Search This Blog

Showing posts with label Mobile Security. Show all posts

Irish Regulator Fines WhatsApp $266 Million for Breaching EU Privacy Regulations

 

Facebook-owned WhatsApp has been directed to pay a 225 million euros ($266 million) fine for violating the EU’s General Data Protection Regulation after it failed to notify the users and non-users on what it does with their personal data. 

The penalty was handed down by the Irish Data Protection Commission (DPC), the leading data privacy regulator for Facebook within the European Union, following an investigation started in December 2018 after the DPC received multiple complaints from "individual data subjects" (both users and non-users) regarding WhatsApp data processing activities.

"We examined whether WhatsApp has discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp's service. This includes information provided to data subjects about the processing of information between WhatsApp and other Facebook companies," DPC said.

In addition to the fine, the 266-page decision by the DPC directs WhatsApp to bring its processing into compliance by taking eight remedial actions within the next three months. One of WhatsApp's Spokesperson stated the penalty and said that the company provided detailed information to the users. The fine imposed by DPC is "out of step with previous GDPR-related fines" levied against other technology giants. 

"We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018, and the penalties are entirely disproportionate," said the spokesperson. 

The DPC says it discovered that WhatsApp's practices violated four specific parts of GDPR: 

• Article 5, covering principles relating to the  processing of personal data; 

• Article 13, covering information to be provided when personal data gets collected from a data subject;

• Article 14, covering information to be provided when personal data has not been obtained from a data subject; 

• Article 15, which concerns a data subject's right to access their personal data from a controller. 

The fine imposed on WhatsApp is the second-highest fine ever issued so far under GDPR, outranked only by an $885 million fine against Amazon, according to Jonathan Armstrong, a compliance and technology lawyer with London-based law firm Cordery. 

According to Ireland's Data Protection Commission, it initially proposed a penalty in the range of 30 million euros to 50 million. But the European Data Protection Board reviewed the WhatsApp case and on July 28 issued a binding decision instructing the DPC to reassess and increase its proposed fine. The DPC says that based on the board's instructions, it increased the fine to 225 million euros. 

"An eye-catching aspect of that process was the increase in the size of the fine from a range of 30 million to 50 million euros first proposed by the DPC. The fine highlights the importance of compliance with the GDPR's rules on transparency in the context of users, non-users, and data sharing between group entities," says John Magee, who heads law firm DLA Piper's privacy, data protection, and security practice in Ireland.

Kaspersky Lab has reported about Android viruses designed to steal money automatically

Viktor Chebyshev, a leading researcher of mobile threats at Kaspersky Lab, spoke in an interview with Russian newspaper Izvestia about Android Trojans that automatically interact with banking applications. After infiltrating the smartphone, Trojans motivate the user to open the application of a particular credit institution and log in to it. And then the malware automatically clicks the necessary "buttons" for the money transfer. This happens so quickly that the victim does not have time to suspect anything by visual signs.

"The developers of such Trojans thoroughly study the structure of the target banking application. Attackers find out that there is a "Login" button in the application and in which area of the screen it is displayed. They know that after clicking on "Log in", fields for entering a username and password appear. And then there is a money transfer button. Based on this information, attackers create a Trojan that uses the documented capabilities of Android for malicious purposes, which allows it to automatically click buttons in the banking application,” the expert said.

At the moment, Kaspersky Lab knows only about one case of the spread of such a virus. However, the expert believes that soon there will be more such viruses since they are very convenient for cybercriminals.

In addition, mister Chebyshev was asked which platform users are more at risk of encountering banking Trojans. He responded that Android. According to the expert, 99.9% of mobile financial threats target Android.

The expert stressed that Russia remains in the top ten countries in terms of the share of users who have faced financial attacks. He added that mobile threats are still active and continue to develop since it is difficult to find both victims and attackers.

Cybersecurity experts called the signs of smartphone hack

Fast discharge of the smartphone, the appearance of strange notifications or spam when the screen is locked, blocking antivirus programs - all this may indicate that malicious software is installed on the device.

Experts named an unnaturally fast discharge of the battery as one of the main signs of hacking. As a rule, such software runs in the background on your phone, significantly eating up the battery power. Self-restart of the phone is another sign of hacking.

Dmitry Galov, a cybersecurity expert at Kaspersky Lab, pointed out that when it comes to banking Trojans, miners, spyware and stalker software, whose task is to remain unnoticed for as long as possible, there are only a few indirect signs of infection.

"These signs include fast battery discharge, despite the fact that the phone may be new, the device overheating, the consumption of a large amount of Internet traffic, the appearance of strange notifications or unfamiliar programs that you did not install. And this is not a complete list," Mr. Galov said.

According to him, it is possible to correctly answer whether the device is infected only with the help of antivirus. However, if the device is hacked, the antivirus software may be blocked for unknown reasons, even restarting the phone will not help.

"If the user finds signs of infection with a miner or a banking Trojan on the smartphone, then he needs to check the device with an antivirus and remove the malicious software", the Kaspersky Lab expert explained.

Before deleting stalker programs, the expert recommends thinking about whether this step will create an even greater danger: "the initiator of surveillance will most likely find out about this soon, and it is unknown what the next steps of the attacker will be."

The number of cases of hacking smartphone games has increased in the world

In the first half of 2021, the Russian mobile games market was among the world's top five leaders in terms of downloads. Therefore, hackers began to actively attack Russians playing on smartphones. In online games with prizes, attackers can crack the code to get rewards instead of honest participants. In games with registration, hackers hunt for the personal data of players. 

According to forecasts, the volume of the Russian video game market by the end of this year is expected to amount to $2,236 million. Along with the growing interest of consumers in video games, the activity of hackers and scammers is also growing.

Basically, the key to obtaining personal data, logins and access to the victim's computer is phishing. There are various schemes: from simple chat correspondence with malicious links to fraudulent sites where players are offered to improve statistics, download various hacks containing keyloggers or spyware.

It is quite simple to distinguish a game in which there is a chance to meet a dishonest player. You just need to find out if the application is using any anti-cheat (software for tracking and preventing the use of funds for cheating), as well as how often it is updated. Such information can be found in the public domain, often the developers of a particular game write about it themselves.

According to Panda Security in Russia and the CIS, cryptojacking malware can also be added to the current problems of gamers. Cryptojacking is the use of devices (computers, smartphones, tablet PCs, or even servers) without the knowledge of their owners for the purpose of hidden mining of cryptocurrencies. 

The best way not to become a victim of such fishing is not to download pirated software. If the user notices that the PC or mobile device has become slower or fails, then there is a high probability that the gamer is unknowingly "mining" cryptocurrency for hackers.

Apple’s iPhone is the Easiest to Snoop on Using the Pegasus, Says Amnesty

 

NSO Group, an Israeli cyber intelligence firm, developed Pegasus spyware as a surveillance tool. As claimed by the corporation, this firm is known for developing advanced software and technology for selling primarily to law enforcement and intelligence agencies of approved nations with the sole objective of saving lives by preventing crime and terror activities. Pegasus is one such software designed to get unauthorized access to your phone, gather personal and sensitive data, and transfer it to the user who is spying on you. 

Pegasus spyware, according to Kaspersky, can read SMS messages and emails, listen to phone calls, take screenshots, record keystrokes, and access contacts and browser history. A hacker may commandeer the phone's microphone and camera, turning it into a real-time monitoring device, according to another claim. It's also worth mentioning that Pegasus is a complex and expensive spyware meant to spy on specific individuals, so the typical user is unlikely to come across it. 

Pegasus malware snooped on journalists, activists, and certain government officials, and Apple, the tech giant that emphasizes user privacy, was a victim of the attack. Indeed, according to Amnesty's assessment, Apple's iPhone is the easiest to snoop on with Pegasus software. According to the leaked database, iPhones running iOS 14.6 feature a zero-click iMessage exploit, which could have been used to install Pegasus software on the targeted entities' iPhones. The Cupertino behemoth has issued a statement condemning the assault. 

Apple’s Head of Security Engineering and Architecture, Ivan Krsti, in a statement said, "Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data." 

Citizen Labs had already uncovered this flaw. Zero-click attacks are practically invisible and run in the background because they do not require the user's involvement. In iOS 14, Apple included the Blastdoor framework to make zero-click attacks more difficult, although it does not appear to be operating as planned.

