Search This Blog

Showing posts with label Social Media. Show all posts

Kumsong 121 North Korean Hacker Group Conducts Cyber Attacks via Social Media

 

Kumsong 121 the North Korean Hacker gang has unleashed a cyberattack employing social media in North Korea. The North Korean hacking attempts are a matter of concern for computer users and mobile telephone users likewise. 

Given the frequency of cyber threats from North Korea, smartphone and computer users ought to stay careful, safety experts advise. 

Kumsong 121 is conducting "smishing" cyberattacks against Android mobile phone users, as per EST Security. When victims download an infected Android package that a hacker creates, most of its private information, comprising address books, text messages, telephone records, locations, sound recordings, and images stored on their phones, is disclosed. 

EST Security reported on Tuesday in a news release that Kumsong 121 had discovered a potential "advanced persistent threat" (APT). The attack used a very complicated technique: the assailants used social media instead of e-mail to support the target and deliver a malicious attachment. 

The hackers selected extra aims from their pals in social media upon hacking an individual's social media profile. The hackers then dropped the target's security and became mates by delivering chat messages containing nice welcomes and regular issues or gossip. 

The hackers subsequently delivered the corrupted document file via e-mail to the target, asking for input in a recent piece on North Korean matters. A macro virus is included in the accompanying document file that makes the computer system exploitable when the email recipient acknowledges the file. The hackers effectively grafted social media into conventional attacks against specific persons on "spear phishing." 

Indeed, a hacker gang from North Korea recently tried to disseminate a contaminated record by disabling the social media account of a defector from North Korea and chatting with their friends. 

Kumsong 121 has infiltrated mobile phones of well-known personalities, including particular South Korean legislators, to obtain their personal information, claimed Mun Chong Hyun, head for the EST security response center (ESRC). He said hackers attack organizations in North Korea's websites or build counterfeit Facebook accounts for those functioning in the North Korean industry on an ongoing basis. 

“In particular, they often use mobile phones or email to contact you, pretending to be an acquaintance or industry expert,” he said. “When sent .apk or .doc files, the safest thing is to directly call the sender and confirm whether they are legit.”

Discord CDN and API Exploits Drive Wave of Malware Detections

 

As per the researchers, the number of reported Discord malware detections has increased significantly since last year. Even users who have never interacted with Discord are at risk, even though the network is mostly utilized by gamers as Discord has a malware problem.

Discord develops servers, or unique groups or communities of people, who can communicate instantly via voice, text, and other media. 

According to research issued by Sophos, occurrences have increased 140 times since 2020. The major cause of the Discord spike is its content delivery network (CDN) and application programming interface (API), both of which have been exploited by cybercriminals. 

The CDN of Discord is being exploited to host malware, while its API is being utilized to exfiltrate stolen data and allow hacker command-and-control channels. 

Since Discord is extensively used by younger gamers who play Fortnite, Minecraft, and Roblox, most of the virus floating around involves pranking, such as using code to crash an opponent's game, as per Sophos. However, the increase in data thieves and remote access trojans is more concerning, according to the report. 

“But the greatest percentage of the malware we found have a focus on credential and personal information theft, a wide variety of stealer malware as well as more versatile RATs. The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users,” the report added. “And this excludes the malware not hosted within Discord that leverage Discord’s application interfaces in various ways. At just before publication time, more than 4,700 of those URLs, pointing to a malicious Windows .exe file, remained active.” 

In April, Sophos discovered 9,500 malicious URLs on Discord's CDN. After a few months, the number had risen to 17,000 URLs. Sophos pointed out that Discord's "servers" are actually Google Cloud Elixir Erlang virtual machines with Cloudfare, and that they can be made "public" or "private" for a subscription, with keys to invite others to attend. 

According to the report, Discord's CDN is just Google Cloud Storage, which makes the information exchanged available on the internet. 

Discord: Easy Target
According to the report, “once files are uploaded to Discord, they can persist indefinitely unless reported or deleted.” 

Phishing messages and virus URLs may also be sent using Discord chat channels. Many Discord scams promise game "cheats," but instead send credential stealers of various kinds, as per Sophos. 

Sonatype discovered three malicious software packages in a prominent JavaScript code repository in January, including Discord token and credential stealers that allowed hackers to steal users' personal details. This isn't the first time a security concern has been brought to Discord's notice. Cisco's Talos released a report in April warning users that Discord and Slack were being frequently utilized to deploy RATs and data stealers. 

In February, Zscaler THreatLabZ reported that spam emails linked to the pandemic were spreading on Discord in an attempt to get users to download the XMRig cryptominer virus. PandaStealer, a data-stealing virus, was spreading through a spam operation on Discord by May. 

According to Sophos experts, Discord has responded positively to their findings and is actively trying to improve safety on the platform. However, as more businesses use Discord to provide services, Sophos advises that they should be mindful of the dangers that lie on the site. 

