US warns of new North Korean malware

Just days after the successful historic summit between the United States President Donald Trump and North Korean dictator Kim Jong Un, The US Department of Homeland Security and Federal Bureau of Investigation (FBI) has warned about a malicious cyber activity by the North Korean government hackers.

Analysts of DHS-FBI has released a report on the malware, dubbed Typeframe, software used by the North Korean government to damage or disable computers and computer systems.

“These files have the capability to download and install malware, install a proxy and remote access Trojans, connect to command and control servers to receive additional instructions, and modify the victim’s firewall to allow incoming connections."

"The intent of sharing this information is to enable network defenders to identify and reduce exposure to North Korean government cyber activity," the report added.

Before this also, US has blamed Nort Korea for spreading a malware that targeted major nations.

“Since June 2017, DHS and the FBI have publicly released 11 national cyber awareness products associated with North Korean government malicious cyber activity; four joint Technical Alerts (TA) and seven joint Malware Analysis Reports (MAR),” a DHS spokesperson told CNN.

“DHS pursues a model of ‘collective defence’ in cybersecurity, meaning government and industry take collaborative, tangible actions together to mitigate threats and reduce the most serious, enduring and collective strategic cyber risks to the United States and to our international partners,” the spokesperson said.

Malware threat for Syscoin users

The hackers have no dearth of malwares to strike these days. A new malware, of late, has posed no less threat for the Syscoin developers and users alike forcing the cyber security experts to come out with a slew of care and caution to counter the threat.

The security experts who claimed to have detected the
Trojan:Win32/Feury.B!cl, said with the help of the malicious malware, the hackers, very recently got the details of the GitHub account of the Syscoin cryptocurrency. Then it was put in the replaced  official Windows client much to the major concern of the developers and users.

A detail study suggests a malware in the infected Syscoin Windows client which helps the hackers to steal passwords and wallet privacy forcing the velopers to keep the users on maximum alert. The security researchers have maintained that those who have downloaded the version from June 9 to June 13 this year, run the risk of the impending danger. The malware in question might infect the system at any moment.

The hackers have only targetted the Syscoin Windows client by tampering it and they are understood to have been trying to mint Syscoin cryptocurrency putting in place the  Syscoin clients which keeps running on an operating  system. The entire piece of system surfaced acting on the messages the Syscoin experts received from the users.

In a number of messages, the Syscoin team of experts got to know the disturbing facts that the Windows Defender SmartScreen which marked the download of the windows client was infected by a malware. Unless a slew of cautions and cares are maintained, the malware would leave millions of Syscoin users in high and dry.

An updated study by the Syscoin team suggests that the hackers managed to compromise a GitHub account belonging to the developers. Then the team was quick to keep aside the malware and prepared a slew of measures for the users to ensure that their devices and system are left untouched.

The team which deals in the revolutionary cryptocurrencies, has asked all users to ascertain the installation dates with right-click on syscoin-qt.exe in C:\Users[USERNAME]\AppData\Roaming\SyscoinCore. They, further, have the option  to flip through the list mode to modify the date in a note. Another option, the users can avail of: Starting from Settings->Apps and prepare the installation date in a note.

Those who installed or modified the mechanism from June 9 to June 13 this year, should have back up of the crucial data and wallets in a separate system before allowing an anti virus scanner to operate in the device. This, say the experts, the best possible way to keep the impending threat at bay.

The Syscoin users need to change the passwords entered from the moment the devices were left infected. The password needs to be changed from another device which would ensure safety of the system.

The Syscoin team, moreover, has asked the wallet holders to generate new wallets from another computing system if the wallets with funds  unencrypted remained unlocked in the infection period.  The Syscoin users who downloaded the client during this period in question need to delete these before downloading a uninfected version afresh.

Quick Heal detects 2 banking Trojans targeting Indian Android users

IT company Quick Heal on Tuesday warned that two new banking trojans (malware designed to steal financial data) targeting Android are hitting users in India to access confidential data.

