There is not much you can do when one of the social media or messaging app giants you use was attacked by threat actors, and all your critical information has now fallen into their hands. The need to adopt cybersecurity measures and maintain cyber hygiene is more than ever before. This week’s headlines discuss the newest security firm mergers, investments, and serious hacks, among other crucial developments in the cyber world.
Are Messaging Apps Providing End-to-End Encryption?
When a bug was detected in the group FaceTime calls on iOS in 2019 (where the hackers could switch on the microphone and camera and eavesdrop on the call recipient without them clicking on anything), it made cybersecurity researcher Natalie Silvanovich curious. She explored if such bugs existed in other messaging apps like Facebook Messenger, Google Duo, Signal, etc. To her surprise, they did! Such interaction-less vulnerabilities are both interesting and dangerous. When an attack can be launched without any action from the victim, then it’s probably the easiest way for malicious actors to get in.
Silvanovich found multiple bugs in these messaging applications but received quick responses from their developers. All detected vulnerabilities are now fixed, but this speaks a lot about the privacy promises that applications make and fail to meet. Developers must remember that they have ensured their users of encryption and privacy and design applications accordingly. Here is a brief outline of what the attackers could do with the vulnerabilities in various applications:
- Facebook Messenger: Listen to audio from the victim’s device.
- Signal: Exposed victim’s audios.
- Viettel Mocha: Advanced access to audio and video.
- Google Duo: Access to video, albeit only for a few seconds.
- JioChat: Advanced access to audio and video.
Americans And Brits Unsure Of Virtual Vaccination Cards
Recently, the cybersecurity company Anomali conducted a poll in collaboration with The Harris Poll. The poll was held for over 2000 American and 1000 British adults and asked them questions regarding virtual vaccination cards. The poll results indicate that over 80% of Americans and 76% of Brits are apprehensive of using COVID-19 digital vaccine cards because they fear exposing their personal information to adversaries.
When asked their opinion on who they think would launch such attacks related to the virtual vaccination cards, 36% of Americans hinted at nation-states like China, Russia, and North Korea. In contrast, around 42% of Brits expected such attacks from organized crime cybercriminal groups. Identity and data theft were among the primary concerns of the respondents. Yet another fear attached to using virtual vaccination cards was that the adversaries might hack into their devices using fake digital vaccination cards.
NortonLifeLock Acquiring Avast Might Be The Best Cybersecurity Update In Recent Times
Norton antivirus has been a household name for the last three decades, and it is now merging with yet another giant cybersecurity firm Avast. This merger of Avast and NortonLifeLockinvolved a deal exceeding $8 billion and shall lead to the creation of a much bigger cybersecurity firm that reaches the combined users of Norton and Avast.
From now on, NortonLifeLock will acquire all Avast shares, and their services will be available to over 500 million users. Amidst all the news pertaining to cyber attackers and their increasing power, this merger of two of the most prevalent cybersecurity firms brings a ray of hope. We can now expect enhanced ransomware protection with antivirus products rich in NortonLifeLock’s experience in identity and Avast’s emphasis on privacy – all in a single product and platform.
The Return Of AlphaBay
The revival of hacker groups is never good news, and this time it’s the notorious AlphaBay gang that has returned four years after the FBI shut it down. AlphaBay had stolen at least $1billion from victims before shutting down, and now the adversaries are trying to relaunch a new and deadlier version of the same. This update comes from one of the former moderators of AlphaBay, who posted about it online last week and mentioned that the offerings of the new AlphaBay would include the source code of a banking-related hacking tool.
AlphaBay is known as the Amazon.com of the dark web. The US and European law enforcement agencies have struggled to ensure ransomware protection and regulate the actions of such cybercrime groups over the past year. This news might just be the beginning of a series of AlphaBay hack news we will soon hear about.
Britons Beware of the Flubot Malware
A special cybersecurity alert is in circulation for Britons because the adversaries are targeting them with the Flubot malware. These malicious attackers are impersonating delivery services like DHL, Amazon, Asda, and Argos and sending phishing messages to Britons. In case the recipients fall for the scam and download the malware, it spies on their banking details or other credentials and gives it to the threat actors. All network operators in Britain are affected by this phishing scam, and therefore Britons must look at every delivery service text with suspicion.
All users who may have received such a delivery message that asks you to download an app to track your order or redirects you to a link to listen to a voicemail should immediately delete the message. You are still safe if you accidentally open the text but do not follow the instructions and download the app. But in case you have opened a link or downloaded the app indicated in the phishing text, then you must consider changing your banking password and passwords of all accounts you may have logged into after downloading the app. Such users are advised to contact their banks and closely monitor their banking and other accounts.
Hacker Return Stolen Cryptocurrency
Ever heard of threat actors returning the money they stole? Well, that’s what happened with the latest hack on the Chinese DeFi platform – Poly Network. The adversaries had stolen more than $600 million in cryptocurrency by exploiting a vulnerability between contract calls on Poly Network, which enabled them to control the funds transferring system. On 10th August, the adversaries returned the stolen amount through the following tokens on the Polygon network:
- $256 million as Binance Smart Chain (BSC) tokens
- $3.3 million as Ethereum tokens
- $1 million as USD Coin (USDC)
Apart from this, the attackers are yet to return another $84 million on Polygon and $269 million on Ethereum. While returning the funds, the adversaries embedded their motives of hacking along with each transaction. However, what triggered them to return the stolen cryptocurrency is still a mystery. Soon after discovering the attack on Poly Network, cybersecurity experts at Binance, Tether, OKEx and Huobi had begun their investigations. These investigations must have led to some significant discoveries about the attackers, fearing the disclosure of which they are now returning the stolen cryptocurrency. Or, perhaps, these were whitehat hackers who wanted to bring vulnerabilities to Polys Network’s developers’ team. Whatever be the case, this attack has been one of the largest heists ever to have taken place.