Pirate websites expose users to more malware: Study

Illegal streaming popularity continues to boom but new research has revealed the hidden dangers of watching content via the web. Although many services, such as Netflix and Amazon Prime, offer a safe environment to view online content there are many streaming sites that could be rife with hidden dangers.

Recently, a study carried out by a team of researchers from Carnegie Mellon University, Pennsylvania (United States) has found a link between piracy and malware websites. Having observed the online activities of 253 people throughout 2016, Professor Rahul Telang concluded in a newly-released paper that the more time a user spends on sites that offer illegal downloading, the more the risk of the computer becoming infected by viruses increases.

It is hardly a surprise to learn that navigating to pirate websites entails a higher risk of running into malware. But a researcher set out to quantify the risk that this ‘free lunch’ involves in a real-world setting.
Explaining more about the research Telang, said: “As part of Carnegie Mellon’s SBO project, we are able to monitor detailed user behaviour and measure how much time users spend on infringing sites.

Specifically, every doubling of the amount of time that the users spent on various illegal torrent and streaming sites resulted in a 20-percent increase in malware count on their computers, according to the paper entitled “Does Online Piracy Make Computers Insecure? Evidence from Panel Data”.

In the document that gathers the investigation, the researchers explain that, in addition to the destruction that piracy supposes for the authors of the contents, another one of the negative aspects of this practice consists of the propagation of malicious software. This is due to the fact that the revenues of the piracy pages come from advertising, which in many cases can bring malware, adware and other questionable tracking programs.

Cambridge Analytica: More a spy and less an app

A stunning revelation on a number of apps deployed in Facebook to trap private information triggers no less heat among the users. But the brain behind the spying apps have called himself a scapegoat.

 The Facebook users started speaking ill of the Cambridge Analytica as soon as they came to know that the firm has trapped their private information to be sold to third party. According to what is disclosed, popular apps which include Amazon, Buzzfeed, Expedia, Etsy, Instagram, Spotify and Tinder are engaged to connect millions of Facebook profiles for gathering private data to be kept for sale.

Even these data were used much to the benefit of Donal Trump a he was campaigning for the US presidential poll in 2015. Facebook these days have felt more heat of it as the authorities confessed to have done it without elaborating anything under mysterious circumstances.

 The most worrying revelation about the app is that Your Digital Life which has allegedly trapped personal informations of around 270,000 users in 2015 before being sold Cambridge Analytica when Alexandr Kogan, a Cambridge University expert who created it. But the masterbrain behind the entire episode calls himself a scapegoat saying that he was not aware of who and how his app was deployed to trap any information to influence the US presidential polls.

 Pleading innocence Kogan, the psychologist at Cambridge University deplored that he was not in the know why Facebook and Cambridge Analytica have been targeting him bereft of any reason. He said what he has done is quite normal and that he was not aware of how the app he had developed could help Trump win the polls.

WhatsApp co-founder asks social users to delete their Facebook account

As Silicon Valley experiences a wave of criticism, even some former colleagues are becoming adversaries. 

Another prominent sceptic spoke out this week, as a creator of one of Facebook’s top products waded into criticism of the internet giant. Brian Acton, who co-founded WhatsApp with Jan Koum in 2009, became a billionaire when Facebook bought the company in 2014. Now he is telling people to “#deletefacebook.” 

Following the recent scandal with Facebook's alleged indirect involvement in the US Elections of 2016, Acton has declared it’s time for people to leave Facebook.
“It is time. #deletefacebook” wrote Acton on Twitter. "Delete and forget. It's time to care about privacy," he added.

His company was bought by Facebook for $19 billion in 2014. The deal made him a billionaire.

Data mining and analytics firm Cambridge Analytica misused Facebook user data in violation of Facebook's guidelines and terms, leading to a continuing, huge scandal. The data played a huge role in influencing voters in the 2016 US Elections to favour then-candidate Donald Trump. The scandal has lead to a big drop in Facebook stock value in the past week.

It goes without saying that many in the tech community have turned their attention to Facebook and CEO Mark Zuckerberg's silence has been troubling. Some investors are even reportedly suing Facebook over the stock price drop.

The massive social platform appears to have lost control over user data, leading to a firestorm of red-hot #DeleteFacebook tweets.

The tag trended briefly on Twitter Tuesday as a response to the scandal over Facebook user information that wound up in the hands of political advertisers without users' consent. Another indication of momentum behind the sentiment is this Reddit post that's received 120,000 up-votes and over 7,000 comments in less than 24 hours.

Fewer people may see your latest exploits via Facebook today than would have yesterday thanks to #DeleteFacebook.

Orbitz data breach has affected 880,000 customers

A Travel booking website Orbitz has announced that they have discovered a data breach which could have exposed credit card information of more than 880,000 customers between Jan. 1, 2016 and Dec. 22, 2017.

The company discovered the potential breach on March 1st, while the current website of the company was not affected by the incidence. The Orbitz is now owned by Expedia Inc. of Belleview, Washington.

Hackers may have accessed consumer data submitted to a legacy website between January 1, 2016, and June 22, 2016. Additionally, Orbitz partner platform data submitted between January 1, 2016, and December 22, 2017, may also have been breached.

The company says that there is no evidence that customers social security number, passport and travel itinerary information have been accessed, while customers name, payment card information, dates of birth, email addresses, physical billing addresses, gender, and phone numbers may have been accessed, but they don't have any evidence that the breached data was taken from the website.

"Ensuring the safety and security of the personal data of our customers and our partners' customers is very important to us," Orbitz said in a press release. "We deeply regret the incident, and we are committed to doing everything we can to maintain the trust of our customers and partners."

"We took immediate steps to investigate the incident and enhance security and monitoring of the affected platform," Orbitz said. "

Now, the company is offering a year of free credit monitoring and identity protection service to all those customers who were affected by this incidence.

Author of Three Critical Ransomware Families Arrested in Poland

A well-known cyber-criminal believed to be the author of the Polski, Vortex, and Flotera ransomware strains, Tomasz T. was arrested in Poland on Wednesday, but the announcement was made by the Polish Law Enforcement on Friday.

They had been tracking him for quite some time and were ready this time to go ahead with the arrest.
Tomasz T. a.k.a. Thomas or Armaged0n - a Polish citizen who lives permanently in Belgium is responsible for conducting cybercrime such as DDOS attacks, sending malicious software to compromise several computers and using ransomware to encrypt the files.

While working through Europol, the Polish police had alerted their Belgium counterparts, who thusly searched his house and seized the computer equipment, laptop and remote servers also including encryption keys.

 “Apparently, the suspect has been active since 2013, when he first started targeting users via a banking trojan that would replace bank account numbers in users' clipboards with one of his own, so to receive undeserved bank transfers.”
-          according to the Prosecutors.

He was able to spread this ransomware through the means of email by pretending to impersonate official correspondence from well-known companies such as DHL, Zara, Cinema City, PAY U, WizzAir and many more. While utilizing the Online portal, Tomasz operated under the epithet "Armaged0n," which he used on the infamous Hack Forums cybercrime portal too.

The Polish tech news site Zaufana Trzecia Strona (ZTS) was the first to draw the lines between the three ransomware strains to the Armaged0n persona and later tracked down an extensive email spear-phishing operation.

Armaged0n Hack forum profile

The police suspects that Tomasz infected thousands of users with ransomware and made over $145,000 from his criminal undertakings. ZTS, CERT Poland, security analysts, police, and the impersonated companies all worked together to track him down.

Polish Cybercriminal has been accused with various complaints such as accepting and transferring funds from crimes, infecting computer systems with malware such as the Polish Ransomware, Vortex or Floter and for influencing automatic data processing for financial benefits. All these ransomware’s Decryption keys have likewise been collected from his system.

The suspect, questioned by the prosecutor, conceded to the 181 different crimes that he was charged with.

Nonetheless, after performing the procedural steps, the prosecutor filed a motion to apply to him a temporary detention for a period of three months.

Rajya Sabha website breached, Amit Shah’s account accessed

A group of hackers on Monday, March 19, claimed to have hacked into the Rajya Sabha website that only members of the Upper House and administrators of the website have access to, Scroll reported on March 20. The group, which identifies itself as Lulzsec India, posted two screenshots on Twitter on Sunday night purportedly after logging into the account of Bharatiya Janata Party President Amit Shah, who is also a Rajya Sabha member. One screenshot was of Shah’s portal and the other a request to update his address.

The screenshots show that the hackers purportedly opened two links – one pertaining to bulletins meant for Shah and another link through which they could have sent a request to update his personal address.

The Twitter post by the group shows that the hackers had access to everything that is available on the Rajya Sabha website, including Shah’s email inbox on the Rajya Sabha domain, official email, text messages sent by the public on official phone number, bulletins, details on debates, business in the Parliament, telephone, electricity and water bills, travel allowance and even money transfers to official bank accounts.
The members’ logins are secured by usernames and passwords that the hackers claimed to have bypassed. 

The hacker group also called for a deep analysis of Indian cyber security policies in their Tweet.

“Wow, what pathetic security! Where we stand as one of the global power, still lack behind in cyber security. Rajay Sabha E-Governing portal pawned... very low level security. Time to make a deep analysis in Indian cyber security policies.”

The Rajya Sabha website comes under the domain of the National Informatics Centre, which through its information and communication technology network provides institutional linkages among all ministries and departments of the central government, several channels of state governments and union territories and as many as 688 district administrations. Websites that come under the ambit of the Centre have a ‘(dot)nic’ in their address.

Indian Army: Chinese Hackers Spying through WahtsApp

The Indian Army has released a video accusing Chinese hackers of targeting Indians through an online messaging service, WhatsApp.

