Search This Blog

Showing posts with label Facebook. Show all posts

Android Malware ‘FlyTrap’ Hacks Facebook Accounts

 

A new Android trojan has been discovered to breach the Facebook accounts of over 10,000 people in at least 144 countries since March 2021 through Google Play Store and other third-party application marketplaces. 

According to a report published by Zimperium's zLabs and shared with The Hacker News, the malware, termed "FlyTrap," is presumed to be a component of a family of trojans that use social engineering techniques to compromise Facebook accounts as part of a session hijacking campaign planned and executed by malicious actors operating out of Vietnam. 

Aazim Yaswant, a Zimperium malware researcher, noted that although the nine infringing apps have been removed from Google Play or, they are still available in third-party app stores, emphasizing the danger of sideloaded applications to mobile endpoints and user data. The following is a list of available apps: 
1. GG Voucher (com.luxcarad.cardid) 
2. Vote European Football (com.gardenguides.plantingfree) 
3. GG Coupon Ads (com.free_coupon.gg_free_coupon) 
4. GG Voucher Ads (com.m_application.app_moi_6) 
5. GG Voucher (com.free.voucher) 
6. Chatfuel (com.ynsuper.chatfuel) 
7. Net Coupon (com.free_coupon.net_coupon) 
8. Net Coupon (com.movie.net_coupon) 
9. EURO 2021 Official (com.euro2021) 

The fraudulent applications claim to provide Netflix and Google AdWords coupon codes, as well as the option to vote for their favorite teams and players at UEFA EURO 2020, which took place between June 11 and July 11, 2021, but only if users log in with their Facebook accounts to vote or obtain the coupon code or credits. 

Once a user logs in, the malicious software can extract the victim's Facebook ID, location, email address, IP address, as well as the cookies and tokens linked with the profile, allowing the attacker to implement disinformation campaigns using the victim's geolocation details or spread the malware further via social engineering tactics such as sending personal messages including links to the trojan. 

This is accomplished by using a technique called JavaScript injection in which the application loads the legitimate URL inside a WebView equipped with the capability to inject JavaScript code and collects all the required information such as cookies, user account credentials, location, and IP address by inserting malicious [JavaScript] code, Yaswant stated. 

While the stolen data is hosted on a command-and-control (C2) server, security vulnerabilities in the C2 server may be leveraged to leak the whole database of stolen session cookies to anybody on the internet, as a result placing the victims at high risk. 

"Malicious threat actors are leveraging common user misconceptions that logging into the right domain is always secure irrespective of the application used to log in," Yaswant further told. "The targeted domains are popular social media platforms and this campaign has been exceptionally effective in harvesting social media session data of users from 144 countries. These accounts can be used as a botnet for different purposes: from boosting the popularity of pages/sites/products to spreading misinformation or political propaganda." 
 
On Monday, Zimperium's head of product marketing for endpoint security, Richard Melick, informed Threatpost that Android users can reduce the risk of infection instantly by ensuring that they don't allow any software from an unauthorized source to be loaded. 

While most Android smartphones have the option turned off by default, social-engineering tactics are “highly effective in tricking users into allowing it,” he stated in an email. To turn off unknown sources on Android, go to settings, security, and make sure the “unknown sources” option is turned off. 

Users should also set up multi-factor authentication (MFA) for all social media accounts, in general, be suspicious about grabby apps, Melick advised.

Facebook says Iranian Hackers Targeted U.S. Military Personnel

 

On Thursday, Facebook announced that it had shut down approximately 200 accounts operated by a group of hackers in Iran as part of a cyber-spying operation that focused primarily on US military officials and others working in defense and aerospace firms. 

The group, termed 'Tortoiseshell' by security experts, utilized fraudulent online identities to interact with targets, establish confidence over time (often months), and lead them to other sites where they were duped into clicking malicious links that infected their devices with spying software, according to Facebook. 

In a blog post, Facebook's investigative team stated, "This activity had the hallmarks of a well-resourced and persistent operation while relying on relatively strong operational security measures to hide who's behind it." 

Thus according to Facebook, the group created dubious identities on numerous social media sites to look more legitimate, frequently impersonating recruiters or staff of aerospace and defense firms. LinkedIn, which is controlled by Microsoft, announced the removal of several accounts, while Twitter said it was "actively investigating" the data in Facebook's report. 

The virus was distributed via email, chat, and collaboration platforms, according to Facebook, including malicious Microsoft Excel spreadsheets. In a statement, a Microsoft spokesman said the company was aware and following this actor, and that it takes action when harmful behavior is detected. 

Google stated it had discovered and prevented phishing on Gmail as well as provided user warnings. Slack, a workplace messaging service, claimed it has taken action against hackers who exploited the platform for social engineering and had shut down any Workspaces that broke its rules. 

According to Facebook, the hackers utilized customized domains to entice their targets, including phony defense recruitment websites and internet infrastructure that spoofed a real job search website for the US Department of Labor. 

In a campaign that began in mid-2020, Facebook claimed the hackers mostly targeted users in the United States, as well as some in the United Kingdom and Europe. It did not name the firms whose employees were targeted, but its chief of cyber espionage, Mike Dvilyanski, said the "fewer than 200 individuals" who were targeted were being alerted. 

