OTP Theft Guilty, Social Media Exploits, APT29 Targets Mobile – Cybersecurity News [September 02, 2024]

by Duocircle

 

We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we highlight the final verdict of an OTP theft case relating to 1-Time Passcode, a loophole in the financial system aided via social media platforms, Android and iOS users attacked by Russian hackers, a more personalized approach towards social engineering techniques, the role of CISOs in curating business strategies and finally the concerns associated with encryption policies amidst Telegram founder’s indictment.

Guilty Plea in OTP Theft Service Case

During the final verdict of the Court case concerning the OTP theft or, more precisely, interception concerning the 1-time passcode, varied information and facts came to the notice. Three UK-based men were held accountable and guilty of intercepting one-time passcodes (OTPs), essential for a secure method named 2-factor authentication. This service has remained active since November 2019 and was primarily used by scammers to exploit their targets easily. 

UK’s National Crime Agency (NCA) was closely investigating this case, and after a series of thorough investigations, three men were posed with the charges. The names of the concerned individuals were Callum Picari, Vijayasidhurshan Vijayanathan, and Aza Siddeeque. The NCA linked them to ongoing fraudulent activities, culminating in over 12,500 potential victims. In the past, there was an attempt made by the cybersecurity journalist to expose their criminal deeds in February 2021.

Still, despite this, they chose to continue with their fraudulent services and exploitation before their final takedown. The NCA pointed to more OTP interception services in the existing market employed to exploit the targets and carry out phishing scams.

 

one-time passcodes

 

Social Media Exploits Financial System Vulnerabilities

Recently, a glitch in Chase Bank’s deposit system temporarily allowed users to manipulate account balances over the Labor Day weekend. However, to add to the adversity, this loophole quickly went viral, and individuals began sharing exploits on platforms like TikTok and Reddit, leading to the widespread exploitation of flow. 

This event highlights the dire need for robust crisis management protocols in financial institutions. With the advent of social media services, information can be shared rapidly, amplifying vulnerabilities and requiring a swift response from affected organizations. Varied outreaching concerns, like legal and ethical challenges, arise as affected entities attempt to recover potentially lost funds from targeted individuals. Information dissemination on social media, just like a forest fire, requires more agile security and crisis management strategies within institutions.

 

Russian APT29 Targets Android and iOS Users

Google’s Threat Analysis Group and Madiant have encountered a series of cybersecurity attacks by APT29. APT29 is a group that initiated varied cyber-attacks and is closely linked to the Russian government. They are being held responsible for targeting Android and iOS users with watering hole attacks. Watering hole attacks exploited vulnerabilities in Apple Safari and Google Chrome browsers to compromise client-side devices.

 

 cybersecurity attacks

 

According to the report, the attackers utilized advanced techniques incorporating various methodologies, including reconnaissance payloads and cookie-stealing frameworks, to fulfill their crime motives. Many end-users remained susceptible to the attack due to outdated software despite available patches. This instance demonstrates the ongoing risk of unpatched devices in sophisticated cyber campaigns. 

 

Personalized Sextortion Scams Now Include Home Images

One must be familiar with the security term “sextortion”: it is a kind of social engineering tactic that involves exploiting the target individual to yield vast amounts of ransom, gain personal data, or simply harass the individual. But now “sextortion” has taken a personalized approach to it, making it worse than before. Recently, recipients have reported receiving messages from attackers claiming to have compromised webcam footage along with personal images of their home (generally curated from online mapping services like Google Maps).

These emails often demand hefty amounts of ransom, typically dealings in Bitcoin (maintaining pseudonymity). It also contains tailored content to specify the individual’s home address to increase the fear and pressure on the victim. The scammers have also claimed to have captured these recordings using installed malware, but no evidence supports this claim.

Amidst such incidents, the FBI advises individuals never to send, circulate, or post sensitive images and/or information to anyone, avoid entertaining suspicious email attachments, and keep webcams covered when not in use. They also encourage individuals to report such scams immediately to the local authorities to minimize the intensity of harm caused.

 

 suspicious email attachments

 

CISOs Transition from Technical Experts to Strategic Leaders

The Chief Information Security Officer (CISO) role has evolved from its earlier versions. Earlier, they were only held responsible or accountable for cybersecurity-related tasks such as planning security objectives, ensuring compliance of information systems with existent standards and frameworks, planning, implementing, and assessing risk management plans, etc. Now, the responsibility list of the CISO role has increased to fit in significant decisions relating to business strategies and advancements, maintaining and assessing the robustness employed security standards and procedures. CISOs are responsible for protecting and evaluating information systems that are aligned with business goals and objectives.

Since the cybersecurity threat landscape is evolving at a faster pace than ever due to the commencement of artificial intelligence tools and methodologies used by attackers, CISOs are required to continuously learn, evolve, and adapt to the dynamic world. They must always maintain the balance between shaping and aligning cybersecurity standards and practices with business goals and objectives.

 

Telegram Founder’s Indictment Highlights Encryption Concerns

There have been burning news revolving around the case of Pavel Durov, founder of Telegram (social media app), being in custody for serious charges. The French authorities accused Durov of charges like providing cryptology services without obtaining a legitimate license (hence illegal), which facilitates the rising concerns among giant U.S. tech companies like Signal, Apple, and whatsapp. These companies advocate strict end-to-end encryption policies amidst the growing concerns and realizations among end users regarding their data privacy rights.

 

end-to-end encryption

 

Hence, these companies see Telegram’s negligence as unavoidable. Telegram does not encrypt data for all chats, leading to suspicions about its privacy and security structure incorporated into the app’s workings. This has raised concerns as it might question the credibility of the encrypted messaging feature among the concerned folks.

This case now is not limited to its local boundaries but has indeed crossed national borders, engulfing nations around the globe. Silicon Valley firms and organizations are closely looking into the proceedings of this case as it could heavily impact global perspectives on encryption services, hampering predefined business goals and objectives. Governments are now worried about adherence to the legal compliance standards and frameworks and the shielding of illegal activities despite frequent tech companies’ assurance. The future outcome could influence future regulations on encrypted communication services.

Pin It on Pinterest

Share This