WhatsApp Hijack Scam, Here's All You Need To Know

 

By posing as a friend and asking for SMS security codes, scammers are continuing to target WhatsApp users and hijack their accounts. The con has been around for years, yet victims have continued to fall for it, with many sharing their stories on social media. Users should never give out their security codes to anyone, even if they appear to be a buddy, according to WhatsApp. 

If users receive six-digit WhatsApp codes that they did not expect, they should be concerned. When setting up a new account or signing in to an existing account on a new device, such codes are frequently seen. However, if the code is obtained unexpectedly (without the user's request), it could be a scammer attempting to gain access to your account. 

The fraudster would then send you a WhatsApp message asking for the code. The most essential thing to remember is not to share the code, as the message appears to be from a legitimate friend or family member in most circumstances, even though the account has already been hacked. 

One victim, Charlie, told the BBC, "I got a WhatsApp message from my good friend Michelle, stating she was locked out of her account. She stated she sent the access code to my phone instead of hers by accident and that I could just screenshot it and send it over." In actuality, Charlie had given the scammer the code to his own account. 

He told the BBC, "I guess I fell for it since we all know how annoying technology can be and I was eager to help. I didn't realise what had happened for a day." Charlie stated that he had deleted WhatsApp and would no longer use it. 

The hijacker can pretend to be you and send messages to your friends and family using a stolen account. They might act as if you're facing a financial emergency and beg your contacts for money. It also provides them with the phone numbers of your contacts, allowing them to try the six-digit code trick on fresh victims. By gaining access to your account, the fraudster will be able to see sensitive information in your group chats. 

WhatsApp advises users to be cautious and not reveal their One Time Password (OTP) or SMS security code to anybody, even friends and relatives. Citizens can also enable two-step verification for added security.

Customers Deceived by Google for Collection of User Location Data

 

The Federal Court of Australia observed that somewhere between January 2017 and December 2018, Google LLC and Google Australia Pty Ltd (together, Google) deceived customers in a world-first compliance action by ACCC on personal location information gathered from Android mobile devices. 

As a result of the 2019 legal proceedings against Google, the Australian Competition and Consumer Commission (ACCC) has stated that the rulings represent an "important victory for consumers" over protecting online privacy. Google deceived Android users to believe that the tech giant will only collect personal information, the ACCC said. 

“This is an important victory for consumers, especially anyone concerned about their privacy online, as the Court’s decision sends a strong message to Google and others that big businesses must not mislead their customers,” ACCC Chair Rod Sims said. “Today’s decision is an important step to make sure digital platforms are upfront with consumers about what is happening with their data and what they can do to protect it.” 

The Court ruled that in the initial installation Google misrepresented the setting of 'Location History' as the only Google Account setting which impacted whether Google obtained, maintained, or used personally identifiable information on the location of a device once consumers had created a new Google Account. In reality, Google was also able to capture, store and use personal location data during activation through a different Google Account setting entitled 'Web & App Activity.' Though this setting was set by default.

Also between 9 March 2017 and 29 November 2018, customers were deceived by the fact that Google didn't bother to tell them that perhaps the configuration was related to the collection of personal location data after they had accessed the 'Web & App Activity settings on their Android system. The Court held that the actions of Google could trick the audience. 

“We are extremely pleased with the outcome in this world-first case. Between January 2017 and December 2018, consumers were led to believe that ‘Location History’ was the only account setting that affected the collection of their location data, when that was simply not true,” Mr. Sims said. He also added, “Companies that collect information must explain their settings clearly and transparently, so consumers are not misled. Consumers should not be kept in the dark when it comes to the collection of their location data.” 

The Court rejected the claims of the ACCC concerning certain declarations by Google on how users could prevent Google from obtaining and then using the location information and the purposes for which Google uses its personal location information. Though the ACCC seeks declarations, fines, instructions for publishing, and conformity orders.

Russian expert give tips on how to protect yourself from "eavesdropping" on your smartphone

A smartphone can "eavesdrop" on its owner, said information and computer security expert Sergei Vakulin. In an interview with Radio Sputnik, he explained who might need to record conversations and how to protect sensitive information

Some smartphone applications may record our conversations when we do not expect them to. Moreover, we ourselves provide them with this opportunity, giving them permission to access the microphone during the installation of the application, explained the expert on information and computer security Sergei Vakulin.