Sophos added, “With more organizations using Discord as a low-cost collaboration platform, the potential for harm posed by the loss of Discord credentials opens up additional threat vectors to organizations. Even if you don’t have a Discord user in your home or office, abuse of Discord by malware operators poses a threat.” On the Discord CDN, the team discovered old malware such as spyware and phoney app info stealers.

Trump's Social Media Website GETTR Hacked

 

An attacker leaked non-public information from GETTR, a social media platform made by former president Donald Trump's team in July 2021. The data was stored in two attempts, first on 1st July and 2nd on 5th July, the data was later leaked on a publicly accessible hacking forum called RAID. It is a forum where one can download hacking data free of cost. 

As per the leaked file copies and hacker's claims, the first batch of hacked data was retrieved via scraping the website, whereas the second batch (the heavier leak) was stolen by exploiting compromised GETTR API endpoints. The Record analyzed these samples which contained data like user names, address, profile info, website user IDs, and other public information. Besides this, the leak also contained non public info like user email IDs, date of birth, and location data. 

The dumped data contained authentic information, confirm cybersecurity experts. GETTR didn't respond to any requests sent to its website for giving comment about the hack. All in all, 90,065 users' data was included in the dump posted on RAID this Monday, i.e July 5. The API leak news comes following the website's bumpy launch. On 4th July, an attacker hacked into the GETTR website and seized multipl high profile Republican accounts, which include Georgia Rep. Marjorie Taylor Greene, former Secretary of State Mike Pompeo, Jason Miller, the former Trump spokesperson Gettr’s founder, and former Trump campaign chief Steve Bannon. Bumpy site launch are a common thing, similar incidents have happened in the past which impacted other organisations before, particularly right wing affiliations in the US political diaspora. 

Another pro-Trump social media platform, Gab, recently suffered a similar attack in March this year, the attack had exposed data of its members. The Wrap reports "the hacked profiles were all changed to include the message “@JubaBaghad was here :)”; some of the accounts also included the phrase “free Palestine.” The accounts were hacked around 8:30 a.m. ET on Sunday, according to Insider, before being restored around 10:00 a.m. ET. Miller, meanwhile, told the outlet the hack was merely a sign Gettr was onto something big."

Social Media Influencers are the Latest Target of Cyber Criminals

 

The number of cybercrimes and scams is rapidly increasing with the advancement of technology. The police said that a new cyber fraud with social media influencers has been detected. 

There are a great number of followers of social media influencers on social media and companies are paying them regularly for their handles to promote their products. Many famous people get roped in, too. 

Cyber fraud is a kind of cybercrime fraud that uses the Internet to hide information or to provide erroneous data to knock victims out of money, property, and heritage. 

Cyber Law Expert N.Karthikeyan notes that mainstream media cannot include an advertisement on gambling or false investments. Such imaginary operators can utilize these influencers of social media who are unaware of the consequences. There are influencers on social media that only promote fictitious mobile apps. Fraudsters also send dubious links as supporters of influencers on social media. Once the victims click in and the details are registered, the fraudsters acquire complete control of the influencer's page or channel. They'll then post their content – that can be anything.

However, the Cyber Crime Cell officials noted that no specific complaint had yet been made on the matter. 

A woman social media influencer who was a candidate in recent elections said, " After uploading my affidavit into ECI website, I had three lakh downloads. I got good reviews on a social media page but only one person alleged that I had hacked the ECI site- which was baseless. He went on leveling allegations on me. I just ignored it." 

With the increase in such cyber frauds, a Youtuber who himself was a victim of this, stated that the overwhelming majority of influencers on social media are being used by fraudsters. They at times typically represent themselves as an established company or brand and appeal to influencers with lucrative publicity deals while proposing to administer the ads on behalf of the influencers. Later, they gather personally identifiable information or passwords from social media and seize complete control of the website or handle used by the influencers. 

"We have lodged a complaint against an Instagrammer who specifically targeted women influencers. He texted asking them to join in an Instagram live. If they accepted and came on live, he would level baseless allegations. If they didn’t agree to live as he was the stranger, he projected them as scammers, " said Joe Praveen Michael, an event manager.

Social Media Giants Seek Futher Extension in Deadline to Comply with Government Rules

 

Social media companies such as Facebook, Twitter, YouTube, Instagram, and WhatsApp will lose their status as ‘intermediaries” that granted them legal protection for the user content posted on their platforms.

Till 26th May 2021, they were enjoying the legal immunity offered by Section 79 of the Information Technology Act, 2001. They were only obligated for taking down any illegal content that they noticed on their own, or when it was highlighted to them by the state, or the courts, or any responsible/aggrieved party. Now it’s a civil and criminal liability on them for any illegal post, be it in words, or a picture or a video.

Nobody in the information transmission business enjoys such immunities from legal claims of defamation, etc. For example, while newspapers and broadcasters have always operated under the threat of legal liability for defamation and other speech related offences, intermediaries have escaped liability despite behaving as publishers because of the immunity offered by Section 79. 

As soon as these laws came into force from 26th May, the companies were unnerved and requested for further extension to implement the norms. Some of these platforms requested for more time up to six months for furnishing compliance and some social media firms (user base of 50 lakhs and above) stated that they will wait for further instructions from their company headquarters in the USA. 

“They do business in India, earn good revenues, but grievance redressal will have to await instructions from the US. Some platforms, such as Twitter, keep their own fact-checkers whose names (are) neither made public nor is there any transparency as to how they are selected and what is their standing,” security analyst stated.

“Though they claim the protection of being an intermediary, they exercise their discretion to also modify and adjudicate upon the content through their own norms without any reference to Indian Constitution and laws. One can appreciate fake posts or a post injuring the dignity of women or promoting terrorism etc., but to be judgmental on free expression of views by coloring them by a self-appointed norm is something that travel beyond the mandate of exemption, which they are doing,” security expert added.

Concerns Raised as Postal Service of America Monitors Social Media Accounts of the Natives

 

A program that monitors and collects the Social Media posts of the American public even on issues related to planned protest, has secretly been carried out by the U.S. Postal Service law enforcement. 

According to a government report issued by Yahoo News on 16th March, the surveillance technique, classified as the Internet Covert Operations Program (ICOP), tracks social networking operations. Though details of the monitoring effort, known as the ICOP, have not been published before. The work includes making analysts trawl through social media pages to search for the details that the paper identifies as "inflammatory" postings. The software forms part of the activities of USPS, the U.S. Postal Inspection Service (USPIS). 

The USPIS tracked social media profiles of expected demonstrations domestically and internationally on 20 March, although, as per the bulletin, it was the same date which was expected to hold the World Rally for Freedom and Democracy. The Department of Homeland Security circulated information about protests against lock-up measures. Facebook and other sites used by right-wing terrorist organizations, such as Parler and Telegram, were obtained by the agency. 

“ICOP analysts are currently monitoring these social media channels for any potential threats stemming from the scheduled protests and will disseminate intelligence updates as needed,” reads the bulletin. 

Also, the agency told that ICOP, “assesses threats to Postal Service employees and its infrastructure by monitoring publicly available open-source information.” 

This practice has been discussed by users of social media as a matter of concern. The Kentucky Rep. Thomas Massie voiced his concern about the transfer of the USPS via Twitter and said that for several years the USPS had been losing money... But where do they find the money for this monitoring service to run? 

According to their website, The Postal Inspection Service also examines details about illicit drugs, mail theft, identification theft, e-mail fraud, suspicious mail, disaster response, laundering of money, cyber criminality, and abuse of children, though it is not just the Postal Service that extends its social media tracking. 

DHS officials last month discussed its role in tracking social media for threats to domestic terrorism in a background appeal by journalists. “We know that this threat is fuelled mainly by false narratives, conspiracy theories and extremist rhetoric read through social media and other online platforms,” one of the officials said. 

The controversy over government surveillance of Americans' social media pages has been sparked following the Capitol Insurrection. As per a 2017 survey of the International Association of Chief of Police, over 70 percent of participating police forces use social media to collect information and track public opinion. The transparency report on Facebook mentions that somewhere between January and June 2019, the organization obtained more than 60 thousand government data requests.

Almost 80% Of Indians Consider Moving To Alternatives After “Take It or Leave It Policy” WhatsApp

 

WhatsApp, the most popular messaging platform is suffering from the biggest storm with its users because of its new set of policies, although WhatsApp (organization) has stalled its upcoming terms and conditions until May. Even in India, WhatsApp users are jumping on alternatives including Telegram and signal messaging platforms. 

As well as the Indian government has strongly recommended Facebook-owned platform to re-consider upcoming policies. 

India alone comprises a large number of WhatsApp's userbase. Recently in response to cyberMedia Analysis (CMR) research, 79% of WhatsApp users are only in eight cities of India, including Delhi, Mumbai, Kolkata, Chennai, Bengaluru, Hyderabad, Pune, and Ahmedabad. Out of this huge percentage, 28% of people are reconsidering to depart the platform after the execution of its ‘take it or depart it coverage’ in Might 2021. 

Further, 51% of users have stated that they are reconsidering whether they should use this platform or not and would choose Telegram as its alternative or other messaging apps whereas 28% of respondents stated that they are not going to proceed with WhatsApp in any respect. 

In new terms and conditions of WhatsApp, it will share credentials of people with its parent company ‘Facebook’. Although the company has stated that it will not affect your private chat lives with your family and friends in any approach. The larger concern is that there is no specific technique that will decide this out. The new policies are not applied on the European market due to its (EU’s) stern privateness pointers that WhatsApp has obeyed to adjust. 

The government of India has explicitly highlighted in its response to WhatsApp, “the platform can’t unilaterally put in such coverage in its greatest market and that WhatsApp is obliged to respect the privateness of its largest person base”. 

“What’s outstanding is, most Indians (76%) had been conscious of the coverage,” Prabhu Ram, Head, Trade Intelligence Group (IIG), CMR instructed Monetary Categorical On-line. 

“WhatsApp has been the default messaging software for shoppers, much more than the conventional SMS. It was free, it was intimate, and it was one thing we owned. However now due to this take it or depart its coverage, the shoppers have gotten conscious that it was not free, in any case.” He added.