The campaign appeared to demonstrate an extension of the group's operations, which had previously been claimed to focus mostly on the Middle East's I.T. and other businesses, according to Facebook. A section of the malware employed by the organization was developed by Mahak Rayan Afraz (MRA), a Tehran-based IT firm with links to the Islamic Revolutionary Guard Corps, as per the inquiry. 

Mahak Rayan Afraz's contact information was not readily available to Reuters, and former employees of the firm did not respond to LinkedIn messages sent to them. A request for comment from Iran's mission to the United Nations in New York was not promptly reported. The allegations that MRA is involved in Iranian state cyber espionage are not new. MRA was one of the numerous contractors suspected of assisting the IRGC's elite Quds Force, according to cybersecurity firm Recorded Future. 

Iranian spies, like other espionage services, have long been alleged of farming out their missions to a variety of domestic contractors. Facebook stated the fraudulent domains had been prohibited from being shared, while Google said the domains had been placed to its "blocklist."

Indian Origin Woman Rewarded with Rs 22 Lakh Bounty by Microsoft

 

Aditi Singh, a 20-year-old Delhi-based ethical hacker, was awarded $30,000 (Rs 22 lakh roughly) for detecting a bug in the Microsoft Azure cloud system. Just two months ago, Aditi uncovered an issue in Facebook and got a $7500 (around Rs 5.5 lakh) bounty. 

She further claims that both these firms have a relatively new remote RCE problem, but that is something new and is not paid much attention comparatively. With such weaknesses, hackers can access and maintain information on their internal systems. 

Aditi points out that it isn't simple to locate vulnerabilities and that ethical hackers need to keep up with new bugs in their game, report them, and still be eligible for pay-outs. She does not only emphasize getting money but also stresses gaining knowledge and learning about ethical hacking first. 

“Microsoft has only fixed the bug which I spotted two months back. They have not fixed all of them,” claimed Aditi, the first one to notice the flaw on the RCE. She added that the tech giant had taken almost two months to answer as they checked whether anybody had downloaded its faulty version or not. Aditi believes that individuals must ask the company's support team to host a bonus scheme before they even begin to uncover a bug. And, if the company confirms such a scheme, bounty hunters must yield results. 

Bug bounty hunters are mainly trained and certified cybersecurity professionals or security researchers who scan the web for bugs or loopholes via which hackers can sneak in and notify the company. Individuals are awarded cash when they succeed. 

Aditi explained that developers wrote the code immediately when a Node Package Manager was first downloaded –which is an affiliate of GitHub, where anyone can view the codes of these enterprises as they are open sources. 

For the last two years, Aditi has been ethically hacking. She first broke into the Wi-Fi password of her neighbor (which she sees as a personal triumph) and she hasn't looked back since.

In addition, she has earned letters of appreciation from Harvard University, Columbia University, Stanford University, and the Google Hall of Fame. 

“I took an interest in ethical hacking when I was preparing for NEET, my medical entrance in Kota,” Aditi says. “I didn’t get through in medical school but have found bugs in over 40 companies including Facebook, TikTok, Microsoft, Mozilla, Paytm, Ethereum, HP, among others." 

She immediately knew after reporting an OTP bypass bug in the TikTok Forgot password section, she intended to go to ethical hacking and also received a bounty of 1100 dollars. 

“There are multiple resources and Google, Twitter, and Hacker One that have write-ups with explanations about ethical hacking,” Aditi says. 

Aditi emphasizes that if individuals want to learn more about hacking, they need to know Python or JavaScript, a computer language. She also proposes OSCP, a credential program designed to help ethical hackers in bussing. She also says that most of her bounty goes into buying certified hacking courses and tools.

Facebook Messenger Rooms Exploit Bypasses Android Screen Lock Protection

 

As a result of a security flaw in Facebook's Messenger Rooms video chat function, attackers are able to gain access to a victim's private Facebook photographs and videos, as well as submit posts, from their locked Android screen. Messenger Rooms, Facebook's newest video conferencing service, allows up to 50 individuals to video chat at the same time. You can converse for as long as you want, and you don't need a Facebook account to join a room. 

Rooms calls, like Zoom calls, are not secured end-to-end. Unless you change your preferences, the room will be open to anybody you're friends with on Facebook when you create it; they'll not only be able to join, but they'll also see it at the top of their News Feed. According to a proof-of-concept video supplied to Facebook with the vulnerability report, a user's Facebook account may be hacked by inviting them to a Messenger Room, then calling and answering the call from the target device before clicking on the chat function. 

Despite the fact that physical access to a victim's device is required, the assault could be carried out without the victim's smartphone or tablet being unlocked, earning Nepalese security researcher Samip Aryal a $3,000 bug bounty. 

Aryal's newest discovery was inspired by a similar Facebook Messenger flaw he discovered in October 2020, in which users' private, saved videos and watching history might be exposed during a Messenger call via the Watch Together function. The fault, which could be exploited by an attacker with physical access to a locked Android smartphone, was patched along with other comparable flaws by requiring users to unlock their phones before utilizing the impacted features. 

The researcher, who was logged into a Facebook account through a desktop PC, hosted a Messenger Room and invited an account that was active on an Android device to join. After entering the room with the 'malicious' account, he called the victim's device from the 'invited users' section, and the target, screen-locked smartphone began ringing within seconds. “I then picked up the call and tried all previously known sensitive features like ‘watch together’, ‘add people’, etc. but all of them needed to first unlock the phone before using them,” said Aryal. 