According to him, advertisers are primarily interested in obtaining such information.

"The app can spy on you to analyze your data and sell. Not just to collect it, but to sell it. We often have the situation where you took a loan from one bank, and you immediately get a call from another bank and offer another loan. Selling data - this is already a banal topic," the expert said in an interview with Radio Sputnik.

He clarified that once the app has gained access to the microphone, it will be able to turn it on whenever it wants, not just during a phone call. Sergey Vakulin claims that the recording function can be turned on even on a locked device.

"If you've given the app permission to access the microphone, it will be able to 'listen' to you even when it's locked. If you have access, the app can turn on the microphone at any time it wants and collect information," the expert explained.

According to him, you can protect yourself from eavesdropping by limiting the number of applications with access to the microphone.

Also, for particularly important conversations you can buy a phone without the ability to connect to modern communication networks.

"If you look closely at many officials and billionaires, both Russian and foreign, they walk around with push-button phones. A pushbutton phone will be very difficult to listen to, because there is no 3G, LTE and so on," explained Sergei Vakulin.

WhatsApp Clients Resort to Other Messaging Platforms

 

WhatsApp has told its two billion clients they should permit it to share information with its parent organization Facebook if they wish to keep utilizing it. All WhatsApp clients would not be able to proceed with the service except if they accept the new terms by 8 February. The stage said the update will empower it to offer features, for example, shopping and payments. 

Message platforms Signal and Telegram have both seen a gigantic surge in downloads around the world over after a questionable update to WhatsApp's terms and conditions. 

As per information from analytics firm Sensor Tower, Signal was downloaded all around the world multiple times the week before WhatsApp declared the change on 4 January and 8.8 million times the week after. This included big surges in India, where downloads went from 12,000 to 2.7 million, the UK from 7,400 to 191,000, and the US from 63,000 to 1.1 million. In a progression of tweets, Signal said a few people were detailing issues with creating groups and postponements to verification codes showing up in light of the fast development but that it was addressing the issues. 

Telegram has proved to be even more popular, with downloads booming all around the world from 6.5 million for the week starting 28 December to 11 million over the next week. In the UK, downloads went from 47,000 to 101,000. Furthermore, in the US they went from 272,000 to 671,000. During the same period, WhatsApp's worldwide downloads shrank from 11.3 million to 9.2 million. 

One industry watcher said he didn't think this fundamentally spoke to a major issue for WhatsApp, which has been downloaded 5.6 billion times since its launch in 2014. 

"It will be hard for opponents to break user habits, and WhatsApp will keep on being one of the world's most popular and broadly utilized messaging platforms," said Craig Chapple, mobile insights strategist at Sensor Tower. 

WhatsApp reassured its clients that it doesn't keep logs of every individual who is messaging, it can't see your shared location, it doesn't share your contacts to Facebook, and that groups can stay private. It likewise exhorts clients that they actually have the choice to set messages to disappear and that they can't download their information. WhatsApp's clarification may figure out how to reassure a few clients that the privacy changes aren't as troubling as first dreaded, yet for other people, it might have come past the point of no return.

Rogue: An Android Malware That Gives Hackers Full Control Over a Phone

 

Another sort of Android malware that provides hackers with nearly-full access to a client's Android cell phone is doing rounds on underground forums. Colloquially known as 'Rogue' Remote Administration Tool (RAT), the malware infects victims with a keylogger – permitting attackers to effectively monitor the utilization of sites and applications to take usernames and passwords, just as more delicate data like a client's financial data. The malware, as per reports, is accessible on underground forums for as low as $29.99 (generally Rs 2,200).

This low-cost malware undermines a full-scale takeover of a victim's cell phone, observing the GPS area on the target, taking screenshots, utilizing the camera to take pictures, secretly recording sound from calls, and more. The virus does this while being hidden from the owner of the cell phone. All an attacker requires is their own cell phone to give commands on an infected device. This malware has been detailed by cybersecurity researchers at Checkpoint Research as a mix of two past groups of Android RATs - Cosmos and Hawkshaw - and exhibits the advancement of malware improvement on the dark web. 