Learn how to Hide your WhatsApp Profile Picture and Why ?

 

The latest statistics of the messaging app usage have shown that WhatsApp has 2.0 billion users worldwide, which doesn't come as a surprise given the tremendous popularity and wide-acceptance of the messaging platform. 

Moreover, it is interesting to note that now businesses around the world have also integrated WhatsApp communication for purely work-related purposes, wherein people connect with one another because they are working in the same organization. 

However, it doesn’t necessarily mean that they can trust every person in their organization or that they do. Sometimes what happens is that one never wishes to show his or her display picture to the people whom they rarely know but are required to communicate with them through WhatsApp because of their professional work. 

Now, everyone doesn’t know how to hide their profile picture from unknown users, hence everyone who has their number or with whom they had a little dialogue on WhatsApp is able to see their profile picture and can also potentially take a screenshot of the same. Have you been in one such situation? If yes, we are here to educate you regarding the same. Do you know WhatsApp provides its users with very neat privacy features which allow us to save our privacy from non-friendly contacts, while letting your friends see your profile picture, at the same time? 

How to do it? 


To access the privacy features of WhatsApp in its entirety, follow the steps given below. 

First Open WhatsApp and go to ‘Settings’. 

Now click on ‘Account’ and then click on ‘Privacy’. 

Then, tap on Profile Photo.  

Now you must be able to see that the default setting here allows 3 options to choose first, “Everyone”, second, “My Contact’’ and third, “No One’’. 

So now what you have to do just select the second option “My Contact’’, this privacy feature will only allow your saved contact number to see your profile picture, while others will be seeing a grey avatar on your profile, instead of the picture you had put on display. And, if you wish to not reveal your profile picture to anyone then you can select the third option “Nobody”. This will hide your picture from everyone on the messaging app. 

To your dismay, unfortunately, currently, there is no option that will allow you to hide your profile picture from a particular bunch of users like it does for story privacy settings.

Indian Prime Minister Announces a New Cyber Security Policy for the Country


On the celebration of India's 74th Independence Day, the Prime Minister of India Narendra Modi announced his plans about bring up a new cybersecurity policy for the country. 

While addressing the nation, in his speech he highlighted the threats radiating from cyberspace that could affect India's society, economy, and development. 

He emphasized the fact that dangers from cyberspace can jeopardize every one of these parts of Indian life and they shouldn't be taken for granted. The prime minister's comments come against the ever-increasing cyber threats and psychological warfare radiating from nations like Pakistan and China. 

As per news reports, during the border tensions at Ladakh, China and Pakistani social media activists had apparently joined hands to dispatch fake news and misinformation campaigns against India. 

At the point when the conflict happened along the Pangong Lake on 5-6 May, Weibo, the Chinese version of Twitter, had featured images of Indian fighters tied up and lying on the ground, with correlations made to Bollywood's 'muscular portrayal' of the Indian Armed forces.

 "The government is alert on this," Modi reassured the nation, later adding that the government will soon come out with a strong policy on this.

Apart from this, phishing attacks offering info on Covid-19 and equipment, or free testing with the aim to steal personal information have additionally been on a steady rise in India over the last few months. 

As indicated by a Kaspersky report, there is a 37% increase in cyber-attacks against Indian companies in April-June quarter, when compared with January-March quarter, with the reason being the implementation of a nationwide lockdown from March which made organizations and companies permit their employees to work from home.

Beware of Stalkerware That Has Eyes On All of Your Social Media!


Dear social media mongers, amidst all the talk about the Coronavirus and keeping your body’s health in check, your digital safety needs kicking up a notch too.

Because, pretty recently, security researchers discovered, what is being called as a “Stalkerware”, which stalks your activities over various social platforms like WhatsApp, Instagram, Gmail, Facebook, and others.

‘MonitorMinor’, per the sources, is definitely the most formidable one in its line.

Stalkerware are “monitoring software” or ‘Spyware’ that are employed either by people with serious trust issues or officials who need to spy for legitimate reasons.

Via this extremely creepy spyware kind, gathering information like the target’s ‘Geographical location’ and Messaging and call data is a cakewalk. Geo-fencing is another spent feature of it.

This particular stalkerware is hitting the headlines this hard because, MonitorMinor has the competence to spy on ‘Communication channels’, like most of our beloved messaging applications.

The discoverers of this stalkerware issued a report in which they mentioned that in a “clean” Android system, direct communication between applications is blocked by the “Sandbox” to kill the possibilities of the likes of this spyware gaining access to any social media platform’s data. This is because of the model called “Discretionary Access Control” (DAC).

Per sources, the author of the stalkerware in question manipulates the “SuperUser-type app” (SU utility) (if present) allowing them root-access to the system.

The presence of the SU utility makes all the difference for the worse. Because owing to it and its manipulation, MonitorMinor gains root access to the system.

The applications on the radar are BOTIM, Facebook, Gmail, Hangouts, Hike News & Content, Instagram, JusTalk, Kik, LINE, Skype, Snapchat, Viber, and Zalo-Video Call.

From lock patterns to passwords, MonitorMinor has the power to dig out files that exist in the system as ‘data’. And it obviously can use them to unlock devices. This happens to be the first stalkerware to be able to do so, mention sources.

Per reports, the procedure is such that the “persistence mechanism” as a result of the malware manipulates the root access. The stalkerware then reverts the system section to read/write from the initial read-only mode, copies itself on it, deletes itself from the user section, and conveniently goes back to read-only mode again.

Reports mention that even without the root access, MonitorMinor can do a consequential amount of harm to targets. It can control events in apps by manipulating the “Accessibility Services”. A “keylogger” is also effected via the API to permit forwarding of contents.
Unfortunately, victims can’t do much to eradicate the stalkerware form their systems, yet.

Other functions of the stalkerware include:
• Access to real-time videos from the device’s camera
• Access to the system log, contact lists, internal storage contents, browsing history of on Chrome, usage stats of particular apps
• Access to sound recordings from the device’s microphone
• Control over the device’s SMS commands.

The security researchers released a report by the contents of which, it was clear that the installation rate of it was the maximum in India, closely followed by Mexico and then Germany, Saudi Arabia, and the UK.

The researchers also per reports have reasons to believe that possibly the MonitorMinor might have been developed by an Indian because they allegedly found a ‘Gmail account with an Indian name’ in the body of MonitorMinor.

Beware of Fake Videos on Facebook and WhatsApp!


Beware! People who have blind faith in the internet and tend to believe almost anything that they view or come across online, for there has surfaced a new medium for fearless dissemination of misinformation.

Fake news and modified pictures have already been wreaking havoc on social media and real lives of people for quite a long time now; leading to serious after-effects and reactions. Mob lynching, hate speeches and violent masses are few of the many upshots of such news and pictures.

At a time when the county was freshly getting used to fighting fake news and misinformation, a leading player joined the race, which goes by the name of “deepfake”.

Deppfake videos employ artificial intelligence to alter fake videos in such a way that they seem real to viewers. These videos are crafted with such ability that it becomes difficult for people to identify any possible lacunae.

These videos are so absolutely deceitful that the common person viewing them can’t remotely recognize or realize if, then what is wrong with them.

In latest times, the concept of morphed images is not new and hence people started to rely more on videos. But with deepfake, altering videos is possible too. In fact the operator could even manipulate actions and what is being said in the video.


Like every other fad that social media and its users accept with open arms, deepfake videos have a strong probability of making significant trouble on platforms like WhatsApp and Facebook to name a few.

Another issue with these videos is the resolution they are available in. Most videos that are found on Facebook or WhatsApp are quite low on quality and hence it becomes all the more challenging to identify their bogusness.

These days political or any other kind of speeches of influential personalities are circulated generously across all of social media. With threat actors like deepfake videos, the ordinary speeches could be malformed to enflame the masses.

Sources mention that genuine looking fake porn videos could also be circulated online via deepfake. Especially the porn clips that are recorded through spy cameras can be effortlessly manipulated into any sort of personal or professional hazard.

The extremely effective notion of targeted adverting refers to placing information according to the needs of the audience. Deepfake videos open new avenues for negative targeted advertising and people who are looking forward to creating unrest in otherwise peaceful situations.

These videos are outstandingly dangerous because along with being imperceptible as fake they also hold the capacity to instigate populaces for a cause that may not even exist.


Facebook and Google- The Kingpins Who Generated Millions of Ad Revenue This Year!


This fiscal year has been quite a success for all the social media platforms in terms of online digital advertising revenue generation.

Digital advertising revenue is the income that businesses earn via displaying paid advertising advertisements on their social media platforms or websites.

Per sources, Facebook and Google rose big time on the online revenue charts of the year 2018-2019. Facebook gathered 2,233 and as compared to the Rs. 6389 crore of the last fiscal year, Google landed itself a sum of Rs. 9,203 crore in ad revenue.

According to reports the social media giant’s ad revenue partly builds up of the advertisement that Indians “spend” on trendy social applications like Messenger, Instagram, and other third-party affiliations and applications.

Per sources, over 4.39 billion people use the internet all over the world today. Digital advertising hence, is more than a fitting alternative for the online world. The field is growing at a flying rate. According to a major report, the expenditure of ads is likely to multiply exponentially in a couple of years.

Reports also say that Facebook and Google collectively have a share of 68 percent in India’s online advertising sphere. They also plan on expanding it, given the compelling competition from Amazon and other similar entities.

The Indian division of Facebook, Facebook Indian Online Service Pvt. Ltd., cites that it gives the ad inventory amount back to the main company, which adds somewhere up to Rs.1,960 crore in the latest fiscal year. The amount that contributed to the net revenue of this Indian division was Rs. 263 crore.

Per sources, Facebook’s revenue from online ad ventures had an overall rise of 71 percent this “year-on-year”, only to reach a glorious Rs. 892 crore in this fiscal year.