The discovery came when the researcher saw a request in the top right-hand corner of the call screen to ‘chat' with other participants. “I found that I could access all private photos/videos on that device without even unlocking the phone, as well as submit posts by clicking on the ‘edit’ option for any media”, he said.

Facebook Under Investigation by EU and UK Competition Watchdogs

 

Competition authorities in the United Kingdom and Europe are looking into Facebook's use of advertising data to obtain an unfair edge over competitors. 

The Competition and Markets Authority is investigating whether it exploits data for its own purposes, such as Facebook Marketplace. The European Commission is investigating whether Facebook broke EU regulations by collecting data from advertisers in order to compete with them in providing classified advertisements. 

Facebook stated that it will fully cooperate and show that both the UK and EU inquiries are "without merit." 

Facebook obtains data through its digital advertising service and its single sign-on option, according to the CMA. This allows consumers to use their Facebook login credentials to sign in to other websites, services, and apps. 

The watchdog is investigating whether Facebook has been improperly using data to compete with other businesses through Facebook Marketplace, which allows businesses and users to post classified ads to sell products, as well as Facebook Dating, which was launched in Europe last year. 

The European Commission has launched a formal antitrust investigation "to assess whether Facebook violated EU competition rules by using advertising data gathered in particular from advertisers in order to compete with them in markets where Facebook is active, such as classified ads." 

"The formal investigation will also assess whether Facebook, in breach of EU competition rules, ties its online classified advertisements service "Facebook Marketplace" to its social network," it stated. 

Margrethe Vestager, the EU’s antitrust chief stated, “In today’s digital economy, data should not be used in ways that distort competition.” 

Facebook said its "Marketplace and dating offer people more choices, both products operate in a highly competitive environment with many large incumbents". 

The CMA and the European Commission said they will work closely with each other as their "independent investigations develop". 

Andrea Coscelli, chief executive of the CMA, added: "We intend to thoroughly investigate Facebook's use of data to assess whether its business practices are giving it an unfair advantage in the online dating and classified ad sectors. Any such advantage can make it harder for competing firms to succeed, including new and smaller businesses, and may reduce customer choice." 

The launching of European Competition Commissioner Margrethe Vestager's first competition inquiry into the world's largest social network is the latest battle with US digital powerhouses.

WhatsApp's New Privacy Policy: A Quick Look

 



With the advent of its latest privacy policy, the Facebook-owned messaging app is all set to block certain features if the users won't agree to the new privacy policy.

The update that was initially set to be rolled out by February 8 – making new privacy regulations applicable for all its users, got delayed till May 15 as WhatsApp faced strong contempt from the public, which allowed its competitors namely Telegram and Signal to solidify their repute with the public.

Earlier, as per the ultimatum given by WhatsApp: if the users do not accept the updated privacy policy on May 15, they won't be able to use the app. However, later on, it was said that no accounts will be deleted in case the aforementioned does not happen. 

Giving insights into the new Privacy Policy, a WhatsApp spokesperson said, “Requiring messaging apps to “trace” chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people’s right to privacy.”

“We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users. In the meantime, we will also continue to engage with the Government of India on practical solutions aimed at keeping people safe, including responding to valid legal requests for the information available to us,” the Spokesperson added.

WhatsApp told that it is not imposing its new policy on the users and that they are free to not do so. However, it might involve users deleting their WhatsApp account on their own as the other option than to accept the 2021 update, because they won't be able to access their chat lists or call their contacts via WhatsApp. 

As per WhatsApp's statements, we can deduce that whenever users will access the app, they will be constantly reminded to accept the updated privacy policy to access all its features – eventually making the platform more or less unserviceable to them. 

The users who do accept the updated privacy policy won't witness any key changes in their experience, however, those who continue to have the app installed on their device without accepting the new policy might eventually end up saying goodbye to the app due to its limited serviceability or “inactivity”. 




Crypto at Risk After Facebook Leak: Here’s how Hackers Can Exploit Data

 

The tech giant Facebook has been hit with a new wave of data leaks, yet again but this time, the number of users whose records were exposed was not 50 million but a massive 500 million. 

According to a security analyst, sensitive personal information for over half a billion Facebook users was leaked on a well-trafficked hacking forum on April 3, posing a danger to millions of cryptocurrency traders who may now be susceptible to sim swapping and other identity-based attacks.

What should be done? 

In response to the question that how exactly does this most recent breach place at risk the crypto assets of individuals, Dave Jevans, CEO of blockchain security firm CipherTrace, told Cointelegraph that people who have had their phone numbers leaked need to be extra careful because a lot of fraud involving digital assets hinges on such details. 

He further added, “We’ve seen an increase in SIM swaps, phishing attacks, and other types of fraud involving cryptocurrencies that rely on acquiring the phone numbers of victims to execute. Leaked info about the identity of high-profile crypto users gave bad actors the ability to target them.” 

Ben Diggles, co-founder, and chief revenue officer at Constellation, told Cointelegraph that Facebook's latest security lapse is unsurprising, especially given that most Facebook users have a different approach, in which they prefer their world to be managed and structured for them. 

“Those that are crypto holders that were on the list have little to worry about unless they were storing descriptive details of their holdings and access on their Facebook account. However, these hackers have gotten really sophisticated, so I have no idea what tricks they may have [up] their sleeves with regards to scraping info specific to crypto wallets and exchanges.”, he added. 

However, he suggests that most users should update their passwords for all of their social media profiles, as well as all other sites that share their data with Facebook, as a precaution. 

Does decentralization matter? 

As more data leaks occur, a large majority of people around the world are understanding the value proposition that decentralized systems offer in terms of protection, particularly, since they do not feature a single point of failure. 

On the matter, Eli Arkush, a cloud solutions engineer at cybersecurity firm GlobalDots, suggests that having a platform's backend system distributed using blockchain technology could make it more difficult for hackers to obtain user information; however, once credentials fall into the wrong hands, password reuse may become a concern. 

However, Stephen Wilson, the CEO of Lockstep Group and a member of the Australian government's National Blockchain Roadmap Cybersecurity Working Group, believes that, contrary to popular belief, storing personal information on any blockchain ecosystem is never a good idea. He pointed out that the type of personal data breached by Facebook should never be stored in a blockchain, and even if it is, such data can never be completely protected by blockchain in the long run.

“Blockchain and DLTs usually only decentralize some aspects of data management. They don’t usually decentralize data storage in any relevant sense because they tend to duplicate ledger entries across multiple systems. The storage is distributed, but identical copies of information are available in multiple locations and can be vulnerable to attackers or thieves.”, he further added. 

Most hacking schemes in the past have primarily focused on stealing funds from cryptocurrency exchanges. For example, in 2014 and 2018, the total amount of money compromised as a result of exchanges being hacked was $483 million and $875 million, respectively. 

However, an increasing number of offenders are focusing their attention on stealing user data because it provides them with unique opportunities to obtain funds quickly. As a result, cryptocurrency owners must protect their assets.

Data Breach at Facebook Leaks Information of 533 Million Users

 

A major privacy violation by hackers allegedly took the data of almost 533 million users of Facebook from 106 countries to be posted online for free. More than 533 million private details that were posted online include records of over 32 million users in the US, 11 million users in the UK, and 6 million users in India. This breach is perhaps the largest in the social media giant’s history of breaches. Details such as phone numbers, Facebook IDs, full names, sites, birthdates, bios, and even e-mail addresses of several people are included in the breach. 

A spokesman for Facebook stated that the data had been scrapped on the social website due to a security vulnerability that had already been patched in 2019. The vulnerability was identified in 2019, enabling millions of Facebook servers to remove telephone numbers. In August 2019, the social media outlet was kicked off by the vulnerability. 

On Saturday 3rd of April, Alon Gal, who is the CTO of Hudson Rock, the CIC, detected the leaks and confirmed the same via Twitter. Gal is the very same researcher who had blown the whistle of an initially accessible Telegram bot in January, which seems to be the same, leaking database. While the individual behind the bot sold the leaked figures to the people willing to pay for it, this time the disparity is that all these figures are now freely accessible on a low-level hacking forum. After the vulnerability that Facebook fixed in 2019, the database was reported to have been leaked, this is because not many people frequently alter their telephone numbers so that the data can be very accurate. In the past, this information was sold by a person who sold a telegraph bot to sell a telephone number or a Facebook ID for $20,000, or in bulk for $5,000. It is now widely available to anyone with certain technical know-how. 

“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” added Gal. 

This is not the first time Facebook is spotted with a data leak. Data from 419,000,000 Facebook and 49,000 Instagram users were displayed in online databases in 2019. In that meme year, data of 267 million users had been exposed to an additional violation. In the meantime, there was the infamous Cambridge Analytica scandal that, for its data collection practices, was perhaps the first time the Zuckerberg company had come under the radar. 

533 Million Facebook Users' Phone Numbers And Personal Data Leaked Online

 

On Saturday, a user turned to a low-level hacking forum to leak the personal information of hundreds of millions of Facebook users, free of cost. The sensitive credentials that have been exploited included personal data of over 533 million Facebook users from 106 countries – around 32 million users from the US, 11 million from the UK, and around 6 million from India. Leaked data includes users’ full names, their date of birth, address location, phone numbers, Facebook IDs, bios, and in certain instances email addresses also. 

Alon Gal, a CTO of cybercrime intelligence firm Hudson Rock, analyzed the breach on Saturday and informed about this event on Twitter. Alon Gal is also known for his last research finding that was appeared as the same leaked database previously became accessible via a Telegram bot in January. 

While back then, the situation was different. The hacker who was behind the Telegram bot leaked database was selling the hacked credentials to those clients who were ready to pay for the information, but this time the difference is that that all this leaked data of more than 533 million people is available for everyone for free in a low-level hacking forum. 

“A database of that size containing the private information such as phone numbers of a lot of Facebook’s users would certainly lead to bad actors taking advantage of the data to perform social engineering attacks [or] hacking attempts,” Alon Gal stated. 

The incident is not foreign to Facebook, which is indeed a popular platform in the arena of cyberattacks. Before this cyberattack, the platform had already experienced data breaches multiple times, notably so. 

The vulnerability that had been spotted in 2019 exposed sensitive information of millions of Facebook users including their phone numbers to be scraped from Facebook's servers in contravention of its terms of service. Back then, Facebook officially stated that the vulnerability was patched in August 2019. Additionally, Facebook vowed to eliminate mass data-scraping after Cambridge Analytica scraped over 80 million users’ data in violation of Facebook's terms of service to target voters with political ads in the 2016 election.

CopperStealer Malware Steals Social Media Credentials

 

Researchers discovered a certain malware that was so far unidentified which silently hijacked Facebook, Apple, Amazon, Google, and other web giants' online accounts and then used them for nefarious activities. 

Cybercriminals have launched a new campaign to rob Facebook login credentials from Chrome, Edge, Yandex, Opera, and Firefox using malware 'CopperStealer.' 

The threat actors have used unauthorized access to Facebook and Instagram business accounts to run nefarious commercials and provide further malware in subsequent malware advertising campaigns as per the blog post published by the researchers at cyber safety company Proofpoint. In late January, researchers were first notified of the malware sample. The first samples found dated back from July 2019. 

Furthermore, CopperStealer versions targeting other major service providers such as Apple, Amazon, Bing, Google, PayPal, Tumblr, and Twitter have been discovered in the proven analytic evaluation. The malware aims to steal login credentials for some of the most famous internet services from large technological platforms and service providers. 

Researchers suspect that CopperStealer is a family that has originally been undocumented in the same malware class as SilentFade and StressPaint. Facebook attributed the invention of SilentFade to ILikeAD Media International Ltd, a Hong Kong-based company, and reported over $4 million in damages during the 2020 virus bulletin conference. 

Researchers found dubious websites, which include keygenninja[.]com, piratewares[.]com, startcrack[.]com and crackheap[.]net, that was advertised as 'KeyGen' or 'Crack' sites, which included samples from several families of malware, including CopperStealer. 

“These sites advertise themselves to offer “cracks”, “keygen” and “serials” to circumvent licensing restrictions of legitimate software. However, we observed these sites ultimately provide Potentially Unwanted Programs/Applications (PUP/PUA) or run other malicious executables capable of installing and downloading additional payloads,” said Proofpoint researchers. 

Malware also helps to find and send the saved passwords on one’s browser and uses stored cookies in order to extract a Facebook User Access Token. Once the User Access token has been collected, the malware will request multiple Facebook and Instagram API endpoints to gain additional contexts including the list of friends, any user's pay-out, and research listing the user's pages. "CopperStealer is going after big service provider logins like social media and search engine accounts to spread additional malware or other attacks," says Sherrod DeGrippo, senior director of threat research at Proofpoint. "These are commodities that can be sold or leveraged. Users should turn on two-factor authentication for their service providers."

CBI Booked Firms for Harvesting Data of 5.62 Lakh Indian Facebook Users

 

The Central Bureau of Investigation (CBI) has lodged a case regarding an unlawful collection of personal information of nearly 5.62 lakh Indian Facebook users and the use of information to manipulate elections in India. In regards, CBI has booked Cambridge Analytica, the UK's political consultancy company, and another UK- based firm Global Science Research Ltd. 

In a preliminary CBI inquiry in July 2018 following a complaint from the Electronics and Information Technology Ministry, investigative officials discovered that Aleksandr Kogan, the Founder-Director of the Global Research Limited (GSRL), created an app called ‘This Is Your Digital Life’, which was used to collect data of Facebook users under the tag "academic and research purposes", as stated in the policy of the digital platform. Further in a probe, it was revealed that approximately 335 Indians had downloaded this app, whereby data of their Facebook friends- nearly 5.62 lakh, had been allegedly harvested without their knowledge. 

During the early investigation, Cambridge Analytica and GSRL reported criminal offenses, and the department later booked all companies for criminal conspiracy and cyber-crime. The organization Cambridge Analytica was initially accused of harvesting details of Facebook users and then manipulating it to obtain success in America, more precisely, the elections for 2016, as well as the Donald Trump campaign. Cambridge Analytica first became the subject of scrutiny three years ago.

In response, Facebook replied, “Data of 5.62 lakh Indians users might have been illegally harvested." Cambridge Analytica on the other hand responded that ”they only received data of UK users from the Global Science Private Limited.” 

According to CBI, these two companies had approached Facebook. Facebook later in conversation with CBI, told that they did allow Global Science Research ltd with their application, but they illegally collected the data of 5.62 lakhs users and later shared it with Cambridge Analytica. The data stolen contains information of the users, page likes, their private data, personal messages, and chats. Reportedly, the stolen information was later used to influence elections in India. 

Out of the 335 app users contacted by the CBI, six replied and were subsequently investigated. They all claimed that the software fooled them and that they were not aware that their personal and friends' data had been improperly gathered, the FIR suggested, adding that all six said they would not have used the app if they had the slightest indication that their privacy would be violated. 

Both UK-based companies have been booked by CBI for criminal conspiracy and violation of the IT Acts.

WhatsApp Clients Resort to Other Messaging Platforms

 

WhatsApp has told its two billion clients they should permit it to share information with its parent organization Facebook if they wish to keep utilizing it. All WhatsApp clients would not be able to proceed with the service except if they accept the new terms by 8 February. The stage said the update will empower it to offer features, for example, shopping and payments. 

Message platforms Signal and Telegram have both seen a gigantic surge in downloads around the world over after a questionable update to WhatsApp's terms and conditions. 

As per information from analytics firm Sensor Tower, Signal was downloaded all around the world multiple times the week before WhatsApp declared the change on 4 January and 8.8 million times the week after. This included big surges in India, where downloads went from 12,000 to 2.7 million, the UK from 7,400 to 191,000, and the US from 63,000 to 1.1 million. In a progression of tweets, Signal said a few people were detailing issues with creating groups and postponements to verification codes showing up in light of the fast development but that it was addressing the issues. 

Telegram has proved to be even more popular, with downloads booming all around the world from 6.5 million for the week starting 28 December to 11 million over the next week. In the UK, downloads went from 47,000 to 101,000. Furthermore, in the US they went from 272,000 to 671,000. During the same period, WhatsApp's worldwide downloads shrank from 11.3 million to 9.2 million. 

One industry watcher said he didn't think this fundamentally spoke to a major issue for WhatsApp, which has been downloaded 5.6 billion times since its launch in 2014. 

"It will be hard for opponents to break user habits, and WhatsApp will keep on being one of the world's most popular and broadly utilized messaging platforms," said Craig Chapple, mobile insights strategist at Sensor Tower. 

WhatsApp reassured its clients that it doesn't keep logs of every individual who is messaging, it can't see your shared location, it doesn't share your contacts to Facebook, and that groups can stay private. It likewise exhorts clients that they actually have the choice to set messages to disappear and that they can't download their information. WhatsApp's clarification may figure out how to reassure a few clients that the privacy changes aren't as troubling as first dreaded, yet for other people, it might have come past the point of no return.

Facebook Shuts Down Fake Accounts Associated With Russia and French Military

Earlier this week, in a press conference, Facebook closed two misinformation networks related to Russia, one of which was associated with the French military. Facebook has accused these accounts of orchestrating interference campaigns in African regions. Two networks using multiple FB accounts were given to users associated with the Russian Internet Research Agency. In contrast, the third account had links to persons related to the French military, says Facebook. 

Facebook has closed all three accounts for violating the policy of foreign or government interference. These networks, according to Facebook, attacked targets in North Africa and Middle East countries. As of now, the French military has offered no comments on Facebook's allegations. The campaigns battled with each other, said Nathaniel Gleicher, Facebook's head of security policy, and David Agranovich, head of global threat disruption in a blog. 

It is the first time that Facebook found two campaigns (from France and Russia) fighting with each other, commenting on each other's accounts, claiming it is fake. These accounts used fake accounts as a central part of their operations to mislead people about who they are and what they are doing, and that was the basis for our action, says Facebook. One sample post read, "The Russian imperialists are a gangrene on Mali!" The French network accounts mainly targeted Mali and the Central African Republic. Other targets include Cote d'Ivoire, Chad, Algeria, Niger, and Burkina Faso. It involved 84 FB accounts, six pages, nine groups, and fourteen Instagram accounts that infringed a policy facing "coordinated inauthentic practice." 

In French and Arabic, some of the posts were about France's Francophone Africa systems, allegations of Russian meddling in CAR elections, supportive comments about the French military, and Russia's criticism. According to Gleicher and Agranovich, "we shared information about our findings with law enforcement and industry partners. We are making progress rooting out this abuse, but as we've said before, it's an ongoing effort, and we're committed to continually improving to stay ahead." As of now, the investigation is ongoing, and no further detail has been offered.

U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers

 On Thursday, the U.S. Department of Justice (DOJ) sued F.B., asserting that the company held positions for temporary visa holders but discriminated against the U.S. workers. According to DOJ, F.B. didn't consider U.S. workers suited or "qualified and available U.S. workers" for the 2600 job openings with an average salary of $1,56,000. Facebook deliberately built a contracting arrangement that denies fair and equal job opportunities to U.S. workers who have applied. Instead, the company offered jobs to temporary visa holders to sponsor for their green cards. 

A Facebook spokesperson said that the company provided full cooperation with the DOJ regarding the review but disagrees with the charges, not offering any more comments on the ongoing litigation. The lawsuit claims that F.B. favored the temporary visa workers while discriminating against U.S. workers. The incident began in January 2018 and lasted till September 2019. F.B. didn't openly advertise about the job vacancies on its career website and denied job roles to U.S. workers; these, DOJ believes, were the tactics used by F.B. 

Eric S. Dreiband, head of the DOJ's Civil Rights Division, in a statement, said, "our message to workers is clear: if companies deny employment opportunities by illegally preferring temporary visa holders, the Department of Justice will hold them accountable." "Our message to all employers — including those in the technology sector — is clear: you cannot illegally prefer to recruit, consider or hire temporary visa holders over U.S. workers," he further says. The lawsuit claims that Facebook's employing practices also negatively affect temporary visa holders by creating unequal employment status. The workers will rely on F.B's job to retain their immigration status. 

"Facebook knowingly and intentionally deterred U.S. workers from applying to and failed to meaningfully recruit U.S. workers for its PERM-related positions, when it subjected such applicants to more burdensome recruitment procedures because it preferred to employ temporary visa holders in those positions, because of their citizenship or immigration status," says the lawsuit. In a press release, DOJ noted that it was a two years investigation. In other cases, DOJ has been reviewing the tech industry since 2019 and has also filed an anti-trust lawsuit against Google recently in October.

South Korea Fines Facebook For Sharing Data Without User Consent


South Korea fines social networking giant Facebook for 6.7 billion Won (around $6 million) for sharing user data without their consent. According to PIPC (Personal Information Protection Commission), Facebook has a total userbase of around 18 million users in South Korea. It says FB shared user data of 3.3 million users to third-party companies without user consent. The incident happened from May 2012 to June 2018. Also, PIPC says that it will charge a criminal complaint against the company for violating "personal information laws." 

The shared information includes user names, academic background, work profile, relationship status, and home addresses. The users logged into other third-party apps using their FB credentials but without giving any permission to access personal information. Nonetheless, FB shared its data with the third-party apps the users were using. 

The issue came to notice when a FB user shared their data with a service while logging in with the FB account, but the user's friends didn't, however, unaware that their FB data was also shared. Following the incident, these third-party apps used Facebook's provided information to show customized ads on social media users' profiles. 

According to PIPC, with no user permission, Facebook provided user data to third-party companies and made monetary profits. PIPC also charges FB to store login credentials (with no encryption) without user knowledge and not notify the users while accessing their data. Besides this, it claims that Facebook presented fake and incomplete documents while the legal investigation was ongoing, instead of providing the real documents. 

It affected the inquiry's credibility and caused difficulties in assessing FB's clear violations of rules and laws. For this misdoing, FB was charged for an extra 66 million won. 

The company Facebook, however, claims that it provided full cooperation during PIPC's investigation. FB find PIPC's complaint regrettable; however, it will respond after the commission takes its final decision. 

"The investigation against the US tech giant started in 2018 by the Korea Communication Commission, the country's telecommunication regulator, in the wake of the Cambridge Analytica scandal. The regulator handed the case to PIPC," reports ZDNet.

Twitter and Facebook CEOs asked to testify on election and content moderation before the US Senate

 

The US Senate Judiciary Committee has asked the CEO of Twitter and Facebook to evaluate their role in “platforms’ censorship and suppression of New York Post articles” and their role in the election.
After voting to move forward with a pair of subpoenas, the Senate Judiciary Committee agreed that the two CEO Twitter's Jack Dorsey and Facebook’s Mark Zuckerberg will be answerable to the Senate set on November 17, two weeks after the US elections. The committee lead by Republican South Carolina Senator Lindsey Graham set the agenda of the day as “platforms’ censorship and suppression of New York Post articles.”

 The aforementioned New York Post article was labeled false as it published a story about Hunter Biden, the son of Democratic presidential nominee and former Vice President Joe Biden. The article claimed that Hunter Biden organized a meeting between Joe Biden and an executive at a Ukrainian energy company Burisma in April 2015. Many are calling it a typical "Right-Wing Agenda" with hacked materials and personal mails. 

Twitter prevented its users from posting links to the article. 

As said in a press release, the senators will also dig the two CEO'S on their performance on the elections. Republicans are looking up to questioning the CEOs on their handling of the New York Post regarding the hacked material and messages fished from Hunter Biden. 

The Republicans also intend to enquire about the recent claims of anti-conservative political bias in the two social media platform's policy decisions. Not only the Republicans but the Democrats are also eager to question content moderation on the platform, "While Republicans on the Senate committee led the decision to pressure Zuckerberg and Dorsey into testifying, the committee’s Democrats, who sat out the vote on the subpoenas, will likely bring to the table their questions about content moderation, as well" reports TechCrunch on the matter.

Facebook Bans Suspicious Russian Accounts, Says Russian Spy Intelligence Interfering With U.S Presidential Election


Social networking giant Facebook says it terminated three fake account networks that could have been working for Russian intelligence. The intelligence, according to FB, might be leaking suspicious documents before the U.S presidential elections. According to FB, the suspended accounts contained fake users and identities and were suspended for 'coordinated inauthentic behavior.' The company associated all these accounts to Russian intelligence and hackers linked to St. Petersburg organization based in Russia.

The U.S officials accuse the group of meddling with the 2016 U.S presidential elections and votes. As per now, the Russian authorities haven't responded to these allegations. Neither did the Russian foreign aid ministry when asked for the comment regarding the issue. Since the beginning of its rivalry with the U.S, it is common knowledge that Russia has always denied allegations of interference in the U.S. According to Russia, the country doesn't meddle with the domestic policies of the U.S, and it has nothing to do with the presidential elections.
There was no solid proof whether the fake accounts leaked the hacked documents, but suspending these accounts helped us prevent any future leak, says Nathaniel Gleicher, head of security, Facebook. "Our team watches for the threats and trends that we need to be ready for, and one that we are very aware of ... is a hack-and-leak operation, particularly in the next 6-8 weeks. We want to make sure that the accounts are down to prevent their ability to pivot them to facilitate a hack-and-leak around the U.S. election," told Nathaniel to Reuters. 

Reuters reports, "Facebook said the networks were small with only a handful of accounts on its website and photo-sharing service Instagram, some of which posed as independent media outlets and think tanks. The accounts had a combined total of around 97,000 followers. While some of the activity did target audiences in Britain and the United States, the networks were predominantly focused on countries in the Middle East and bordering Russia, such as Syria, Turkey, Ukraine, and Belarus, Facebook said."

WhatsApp Reveals Six Bugs On Its Security Advisory Website


The Social Messaging app WhatsApp has been open about its bugs and vulnerabilities recently. To be vocal about the issue, the company has set up a dedicated website that will work as a security advisory and inform users about the latest developments on issues and bugs in WhatsApp. Owned by social media giant Facebook, WhatsApp, with a current user base of around 2 million, has set up the website as an initiative to keep the community informed about security and be more transparent with its users.


The dedicated website is not limited to WhatsApp users but open to the entire cybersecurity community. The move comes as a response to the criticisms that WhatsApp faced over its handling of security issues. The dedicated platform will give users detailed reports of security updates related to WhatsApp, along with CVEs (Common Vulnerabilities and Exposures) details. The updates will help cybersecurity experts to know the effect of these bugs and vulnerabilities.

WhatsApp reported six security bugs that it had recently discovered. The company had released security patches for these six bugs before the hackers could exploit them. Few of the bugs could be remotely launched. CVE-2020-1890, an android based WhatsApp bug, sent the recipients sticker, which contained malicious codes. The bug could be deployed without user interaction. Few bugs, however, required user interaction and couldn't be launched remotely. CVE-2019-11928 bug became active when a desktop WhatsApp user clicked any location link, allowing cross-site scripting. WhatsApp says that it will keep the community updated about the latest developments through its advisory platform, trying to release security patches as soon as possible.

According to reports, five of the six bugs were patched on the same day; however, the last bug took quite some time. "We are very committed to transparency, and this resource is intended to help the broader technology community benefit from the latest advances in our security efforts. We strongly encourage all users to ensure they keep their WhatsApp up-to-date from their respective app stores and update their mobile operating systems whenever updates are available," says WhatsApp.

The new iOS 14 to drop Facebook's Audience Network Advertising to 50%


Facebook on Wednesday posted a response to the new iOS 14 on their official blog stating that the new iOS could lead to a 50% drop in their Audience Network advertising business.



Though the company had previously raised issues with iOS 14 and that it could impact their advertising, this Wednesday blog detailed exactly how. 

Facebook Audience Network collects data from the user ( Facebook's data) and provides targeted in-app advertisements. Advertisers use a unique device ID number known as the IDFA in order to make advertisements personalized. 

In iOS 14, these tracking IDFA would be made optional and the user can opt if they want their app to track or not. Facebook said they won't collect IDFA information in iOS 14 at all even though it will make a significant dent in their audience network advertising. 

"We know this may severely impact publishers' ability to monetize through Audience Network on iOS 14, and, despite our best efforts, may render Audience Network so ineffective on iOS 14 that it may not make sense to offer it on iOS14 in the future," Facebook said in the blog.

"While it's difficult to quantify the impact to publishers and developers at this point with so many unknowns, in testing we've seen more than a 50% drop in Audience Network publisher revenue when personalization was removed from mobile ad install campaigns," Facebook said. "In reality, the impact to Audience Network on iOS 14 may be much more, so we are working on short-and long-term strategies to support publishers through these changes." 

Facebook said that their advertising policies will be in compliance with iOS 14's and Apple's preconditions but the social network's whole revenue is derived from advertising and around a billion people view at least one Audience Network ad in a month, so the decision is bound to affect Facebook grandly. 

The blog further cleared some changes Facebook would do for iOS 14 and operations for their partners. The new iOS is expected to launch this year.

Facebook Struggles Against Hate Speech and Misinformation, Fails to Take Actions


In the last month, FB CEO Mark Zuckerberg and others met with civil rights activists to discuss FB's way of dealing with the rising hate speeches on the platform. The activists were not too happy about Facebook's failure to deal with hate speeches and misinformation. As it seems, the civil rights group took an 'advertising boycott' action against the social media giant and expressed their stark criticism. According to these civil groups, they have had enough with Mark Zuckerberg's incompetency to deal with white supremacy, propaganda, and voters suppression on FB.


This move to boycott Facebook came as a response to Donald Trump's recent statement on FB. Trump said that anti-racism protesters should be treated with physical violence, and he also spread misinformation about mail-in voting. FB, however, denies these allegations, saying these posts didn't violate community policies. Even after such incidents, the company ensures that everything's alright, and it just needs to toughen up its enforcement actions.

"Facebook stands firmly against hate. Being a platform where everyone can make their voice heard is core to our mission, but that doesn't mean it's acceptable for people to spread hate. It's not. We have clear policies against hatred – and we constantly strive to get better and faster at enforcing them. We have made real progress over the years, but this work is never finished, and we know what a big responsibility Facebook has to get better at finding and removing hateful content." "Later this morning, Mark and I, alongside our team, are meeting with the organizers of the Stop Hate for Profit campaign followed by a meeting with other civil rights leaders who have worked closely with us on our efforts to address civil rights," said COO Sheryl Sandberg in her FB post.

In another incident, FB refused to take action against T. Raja Singh, an Indian politician from BJP. According to the Wall Street Journal, the company didn't apply its hate speech policies on Raja's Islamophobic remarks. FB employees admitted that the politicians' statements were enough to terminate his FB account. The company refused to, as according to the FB executive in India, could hurt FB's business in India.