Rogue is crafted by Triangulum and HeXaGoN Dev, known Android malware creators that have been selling their vindictive products on underground markets for quite a long while. For the development of Rogue, the malware creator evidently joined forces with HexaGoN Dev, which specializes in the building of Android RATs. Beforehand, Triangulum bought projects from NexaGoN Dev. "The mix of HeXaGon Dev's programming skills and Triangulum's social marketing abilities clearly posed a legitimate threat," Check Point's security researchers note.

While there is no single manner by which hackers introduce Rogue, it is normally pushed on a victim's cell phone either by phishing, malevolent applications, or other such techniques. In the wake of being downloaded on a cell phone, Rogue asks for permissions that it needs for the hacker to remotely get to a cell phone. When the permissions are in all actuality, Rogue registers itself as the device administrator and conceals its icon from the home screen. 

The best way to try not to succumb to this is to not click on suspicious links or download applications from outside sources other than Google Play and Apple App Store. Further, it is additionally imperative to ensure all security updates are installed on the device.

Kaspersky announced the creation of the new smartphones with protection from hackers

A smartphone with a secure Kaspersky will have minimal functionality, said the head of Kaspersky Lab, Eugene Kaspersky. According to him, it will have its own basic applications and browser, but the smartphone has other tasks, it's security.

"There will be minimal functionality, but don't wait for beauty, both Android and iOS, this smartphone will perform other special tasks," said Mr. Kaspersky. "The device can call and send SMS, of course, there will be an office suite, its own browser with minimal functionality and a standard set of applications, such as an alarm clock, calculator, and so on,” added he.

So far, Kaspersky Lab does not plan to have an App store on its OS, but this is possible in the future. "Most likely, first we will make our own, and then we will be ready to attract other app stores," said Eugene Kaspersky.

At the same time, he said that smartphones on the Kaspersky operating system may appear next year. The company agreed with a Chinese smartphone manufacturer to install a new OS. 

He noted that the company does not plan to enter the platforms Google and Apple and try to replace them. "Our task is to create a secure phone that is almost impossible to hack, for processing secret and confidential information of both government officials and enterprises, and infrastructure management," said the head of Kaspersky Lab.

It’s interesting to note that Kaspersky Lab has been creating an operating system designed for maximum protection of equipment and operating on the principle of "everything is forbidden that is not allowed" for several years.

Over 600 Million Users Download 25 'Fleeceware' Apps from the Play Store


Researchers at security firm Sophos has discovered a new set of Android apps present on the Google Play Store that contain fleeceware. Notably, these apps have been downloaded and installed by over 600 million unsuspecting Android users.

The term 'Fleeceware' was first coined in September 2019 by cybersecurity firm Sophos in aftermath of an investigation that led to a new kind of financial fraud on the authentic Google Play Store.

Fleeceware is a new addition to the cybersecurity ecosystem, referring to the exploitation of the trial period mechanism in Android apps which generally is provided before one is charged for the full version from his signed up account.

Normally, users who register for an Android app's trial period are required to cancel the same manually in order to avoid being charged. However, it's common among users to simply stop using the app by uninstalling it in case they don't like it. The action of uninstalling is read by the developers as trial period being canceled and hence it doesn't result in the due amount being charged from the user account.

The UK based, a cybersecurity company, Sophos told that it identified over two-dozen android apps containing fleeceware, these apps were charging somewhere around $100 and $240 per year for apps as basic and mainstream as barcode readers, calculators, and QR scanners.

Suspecting the unusually high number of downloads on these apps, analyst Jagadeesh Chandraiah says, it's likely that these apps have resorted to third-party pay-per-install services to raise up the download counts. He also suspects the five-star reviews being fake and bought in order to better the apps ranking on the Play store and hence lure a large number of users.

Warning the users in their report, Sophos told, "If you have an Android device and use the Google Play Store for apps, you should rigorously avoid installing these types of “free trial” apps that offer subscription-based charges after a short trial."

"If you do happen to have a free trial, make sure you understand that merely uninstalling the app does not cancel the trial period. Some publishers require you to send a specific email or follow other complicated instructions to end the free trial before you are charged, though you might just need to log into your Google Pay to cancel. Keep copies of all correspondence with the publisher, and be prepared to share that with Google if you end up disputing the charges." the report further read.

ICQ and Signal are the most secure messengers in Russia, says Vladimir Zykov


Vladimir Zykov believes that ICQ messenger is safer than WhatsApp, but this does not solve the problems. iOS and Android operating systems contain many vulnerabilities that are exploited by hackers.

Choosing a messenger for use, Russians are guided mainly by the advice of friends and their own feelings, said Vladimir Zykov, head of the Association of Professional Network Users and Messengers. The expert is sure that ICQ and Signal messengers are the safest in Russia. But few people use them.

In General, any messenger for a smartphone does not guarantee absolute security, because a vulnerable operating system controls the messenger.

"But if you choose secure mobile software, then the probability of hacking, of course, decreases," said the expert.

According to the expert, the situation is due to the fact that most applications run on mobile devices running the operating systems iOS and Android, developed by American companies Apple and Google. Therefore, they have access to Russian accounts.

"That is, in fact, their owners can connect to your phone and calmly watch from the screen everything that you have there," said he.

Earlier, the creator of Telegram and VKontakte Pavel Durov sharply criticized Facebook. The entrepreneur is unhappy with the protection of information in the WhatsApp messenger.
According to Durov, the application is a kind of Trojan that are not connected in any way with the messenger. This is due to the policy of the American company, which deliberately leaves security vulnerabilities.

WhatsApp, at the same time, is one of the most common messengers among Russians. In addition to it, the Viber application is popular. However, as experts say, these services do not really have high security.

Researchers Found Android Apps on Google Play that Steal Personal Data of Victims and Pose Other Threats



Security researchers identified seven new malicious apps present on Google Play Store that infect devices with adware and malware while laying open the system's backdoor access which ensures a smooth installation of any new functionality that comes along with the application. Other threats include battery drainage and excessive consumption of mobile data.

In recent times, with the mobile malware penetrating its roots in the cyber world, there have been a number of new discoveries from security researchers where they warn of malicious android apps that request sketchy permissions and contain malware. Android platform's openness, flexibility, and excess control are the key factors which make it all the more attractive to the users and likewise, cybercriminals. As a downside, it also provides a more vulnerable space for criminals to exploit by posting adware infected apps to serve marketing interests and steal sensitive user data. These apps can take different forms and mostly, share a similar code structure which indicates a direct link between the developers.

These malicious apps are configured to download and consequently install APKs from a GitHub repository, hence attackers are handling the GitHub communication very sophisticatedly, as a part of which they effectively wait to bypass detection by security officers and malware detection agencies.

Attackers have embedded a GitHub URL within the malicious app code which sets the basis for evading Google Play protect scan. However, while security researchers somehow managed to unearth the configuration data of the malicious apps and related URLs, they were directed to Adware APK which is triggered right after the installation of the infected app. The APK halts for a timeframe of 10 minutes after being triggered to execute the malicious motives.

Here, the aforementioned malicious apps have been posted by three different developers as listed below:

iSoft LLC (Developer) – Alarm Clock, Calculator, Free Magnifying Glass
PumpApp (Developer) – Magnifying Glass, Super Bright LED Flashlight
LizotMitis (Developer) – Magnifier, Magnifying Glass with Flashlight, Super-bright Flashlight

As a security measure for the continuously expanding mobile malware, Google tied up with various mobile security companies that would assist them in detecting bad apps before they hit a download mark over million. Users who have already installed these dropper apps are recommended to uninstall them manually.

Food blogger Jack Monroe lost 5000 Euros in phone number theft



"I lost 5000 Euros when my phone number was hacked and re-used on another sim card," says Jack Monroe. The culprits then successfully received her two-time verification information and obtained her bank and cash records."I was already concerned about the safety and had several steps in check," said Jack in a tweet. The industry was not able to address the "sim-jacking," says a privacy campaigner. The blogger expressed her anger in a tweet when she was told, 'although she would get her mobile number back in no time, the amount stolen will take time to refund.' "The cash taken has cost me very much - I'm a self-engaged freelancer and I have to work for every cent that I make," she tweeted.

The food writer is recognized for her cost-effective recipes and her support for campaigns against poverty. Sim-jacking, or Sim-swapping, is when culprits switch a mobile number with another Sim and use it as their own. This is done by criminals pretending as a consumer who wants to shift to a separate mobile service provider but doesn't want to change the phone number.

While personal information is required before requesting a sim transfer, the information is sometimes already available on the internet. - In this case, Ms. Monroe's date of birth, for instance, was retrieved from the internet. In other cases, the shop keepers or sim providers are often tipped for sim-jacking.

The first sign of sim hijacking for the victim is when their phone stops functioning. "The cases of sim-swapping in England are rare but there have been instances in other parts of the world. The industry is unable to combat the problem of sim-jacking," said Pat Walshe, Director, Privacy Matters, to BBC. The task of sim swapping is not common but one can do it easily if they want to, says Pat.

If ever caught in sim-jacking, the victims should always report the incident to their mobile operator or the ICO (Information Commissioner's Office). "The case should now push the ICO to inquire whether mobile operators and shop owners are actively following the protocol to protect services and data under telecommunication privacy laws," said Pat. The Global System for Mobile Communications, commonly known as 'GSMA' has made an alternative mobile identification verifier known as Mobile Connect. The ICO has been contacted by BBC, regarding the data theft problems.

Telecom Major Airtel Exposes a Major SIM-Swapping Racket


Telecom major Airtel exposes a major SIM-swapping racket that could hijack users' premium numbers and enable the hackers to commit online banking fraud via fake Aadhaar cards.

The complaint filed by Stanely Agenlo, head of facilities, Bharti Airtel, on September 19 reads, ""It has come to Airtel's notice that the Point of Sale have (sic) involved in fraudulent SIM swap of the mobile numbers by forging Proof of Address/Proof of Identity documents of the original customers..."

18 mobile numbers were identified by Airtel in a complaint to the Cyber Crime Police, CID, Bengaluru, where SIM cards were swapped by its retail agents utilizing the 'forged' Aadhaar papers from January 1 to September 19 this year.

The sham was exposed when customers called Airtel helplines saying their numbers had ceased to working all of a sudden and their SIM cards referred to be related to certain 'fancy' numbers ending with digits like 12345, 77777, 33333 and 00000.

“It is suspected these SIM cards might have been used for committing online bank fraud. Further, an internal inquiry by Bharati Airtel disclosed that there is a deep-rooted nexus between the POS retailers and impersonators. The agents committed the above act from January 1to till date,” said Airtel's complaint.

While CID has registered a FIR under the Information Technology Act, 2008 and has already identified a couple of the accused, their sources state that: “We learnt the accused provided SIM cards to customers from other states. But we are not sure of the reason behind the offence; it could be online fraud or just a fancy number racket. But looking at the scale of the fraud, it is unlikely to be limited to fancy numbers alone.”

Police, nonetheless, states that the scam may include thousands of numbers where duplicate SIM cards were procured by adapting to forged identities and address-proof documents, a device progressively being utilized by fraudsters and hackers alike.

When approached for a comment Airtel declined to react on the progress made.

Criticism against Google Play Store on the Rise about Malware-Laced Apps




Google Play Store has come in for a serious criticism as of late, with various alerts about malware-laced apps which have frequently been on the store for quite a long time, or even years, and which have been installed by a huge number of users.

This most recent cautioning concerns four VPNs and two selfie apps, with in excess of 500 million installs between them, all of which contain harmful adware and which look for hazardous system permissions that can exact serious harm.

Regardless of significant efforts to clean house the issue stays pervasive and users stay in danger.

Google Play Protect is therefore one storefront intended to make preparations against application vulnerabilities and, in 2018, Google “detected and removed malicious developers faster, and stopped more malicious apps from entering the Google Play Store than ever before. The number of rejected app submissions increased by more than 55%, and we increased app suspensions by more than 66%."
However, once more the warnings still remain that dangerous applications are as yet accessible for install on Google's official store.

First was a notice from security researcher Andy Michael around four Android VPNs that are 'bombarding devices' with false ads—creating income for their operators to the detriment of the organizations setting the advertisements.

Second, was a notice from security researchers at Wandera that two camera filter apps with more than 1.5 million installs between them have been tainting devices with adware.

In any case Google's Android (and Apple's iOS) is making it progressively simple for users to track permissions granted and application misuse now and every user has been informed to take advantage of every one of the protections set up, clicking with caution and keeping their smartphones protected from the would-be-intruders to every extent they can.