This made the profit for the social media colossus rise by 84 percent which amounts up to Rs. 105 crore, mentioned the reports.
Google India Pvt. on the other hand as per what the reports mentioned displayed Rs. 1, 097 crores as its “net sales” from online advertisements.

The overall revenue for this search engine master totaled Rs.4,147 crore which was half of what it acquired in the previous fiscal year. Nevertheless, its profit experienced a 16 percent hike equalling to Rs. 473 crore, sources indicated.

Social Media Regulations: Need 3 Months To Frame Rules, Centre Informs SC



NEW DELHI: The Centre on Monday informed the Supreme Court that it would need 3 more months to finalize the process of updating and notifying the intermediary guidelines for social media in India, as per the reports by PTI. These new rules will be aimed at curbing the alleged exploitation of various social media platforms like Facebook and WhatsApp; major issues like fake news, hate speech, defamatory posts, and anti-national activities will be regulated by the updated guidelines which are expected by the last week of January.

After the top courts inquired about the steps taken on this subject, an affidavit had been filed, in which the government said that the country witnessed an exponential increase in the kind of posts and messages that incite hatred, disrupts social harmony and threatens country’s integrity, and therefore, a greater control over the internet is required to safeguard national security.

On the basis of the appeals filed by social media giants like WhatsApp, Facebook, and Twitter, who argued that the cases will probably have national security implications, the court assembled all the related cases and transferred them to the High Courts. After the government provides the court a draft of revised intermediaries guidelines, the next hearing will take its course, which is expected on January 15.

The Internet has become a powerful tool which can potentially cause “unimaginable disruption to the democratic polity”, The Ministry of Electronics and Information Technology told the court.

Although technology has facilitated economic growth and progress, it also heightened the concerns regarding social harmony and national security. “As the internet has emerged as a potent tool to cause unimaginable disruption to the democratic polity, it was felt that the extant rules be revised for effective regulation of intermediaries, keeping in view the ever-growing threats to individual rights and the nation’s integrity, sovereignty, and security,” remarked the ministry in the affidavit. “After collating and analyzing all the details from stakeholder participation and inter-ministerial consultation, the deponent has bonafide belief that a further period of three months would be required for finalizing and notifying the final revised rules in accordance with law.”

Prior to Tamil Nadu’s agreement on transferring the cases to the top courts, the Attorney Journal said, “WhatsApp and Facebook after coming to India can't say they can't decrypt information.”

US: Investigators can Use Fake Social Media Profiles to Monitor Potential Visa Seekers





US Citizenship and Immigration Services officers, who were previously banned from creating fake social media profiles, can now create such profiles for the purpose of monitoring social media information of foreigners attempting for visas, citizenship and green cards.

On Friday, the ban was overturned in the review of potential privacy issues conducted and posted online by the Homeland  Security Department.

Explaining the need for the reversal of the ban, a statement by USCIS said that locating evidence of fraud and cross verifying the information for security reasons will be made easier for officers and investigators while deciding whom to allow inside the US.

The concerned State Department took several other steps which included asking applicants applying for US visa to provide their social media handles. However, it is ambiguous how resorting to fake social media identities would be carried out successfully as the terms and conditions of major social media platforms like Facebook and Twitter would clearly be violated while impersonating.

Commenting on the matter, Twitter said in a statement, "It is against our policies to use fake personae and to use Twitter data for persistent surveillance of individuals. We look forward to understanding USCIS's proposed practices to determine whether they are consistent with our terms of service,"

As per the DHS document, the investigating officers are restricted from interacting or conversing with people on various social media platforms and are only allowed to review and verify information passively. Although a lot of social media activity can be viewed and hence reviewed without an account,  certain platforms still keep within bounds the access for the guest users.

Referencing from the remarks made by Dave Maass, a senior investigative researcher for the civil liberties advocacy group Electronic Frontier Foundation, use of fictitious accounts "undermines our trust in social media companies and our ability to communicate and organize and stay in touch with people."

"It can't be this double standard where police can do it, but members of the general public can't." He added.

This meme explains why TikTok isn't like any other social media



People think that TikTok is a black hole where teens jump in and memes pop out. To be sure, TikTok has both teens and memes. But the reality is much more structured than it seems.

TikTok is dominated by videos with a very rigid, formulaic structure: a song, a dance. “You Need to Calm Down” by Taylor Swift plays, and the person sets up a social scenario that ends with them lip-synching “You need to calm down, you’re being too loud.”

Most of TikTok is like Mad Libs: the specifics of the joke differ, but the punchline is always the same. At any given moment, there’s maybe five to ten sound bites—which could be songs, or original audio recorded by users—that are accumulating the majority of the views, sometimes hundreds of thousands in just hours.

Enter TikTok's latest genre: point-of-view videos, or POVs. They create scenarios that range from horror, to historical fiction, to teenage fantasies, to the completely absurd. These videos often have little in common aside from the significant role that they assign to the viewer.