The Trojans, named “Android.Marcher.C" and "Android.Asacub.T", operate by exploiting user behaviour of android mobile users and imitating notifications from leading banking and finance apps in India as well as popular social apps such as WhatsApp, Facebook, Twitter, Instagram, and Skype.

The trojans mask themselves by using misleading icons and names to trick users. “Android.Marcher.C" uses a fake Adobe Flash Player icon and "Android.Asacub.T" mimics an android update icon and the name “update”.

The malwares work by forcing the users into allowing special privileges to the app by clicking “Activate” after it is installed in the device.

Image credits: Quick Heal
Once the malware has this access, it is able to trick sensitive information from the user such as banking credentials, passwords, card details, etc. whenever the user opens one of the apps the trojan is designed to imitate. This is done by displaying a fake window asking for the credit/debit card number of the user without which, the user is unable to access the app.

Sanjay Katkar, Co-founder and CTO of Quick Heal Technologies Limited, said, "Indian users often download unverified apps from third-party app stores and links sent through SMS and email. This gives hackers a lucrative opportunity to steal confidential information from unsuspecting users."

He also said the company has detected three other similar malware in less than six months and that it seems like hackers are now targeting mobile users as they are “far more vulnerable to sophisticated phishing attacks”.

Android users are advised to practice caution when downloading apps and to only download them from trusted sources. Always verify app permissions and install a reliable mobile security app.

Uber Working with AI to Determine the Probability of Drunken Passengers

Recently according to CNN, the Uber Innovation Inc. documented a patent for a machine learning application that could precisely foresee a user's condition of sobriety and caution the driver with this information. Because apparently Uber is taking a shot at innovating a technology that could decide exactly just how drunken passengers are when requesting for a ride.

The patent application depicts artificial intelligence that figures out how passengers commonly utilize the Uber application, so it can better spot uncommon behaviour in light of the fact that, various Uber drivers have been physically assaulted by passengers as of late, a significant number of whom were inebriated.

The application's algorithms measure various factors that indicate that the passengers are most likely inebriated it incorporates typos, walking speed, how correctly the passengers press in-app buttons, and the amount of time it takes to arrange a ride. Somebody messing up most words, swaying side-to-side and taking at most 15 minutes to arrange for a ride late on Saturdays.

Uber's patent says that it could, possibly, utilize the innovation to deny rides to users in light of their current state, or maybe coordinate them with different drivers with pertinent abilities and training.

The application is said to likewise increase the wellbeing for both the rider as well as the driver.

As per an ongoing CNN investigation, no less than 103 Uber drivers have been blamed for sexually assaulting or abusing passengers in just the previous four years. Now, while the application won't stop the ruthless idea of a few people, it can definitely help in accurately recognizing disabled people so they can be placed with trusted drivers or those with experience in commuting inebriated passengers.

Apple to patch iPhone vulnerability used by law enforcement

Apple Inc. said they are working on a new security feature that could make it  harder for  law enforcement agencies to retrieve data from iPhone's during investigations.

The new software feature, named USB Restricted Mode will  disable the phone's USB port from being used for anything other than charging an hour after the device has been locked. This would prevent hackers,  police and other officials from accessing the data on the iPhone via its  iPhone via its Lightning port an hour after a phone is last unlocked.

"We're constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data," Apple said in a statement.

"We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs."

The new update has ignited tensions between law enforcement agencies and Apple. In 2016, the U.S. Justice Department had a rift with Apple when the company refused to unloack a mass shooter's iPhone to retrieve a data.

 If any agency wants to gain access to an iPhone, there are very few options left with them, even if they have a warrant.  As the data in the iPhone is encrypted, it cannot be pulled out without cooperation from the company or the phone's owner.

“If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety,” said Chuck Cohen, head of Indiana State Police task force on internet crimes against children.