Search This Blog

Showing posts with label Russian. Show all posts

The database of millions of Telegram users from Russia and Iran appeared on the Darknet


On one of the forums in the Darknet, a database appeared with information about several million users of the Telegram messenger. The data file is about 900 megabytes. 

The Telegram press service confirmed the existence of the database, explaining that information is collected through the built-in contact import function even when the user registers. Representatives of the company added that not a single service that allows users to communicate with contacts from their phone book can completely exclude such a search.

Telegram also assured that most of the fused accounts are no longer relevant. In addition, the messenger has a function "Who can add me to contacts by phone number". This setting makes it difficult for regular users to communicate (they become invisible even to those who know their phone number), but it allows you to completely hide the connection between the account and the phone number.

It became known that the Telegram user contact database did not appear on the network as a result of a leak from the messenger, it was collected by parsing - collecting and analyzing publicly available information and is a compilation of other contact databases.

"This database is a compilation of various previous databases collected from different countries and different methods. The main method is collection via open systems, chatbots, authorization, and information about a person's registration by number. Even taking into account duplicates and incorrect data in the database, this is tens of millions of users," said the expert.

The expert believes that the database could somehow get all the user's public data-ID, username, first name, last name, photo, cell phone, public bio and website, in some cases, information was also included when the user was online, his approximate location – country/region, and others. Such databases are usually used for widespread non-targeted spam.

Experts fear an increase in the number of cyber attacks after the end of self-isolation


As 62% of respondents answered, when companies transferred employees to remote work at the beginning of the pandemic, the most concern was ensuring secure remote access and VPN. 47% of respondents reported that they were concerned about preventing attacks using social engineering methods, and 52% called the protection of endpoints and home Wi-Fi networks of employees one of the main challenges.

"Even before the introduction of self-isolation, many companies allowed employees to work remotely. As soon as the regime entered into force, organizations had no choice but to organize remote access for all their employees as soon as possible. Of course, these measures have led to the emergence of new opportunities for attackers to carry out attacks. Despite the fact that we are now gradually returning to the normal life, the threat of cyber attacks is not decreasing. Companies need to use comprehensive zero-day security solutions to avoid being hit by a large number of next-generation cyber attacks," explained Vasily Diaghilev, head of Check Point Software Technologies representative office in Russia and the CIS.

At the same time, 65% of information security experts noted that their companies are blocking the access of external computers to corporate VPNs. 51% of specialists said that the greatest threat comes from home devices, 33% see the main security threat in mobile devices of employees.

According to Dmitry Medvedev, Deputy Chairman of the Security Council of the Russian Federation, the number of cybercrimes in the past five months in Russia has exceeded 180 thousand, which is 85% more than in the same period of time in 2019.

He stressed the importance of taking into account that new schemes and techniques are being developed for cyber attacks.

Russians were warned about the danger of installing banking apps on the phones



In some situations, the use of the program could lead to leakage of personal information. The specialist gave advice on how not to become a victim of fraud

Banking apps for smartphones have significantly simplified the lives of citizens. But sometimes they can cause serious harm. The head of the company Digital platform Arseny Shcheltsin shared recommendations in this regard.

First, the specialist urged people to install an antivirus program on their phone. Also, access to accounts with a lot of money should be blocked from the phone. Shcheltsin also reminded about the trick of hackers who send SMS messages from unknown numbers: people should not follow the link in any case.

According to him, the Bank's mobile app is one of the most popular apps that people install on their phones. This is due to the fact that in the mobile app, it is usually easier and more mobile to manage the account and communicate with the Bank. Regular communication using chat is even faster than communication with the Bank's call center.

The expert warned that people can accidentally download an unofficial Bank app to phone. It may be safe, but its usefulness is questionable. Most likely, the program is configured to collect personal data of a person for subsequent sale to large firms that provide services.

Mobile banks are constantly increasing their functionality, however, there is a risk that fraudsters or hackers can gain access to the Bank's mobile app by somehow placing a malicious app on the victim's phone. In the future, this malicious software gets access to application up to the ability to transfer money. 

Now banks are more serious about this issue, but despite the fact that the number of stolen money by this method is constantly decreasing, such cases still exist.

It is interesting to note that Alexei Krichevsky, an IT expert at the Academy of Finance and Investment Management, said that the owners of devices running on Android should install an antivirus application on a smartphone first. Unlike iOS, this system is more susceptible to hacker attacks.

Russian-Based Online Platform Taken Down By the FBI


The Federal Bureau of Investigation as of late brought down the Russian-based online platform DEER.IO that said to have been facilitating different cybercrime products and services were being sold according to announcements by the Department of Justice.

The Russian-based cyber platform known as DEER.IO has for quite some time been facilitating many online shops where illicit products and services were being sold.

A little while back, there happened the arrest of Kirill Victorovich Firsov as revealed by authorities, he was the supposed main operator behind Deer.io, a Shopify-like stage that has been facilitating many online shops utilized for the sale of hacked accounts and stole user data. Convicts ware paying around $12/month to open their online store on the platform.

When the 'crooks' bought shop access through the DEER.IO platform, a computerized set-up wizard permitted the proprietor to upload the products and services offered through the shop and configure the payment procedure by means of cryptocurrency wallets.

Arrested at the John F. Kennedy Airport, in New York, on Walk 7, Firsov has been arrested for running the Deer.io platform since October 2013 and furthermore publicized the platform on other hacking forums.

“A Russian-based cyber platform known as DEER.IO was shut down by the FBI today, and its suspected administrator – alleged Russian hacker Kirill Victorovich Firsov – was arrested and charged with crimes related to the hacking of U.S. companies for customers’ personal information.” - the official statement distributed by the DoJ.

While Feds looked into around 250 DEER.IO stores utilized by hackers to offer for sales thousands of compromised accounts, including gamer accounts and PII documents containing user names, passwords, U.S. Social Security Numbers, dates of birth, and victim addresses.

A large portion of the casualties is in Europe and the US. The FBI agents effectively bought hacked information from certain stores facilitated on the Deer.io platform, offered data were authentic as indicated by the feds.

When asked to comment for the same FBI Special Agent in Charge Omer Meisel states, “Deer.io was the largest centralized platform, which promoted and facilitated the sale of compromised social media and financial accounts, personally identifiable information (PII) and hacked computers on the Internet. The seizure of this criminal website represents a significant step in reducing stolen data used to victimize individuals and businesses in the United States and abroad.”

Roskomnadzor blocked the email service Protonmail


The FSB of the Russian Federation reported that it was possible to install another email service that was used by an "electronic terrorist" to send messages about mining of objects with a massive stay of people in Russia. On Wednesday, the FSB and the Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) announced the blocking of the Swiss postal service Protonmail.com.

"This email service was used by hackers both in 2019 and especially actively in January 2020 to send false messages about mass mining of objects on the territory of the Russian Federation under the guise of reliable information," said the representative of Roskomnadzor.

In turn, the FSB of Russia reported that this service is used starting from January 24. Messages with threats of mining were sent to the email addresses of courts in four regions of the Russian Federation. Last year, the same service was also used to send false terrorist threats, but on a smaller scale.
"The texts also indicated allegedly mined 830 social and transport infrastructure objects. All threats were false," the FSB reported.

ProtonMail CEO Andy Yen recently announced his decision to go to court because he believes the block is unfounded. According to him, blocking the service is an inefficient and inappropriate tool to combat cyber attacks.

"This will not stop cybercriminals from sending threats from another email service and will not help if the criminals are located outside of Russia. Cybercriminals are also likely to be able to bypass the block using one of their many VPN services," Ian said.

The head of the company stressed that blocking mail will only harm private users and restrict access to private information for Russians.

Recall that this is the third foreign mail service blocked by Roskomnadzor for spreading false messages about mining facilities in Russia. On January 23, Roskomnadzor announced the blocking of the StartMail service. It was noted that mass mailings of messages about the mining of various objects on the territory of Russia were carried out through this mail service. Emails have been received since November 28, 2019.

US Senator Chuck Schumer urges FBI to investigate FaceApp




Senate Minority Leader Chuck Schumer has suggested for an investigation into FaceApp, citing its privacy concern and fear over data transfer to the Russian government.

In a letter posted on Twitter, Mr. Schumer called the FBI and Federal Trade Commission to investigate the popular app. 

"I have serious concerns regarding both the protection of the data that is being aggregated as well as whether users are aware of who may have access to it," his letter to FBI Director Christopher Wray and FTC Chairman Joseph Simons.

‘’Furthermore, it is unclear how long FaceApp retains a user’s data or how a user may ensure their data is deleted after usage. These forms of “dark patterns,” which manifest in opaque disclosures and broader user authorizations, can be misleading to consumers and may even constitute a deceptive trade practice.’’

‘’In particular, FaceApp’s location in Russia raises questions regarding how and when the company provides access to the data of U.S. citizens to third parties, including potentially foreign governments,’’ the letter reads.

However, the app makers have previously denied the allegations. 

In the meantime, the Democratic National Committee has reportedly warned all its 2020 presidential candidates and their campaigners not to use the app. 

"It's not clear at this point what the privacy risks are, but what is clear is that the benefits of avoiding the app outweigh the risks," security officer Bob Lord reportedly told the staff.


In between all the controversies, the company has more than 80 million active users.

FaceApp has access to more than 150 Million user's faces and names








Everyone is busy posting pictures of themselves how they will look in the future, while security researchers are really worried about the data that users are giving them. 

The Cybersecurity experts at Checkpoint have said that the Russian owned app doesn't have access to your camera roll, but it 'might store' the image that you modified. 

Till now, more than 100 million people have downloaded the app from the Google Play store. While it is a top-ranked app on the iOS App Store. 

According to the terms and condition of the FaceApp, ‘You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.’

However, the firm addressed the privacy concerns saying that they are storing the uploaded photo in the cloud to increase their performance and deal with the traffic.

In the statement released they clarified that even though their 'core R&D team is located in Russia, none of the user data is transferred to Russia'. 



Security fears over Russian aging app 'FaceApp'









The viral ‘FaceApp’ which predicts how you will look after 50 years, might be exposing users to its Russian developers. 

The security experts issued a warning of security concerns as the app was made in 2017. The app puts a filter over users face, as it has permanent access to your photos. 

According to the experts, the app doesn’t ask for access, store or use images from the user's camera roll. The app access photos without permission.

James Whatley, a strategist from Digitas, says: 'You grant FaceApp a perpetual, irrevocable... royalty-free... license to use, adapt, publish, distribute your user content... in all media formats... when you post or otherwise share.'

The app which is free service uses artificial intelligence to edit a picture and transforms the image into someone double or triple your age. 

FaceApp is currently one of the most downloaded apps for both iOS and Android, as #faceappchallenge posts have taken over social media.