The traditional TikTok POV is shot from a first-person perspective, making the viewers the main character of the video. TikToker @porrinate, who identified himself as Adam, told Motherboard, “I think it makes it very personal to the viewer, because the video is through their eyes.”

Adam made a POV captioned “#pov you dont have a lunch at school and i offer you my entire lunch because i want you to be okay.” In this video, the viewer is a student that doesn’t have lunch. Adam speaks directly to them.

“I took it from my own experience, which was like, I didn’t get to eat that much in high school—and if I did, it was from somebody else,” Adam said. “So I would always feel like, people need to be more generous, especially towards those who are really struggling.”

Fake Messages on WhatsApp Asks the Users to Pay Money in Order to Continue Using the App




WhatsApp, Facebook, and Instagram suffered a social media outage on 3rd July which affected the users all across the world. As a consequence of the outage, users were not able to access the platforms properly and certain features became dysfunctional. During the outage, a lot of people in India got messages on their WhatsApp telling that the app is down due to over usage and it would be off from 11:30 PM to 6:00 AM every day. The message also asked users to forward the text message to their contacts in order to continue using the app service otherwise their account would be made inaccessible and the app services will no longer be free of charge for them.

The fake message which was circulated on WhatsApp is as follows:

“What's app will b off From 11.30pm to 6:00 am daily Declared by central govt. Message from Narendra Modi (PM) we have had an over usage of user names on WhatsApp Messenger. We are requesting all users to forward this message to their entire contact list. If you do not forward this message, we will take it as your account is invalid and it will be deleted within the next 48 hours. DO NOT ignore my words or whatsapp will no longer recognise your activation. If you wish to re-activate your account after it has been deleted, a charge of 499.00 will be added to your monthly bill. We are also aware of the issue involving the pictures updates not showing. We are working diligently at fixing this problem and it will be up and running as soon as possible. Thank you for your cooperation from the modi team. WhatsApp is going to cost you money soon. The only way that it will stay free is if you are a frequent user i.e. you have at least 50 people you are chatting with. To become a frequent user send this message to 10 people who receive it (2 ticks) and your WhatsApp logo will change color. send this to 8 people to activate the new whatsapp..
Saturday morning whatsapp will become chargeable. If you have at least 10 contacts send them this message. In this way, we will see that you are an avid user and your logo will become blue and will remain free. (As discussed in the paper today. Whatsapp will cost 0.01€ per message. Send this message to 10 people. When you do the light will turn blue otherwise whatsapp will activate billing. ITS TRUE ...... U get blue TICKS"

Likewise, another fake message claimed that WhatsApp has been sold off to Mukesh Ambani and asks users to forward the message to 10 people in order to activate the new WhatsApp along with Facebook services.

The entire message read:
"Dont ignore please read it carefully" Hello, I. Am VARUN PULYANI director of whatsapp, this message is to inform all of our users that we have sold whatsapp to Mukesh Ambani . Reliance for 19 billion $. WhatsApp is now controlled by mukesh Ambani . If you have at least 10 contacts send this sms and logo of your whatsapp will change to a new icon with facebook's "f" within 24 hours.Forward this message to more than 10 people to activate your new whatsapp with Facebook services or else your account will be deleted from new servers.
This is the final notice! Hello everyone, it seems that all the warnings were real, the use of WhatsApp cost money from November 2017. If you send this string to 18 different on your list, your icon will be blue and will be free for you. If you do not believe me see tomorrow at 6 pm ending WhatsApp and have to pay to open it, this is by law This message is to inform all of our users, our servers have recently been very congested, so we are asking you to help us solve this problem. We require our active users to forward this message to each of the people in your contact list to confirm our active users using WhatsApp, if you do not send this message to all your contacts WhatsApp will then start to charge you. Your account will remain inactive with the consequence of losing all your contacts. Message from Jim Balsamic (CEO of Whatsapp ) we have had an over usage of user names on whatsapp Messenger. We are requesting all users to forward this message to their entire contact list. If you do not forward this message, we will take it as your account is invalid and it will be deleted within the next 48 hours. Please DO NOT ignore this message or whatsapp will no longer recognise your activation. If you wish to re-activate your account after it has been deleted, a charge of 25.00 will be added to your monthly bill. We are also aware of the issue involving the pictures updates not showing. We are working diligently at fixing this problem and it will be up and running as soon as possible. Thank you for your cooperation from the Whatsapp team”

Users are advised to not believe such fake messages and avoid spreading the misinformation further by forwarding it to other users.



Automated accounts sharing fake news ahead of French polls: Experts

French voters are being deluged with false stories on social media ahead of the country’s presidential election, though the onslaught of “junk news” is not as severe as that during last year’s U.S. presidential campaign, according to a study by Oxford University researchers.

A man looks at campaign posters of the 11th candidates who run in the 2017 French presidential election in Enghien-les-Bains, near Paris, France April 19, 2017. REUTERS/Christian Hartmann.

The study to be published Friday and another published on Wednesday add evidence to complaints by officials in France, Germany and the United States that Russia is trying to replicate its cyber-powered election meddling in American politics.