This is all in light of the fact that the clever malware attacks still exist out there—and they can be very difficult to detect.

Google about to Roll Out One of the Most Awaited Features



In 2018, Google broke headlines for tracking its users location even after they disabled the sharing of location history via their privacy settings.

There were complaints against the company, stating, "Google represented that a user ‘can turn off Location History at any time. With Location History off, the places you go are no longer stored.’ This simply was not true."

In the wake of receiving intense criticism over location history, Google came up with necessary adjustments which now allow users to stop the tech giant from tracking them, except for the applications in which location data is of utmost importance such as Waze and Google Maps.

In an attempt to make Google Maps even more secure and trustworthy, the company added enhanced security features related to location privacy in Android 10; to further better the services and regain the lost user trust, Google is planning to add Incognito Mode to Google Maps and the feature is said to be in testing.

Users can always put restrictions on the location data collected by Google Maps by signing out of their Google account, but it will come at the cost of their convenience, therefore, Google is planning to introduce Incognito Mode which can be turned on by the users in the same way they do it for Youtube or Google Chrome to delink the search or navigation data from their main Google account.

In order to activate Incognito Mode, users can simply choose the option from their Google account avatar and they will be informed about the app being in incognito mode by a black status bar and the marker indicating the location will turn into dark from blue to mark the change.

To enable the feature, users are recommended to install Preview Maps version 10.26 or higher and for those who are not a part of Preview Maps test group, wait until the company releases it on a wider scale.


Hackers Exploiting a Critical Weakness in Mobile Phones to Track Location



The interface designed for the usage of cell carriers is being exploited heavily by attackers. It allows the cell carriers to get in direct touch with the SIM cards inside subscribers' smartphones, the interface can be employed by the carriers for allowing subscribers to make use of the data stored on their SIM card to provide account balances along with other specialized services.

Hackers can secretly track the location of subscribers by exploiting the interface and giving commands to acquire the IMEI identification code of device; the Simjacker exploit further allows them to carry out actions such as making calls or sending messages.

According to the researchers at AdaptiveMobile Security, the working of the Simjacker exploit is not limited to a few devices, rather, it can be carried out on a wide range of mobile phones, irrespective of their software or hardware.

Unfolding the various aspects of the attack, Dan Guido, a mobile security expert and the CEO of security firm Trail of Bits told Ars, “This attack is platform-agnostic, affects nearly every phone, and there is little anyone except your cell carrier can do about it.”

While commenting on the issue, Karsten Nohl, the chief scientist at SRLabs, told Ars, “We could trigger the attack only on SIM cards with weak or non-existent signature algorithms, which happened to be many SIM cards at the time,”

 “AdaptiveMobile seems to have found a way in which the same attack works even if signatures are properly checked, which is a big step forward in attack research.” He added.

iPhone hacking sites were also after Android, Windows users


Those hackers Google’s researchers sussed out earlier this week apparently went after more than just iPhone users. Microsoft’s operating system along with Google’s own were also targeted, according to Forbes, in what some reports are calling a possibly state-backed effort to spy on the Uighur ethnic group in China.

Google’s Threat Analysis Group was the first to discover the scheme earlier this year (news of the campaign was first disclosed Thursday). It involved a small group of websites aiming to infect visitors’ devices to gain access to their private information, including live location data and encrypted information on apps like on WhatsApp, iMessage, and Telegram. These websites were up for two years, during which thousands of visitors purportedly accessed them each week.

In February, Google notified Apple of 14 vulnerabilities the site’s malware exploited, which the company fixed within days with iOS 12.1.4. Apple disclosed in that update that the flaws, referred to as “memory corruption” issues, were fixed with “improved input validation.” The company hasn’t publicly addressed Google’s account of the hack since the news broke earlier this week.

While the Google team only reported iPhone users being targeted by this attack, sources familiar with the matter told Forbes that devices using Google and Microsoft operating systems were also targeted by these same sites. Thus widening the potential scale of an already unprecedented attack.

Whether Google found or shared evidence of this is unclear, as is whether the attackers used the same method of attack as they did with iPhone users, which involved attempting to sneak malicious code onto users’ phones upon their visit to the infected websites. When asked about these reported developments, a Google spokesperson said the company had no new information to disclose. We also reached out to Microsoft and will update this article with their statements.