Over a minute long video has been posted by the Indian army on its official Twitter handle 'The Additional Directorate General of Public Interface (ADGPI),' in which it is urging Indian Nationals to use the App safely. The same has been reposted by Information and Broadcasting Minister Smriti Irani.

The tweet reads, “Be vigilant, be careful, stay safe. social media encourages proper and NIYAMABADDH account. Hacking is on the Zoro, which is inattentive for them. Always check your social media. Be careful about personal and group account, stay safe.”

The video accuses the Chinese of penetrating the digital world, "The Chinese use all kinds of platforms to penetrate your digital world. WhatsApp groups are a new way of hacking into your system. Chinese numbers starting with +86 barge into your groups and start extracting all the data."

The previous year, the army ordered its personnel deployed on the Chinese to format, delete or uninstall over 40 apps on their smartphones which were vulnerable.

Fortnite players warned over hack attacks

Fortnite video game is becoming one of the biggest online games in the world, however, the more it seems to grow and expand, the more hackers are attracted to the platform.

In recent weeks, many Fortnite players have reported via social media that their accounts have been taken over. Players have been losing ‘hundreds of dollars’ during the hack attack as they have been hit with high charges for games and other items they never bought.

Security experts from Kaspersky Lab are asking players to stay vigilant online.

David Emm, the principal security researcher at Kaspersky Lab commented below.

“The gaming industry is hugely lucrative, and with over half of players regularly gaming online, it’s also becoming an increasingly attractive target for cybercriminals. However, many online gamers don’t take precautions to reflect this. According to Kaspersky Lab research, just 5 percent of people selected their gaming account as being one of three that require the strongest passwords.”

“Online gamers – both amateur and professional – are understandably concerned about having their accounts hacked, or being locked out of their accounts by forgetting their passwords. This is a dilemma that people face every day, with many choosing the less secure option of using either the same password for all their accounts or simple passwords that are easy for hackers to guess,” added Emm.

Emm has given advice to gamers about how they can stay safe after the hack attacks.

“Only by taking appropriate precautions and using strong, unique passwords will people be confident that their valuable accounts are protected and that all their efforts have not gone to waste. In addition, gamers should protect their computers and not disable features for fear of them interfering with their gameplay.”

Meanwhile, Fortnite maker Epic said it was aware of the attacks and was looking into them.

Android Malware intercepts bank calls and redirects to scammers

There is a new version of the creative FakeBank Android malware that intercepts victims’ calls to their banks and redirects them to scammers.

The trojan is one of the most creative android malware threatening the market. FakeBank operates by fooling customers using fake login screens inserted on top of legitimate banking apps.

The innovative new version not only lets scammers intercept banking calls made by customers by switching the dialed number with a special one pre-configured in the configuration file, but also enables them to actually make calls to customers using a special number, which will come up on users’ screen as if their bank is calling them.

This lets these scammers fool customers into giving away their banking information whenever they want it.

This new variant is allegedly only active in South Korea at the moment, according to a report by Symantec researchers, who have discovered the trojan in 22 apps so far via social media links and third-party app stores, targeting Korean bank clients.

In the past, the trojan has been able to whitelist its process to remain active while the users’ phone was in sleep mode and has also used TeamViewer to grant attackers full access to the device.

Vulnerabilities in Safari, Firefox, & Edge were Exposed at Pwn2Own 2018

Internet browsers like Microsoft Edge, Firefox and Safari were a prime target for the white hat hackers at the annual ethical hacking conference, Pwn2Own 2018, that is held in Vancouver, Canada.

According to the latest reports, the prize-money was awarded by Trend Micro's Zero Day Initiative (ZDI), till now hackers have won $267,000 of the total $2 million for hacking Firefox, Edge, and Safari.

 "The biggest surprise is how many people targeted Apple Safari," Dustin Childs, communications manager for ZDI, told eWEEK. "It's really returning to the roots of Pwn2Own when we saw a lot of individuals targeting macOS."

On the first day of the 2018 event vulnerabilities in Microsoft Edge, Oracle VirtualBox and Apple Safari were exploited by the attendees. While, on the second day Apple safari, as well as Mozilla Firefox, was the prime target for the researchers.

Security researcher Richard Zhu won the contest by gaining 12 points for exploiting Firefox and Edge.  Zhu took home $120,000 of the $267,000 total prize money. Each researcher got to keep the laptop they tried their exploits on.

"One thing we learned this year is the importance of giving researchers as much time to build their exploits as possible," Childs said. "We saw some contestants withdraw because they simply didn’t have enough time to complete their chains due to the increased complexity of the targets."

Pwn2Own 2018, show that in recent times operating systems and web browsers have become more secure in recent years, but still, even fully patched systems can be exploited by the best security researchers.

"Software will always be vulnerable," Childs said. "No matter what patches are released, researchers will continue to find holes in popular enterprise platforms." a