Just days before France votes in the first round of a presidential election, the study said misinformation at times has accounted for one-quarter of the political links shared on Twitter in France. It defined “junk news” as deliberately false stories and those expressing “ideologically extreme, hyper-partisan or conspiratorial” views with logical flaws and opinions passed along as facts.

“French voters are sharing better quality information than what many U.S. voters shared and almost as much quality news and information as German users share,” according to the study by the Oxford Internet Institute, which will be published on Friday but was made available on Thursday to Reuters.

The French study uses data from a recent week on Twitter but a greater role is being played by Facebook, said Kevin Limonier of the University of Paris VIII, who is studying social media manipulation in the election with a grant from the French government.

Facebook recently suspended 30,000 suspected automated accounts in France. Although it characterized the cleanup as an objective move against spamming, many of the profiles were distributing politically driven misinformation and propaganda.

On Twitter, where automated accounts are allowed, many of the same accounts that promoted Republican Donald Trump in the U.S. campaign last year have turned their attention to pushing conspiracy theories and far-right viewpoints, according to Limonier and Clinton Watts, a former FBI agent and now a senior fellow at the George Washington University Center for Cyber and Homeland Security.

US Navy to create database of 350 billion social media posts







The United States navy is planning to create a repository of more than 350 billion social media posts from around the world, to research on how people behave online. 

The project team has not specified from which social media platform they are intend to collect the data. 

However, they will only collect the public posts in between 2014 and 2016, from more than 100 countries and in at least 60 different languages. 

The details of the project were revealed in a  tender document from the Naval Postgraduate School for a firm to provide the data.

The deadline of the applications have now closed.

Additional requirements included:
  • the posts must come from at least 200 million unique users
  • no more than 30% can come from a particular country
  • at least 50% must be in a language other than English
  • location information must be included in at least 20% of the records

The collected database must not include private messages and users personal information. 


"Social media data allows us for the first time, to measure how colloquial expressions and slang evolve over time, across a diverse array of human societies, so that we can begin to understand how and why communities come to be formed around certain forms of discourse rather than others," T Camber Warren, the project's lead researcher, told Bloomberg.

UK : Social Media Executives To Be Held Accountable For Destructive Content!



Reports have it, that according to a recent proposal of the UK authorities, social media executives shall be personally blamable for the harmful content on their platforms.
The freshly published paper in which the details were mentioned is just a tactic to restrict the spread of violent and detrimental content related to suicides and cyber bullying.
Disinformation, is another theme eluded upon along with the rising need for companies to hold their ground against terroristic, child abusive, and sexually abusive content.
The regulations and guidelines in the aforementioned paper also mention the requirement for every individual regulator to impose the rules.
Its’s high time, the online companies took responsibility for what content their platforms displayed, in an attempt to reinstate trust in technology within the society.
Files hosting sites, chat forums, messaging services, search engines and social media platforms alike will come under the belt of the aforementioned measures.
If not adhered to, the policies also mention within them strong punishments for companies including substantial fines and blocking access.
This is a great action which has potential to bring change. The implementation although could not be as simple as it all sounds.
The above-mentioned set of guidelines would provide for a stable code of conduct for everyone on the social media which if complied to, will lead to safer platforms.
But, the implementation, is still in question along with other questions like, Will the regulatory approach be different for smaller companies?
Social media regulation and the improvements it requires is on everyone’s mind, of late because of the mosque shooting in New Zealand.
The shooting was live streamed on Facebook and other social media sites like Instagram, YouTube and etc. were rushed to block and delete the copies of the video which has instantly gone viral.
A legislation not very different from the one in UK that was discussed above was passed in Australia meaning to hold the executives responsible for whatever is posted on their platforms.

Facebook leaves passwords unencrypted



Facebook said there is no evidence its employees abused access to this data. The company said the passwords were stored on internal company servers, where no outsiders could access them. However, privacy experts suggested that users change their passwords.

The security slip left the passwords readable by the social networking giant's employees.

The issue was first reported by security researcher Brian Krebs, who published a blog post-Thursday detailing that Facebook employees built applications that captured the passwords of users and stored them as plain text, meaning a password would be readable just the same as it is entered to log in.

The blunder was uncovered during a routine security review early this year, according to Canahuati.

"To be clear, these passwords were never visible to anyone outside of Facebook and we have found no evidence to date that anyone internally abused or improperly accessed them," vice president of engineering, security, and privacy Pedro Canahuati said.

"As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems," Pedro Canahuati, vice president of engineering for security and privacy at Facebook, wrote in a blog post. "This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable."

Most companies encrypt passwords to prevent them from being stolen in the event of a data breach or used for nefarious purposes by company employees.

The incident reveals yet another huge and basic oversight at a company that insists it is a responsible guardian for the personal data of its 2.3 billion users worldwide.

By storing passwords in readable plain text, Facebook violated fundamental computer-security practices. Those call for organizations and websites to save passwords in a scrambled form that makes it almost impossible to recover the original text. The blunder was uncovered during a routine security review early this year, according to Canahuati.