup in the virus.
Criminals operate this way with several people that go withdraw the money they ordered via SMS, with no need to learn numerical codes or anything special. This type of robbery does not involve card cloning or accessing people’s accounts, but it will affect the banks0 funds.
Symantec has indicated several measures to stop this type of attack, although the most efficient one would be to update the operating system.
Panda security recently discovered a new mass attack on Android users. This time it’s a much elaborated Facebook-originated campaign in which cybercriminals post ads promoting different applications. Panda Security already contacted Facebook to warn them about this malware campaign in the popular social network.
Users navigate Facebook on their Android devices and find different posts on the Wall called “Suggested Advertising,” announcing Whatsapp utilities such as “Would you like to know how to see your friends’ Whatsapp conversations? Find out here!” or “Do you want to hide your Whatsapp connection? Download the app so people can’t see you.” Victims who click on these ads are redirected to a fake version of Google Play, the Android app store. Then, thinking they’re in the original site, they’ll download the free app, which is actually a Trojan that will subscribe them to a Premium SMS service without notice.
The Trojan monitors all text messages received and if the sender is the Premium SMS service number, it intercepts it and eliminates it so there’s no trace of it. However, this technique does not work on the latest Android 4.4 version (KitKat), so the Trojan authors came up with a tactic to overcome this obstacle: as the victim receives a message, the phone goes to silent mode for a couple of seconds and then the message gets marked as read on the inbox. The application includes an SMS counter so, when the first message from the SMS Premium service is received, it can read it to obtain the necessary PIN, registering it in the corresponding confirmation website to activate the paid messaging service.
Cybercriminals don’t only use Whatsapp, but use the same technique with any theme that could work, such as: “shocking videos”, “Candy Crush tricks”, “Angry Birds tricks”, etc.
Two South Korean hackers have allegedly stolen personal information from nearly 12 million KT clients, the largest mobile operator in the Asian country, local authorities informed.
The information subtracted and later sold includes the names, DNI numbers, place of work and banking information of the affected clients, which represent three quarters of KT’s users, said the Metropolitan Police Agency of Incheon, a city west of Seoul.
The two hackers, aged 29 and 38, identified by their last names as Kim and Jung, respectively, hacked into the South Korean telecommunication company’s computer system using a program they developed, said the police report. This program allowed them to extract the clients’ information by randomly inserting 9-digit verification numbers, according to the authorities.
The police think the suspects, who have been arrested along with a third person also allegedly involved, started stealing information on February and got up to 300,000 files in a single day. According to the police report, that would have made them around 11,500 million Won (7.86 million Euro) using the stolen information to sell mobile devices.
Data leaking is a sensitive subject in South Korea since the personal and banking profiles of nearly 20 million people fell in the wrong hands on January, representing almost all clients of the nation’s main banking institutions.