Data Security News Headlines 1st December, 2016

  1. Rahul Gandhi’s Twitter handle hacked; abusive tweets flow

The official Twitter handle of Congress vice president Rahul Gandhi appeared to have been hacked on Wednesday evening. A series of abusive tweets were sent out from the handle to its 1.21 million followers. The handle seems to have been hacked by a group called ‘legion’, according to one of the tweets. The hackers seem to have access to Rahul’s profile for about an hour. Some of the twits are deleted. Congress party has registered a complaints against hackers. Rahul Gandhi does not tweet personally, and his handle is managed by his office. His team seemed to be in a tug-of-war with the hackers over the comments being posted out.

Cyber Security Tips: To prevent from such hacking protect your account with strong password, Use two way authentications, and avoid to use same passwords for different account.

  1. Over 1 Million google account hacked by Gooligan malware

A new Android malware named Gooligan that has already breached more than 1 Million Google accounts and infecting around 13,000 devices every day. Gooligan, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them. With this information the attackers are able to hijack your Google account and access your sensitive information from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. According to researcher this malware is attacking on older version of androids. Check point has published online tool to check your device is infected or not, go to https://gooligan.checkpoint.com/  and insert your android google account.

Cyber Security Tips:  If you are running old version of android then immediately update your android OS, users are strictly recommended that avoid to install apps from untrusted sites, use updated antivirus.

  1. “PluginPhantom” Android Trojan Uses Plugins to Evade Detection

A recently discovered Android Trojan dubbed “PluginPhantom” abuses a legitimate plugin framework to update itself and evade static detection, Palo Alto Networks reported on Wednesday. PluginPhantom framework focuses on data theft and it’s capable of stealing files, contacts, location data and Wi-Fi information. The threat can also take photos, capture screenshots, intercept and send SMS messages, record audio and log keystroke. PluginPhantom has nine plugins embedded in the host app as asset files. These include three core plugins, designed for command and control (C&C) server communications and updates, and six plugins focusing on data theft and additional functionality provided by plugin including key logging. There is no more information available yet.

Cyber Security Tips: Users are strictly recommended that avoid to use this plugin and use updated antivirus to block malicious apps.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: