Data Security News Headlines 28th January, 2017

  1. Five arrested for hacking into ATMs and stealing $3.2 million

Law enforcement authorities from Europe and Asia have arrested five members of an international cybercriminal group that specialized in hacking into automated teller machine (ATMs). The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency said Friday. As per investigation hackers used spear-phishing to target bank employees and penetrate the banks’ internal networks. They then located and hacked into the ATM network segment from the inside after that they wait for compromising, during which they carefully observe and gather information about the target’s internal procedures, money moving processes, and key employees. Such gang dubbed Carbanak stole between $500 million and $1 billion from hundreds of financial institutions in at least 30 countries as per news published in computerworld.

Cyber Security Tips: To prevent yourself from fishing attack be aware about malicious links, avoid to opening any links, spam emails, ads banks and organization must arrange awareness program for employee.

  1. Malicious “Charger Ransomware” App Discovered on Google Play Store

CheckPoint, a renowned security firm, has discovered that at least one app on Google Play Store is infected with Charger Malware. Charger malware is technically ransomware because the app managed to steal contacts and messages/SMS data from the infected device and then gains admin permissions to lock the device so that victim cannot use it. To resume control of the device and to get the data back, the victim has to pay the ransom, which is 0.2 Bitcoin ($180 approx.). CheckPoint’s mobile malware software identified the presence of Charger malware in EnergyRescue app on Google Play, but the company suspects that the malware is also present in other apps as well. EnergyRescue app was available for download on Google Play only for four days yet 1,000,000 to 5,000,000 downloads occurred in this timeframe. Google has deleted the app and also thanked CheckPoint for pointing out the malware in an official statement, which read: “We appreciate Check Point’s efforts to raise awareness about this issue. We’ve taken the appropriate actions in Play, and will continue to work closely with the research community to help keep Android users safe.” As per news published in HackRead.

Cyber security Tips: Users are strictly recommended that keep alert on links, avoid to installs apps from untrusted sources, keep updated antivirus in your mobile.

  1. Voyeur adult website hacked; 180k members data leaked

The Voyeur adult Candid Board, an x-rated website that operates underground and focuses on sharing disturbing Upskirt pictures of innocent, unsuspecting females has now been exposed to the public eye. Hackers have leaked personal details of around 180,000 members of The Candid Board online. The hack occurred due to the presence of misconfigured or inappropriately configured database. The leaked data contains 178,201 unique email IDs, usernames, hashed passwords, IP addresses, website logs (which included private details like join date, last-post-date and reputation point stats) and dates of birth. However, none of the financial details were part of the database. Hacked data contains 19 email addresses of .gov domains including wales.gsi.gov.uk, bom.gov.au, education.tas.gov.au and houstontx.gov. There are roughly 70 .mil records as well, 32 of them contain the domain us.army.mil while 6 contain Navy.Mil domain name as per news published in HackRead.

Cyber Security Tips: To prevent your website from hackers do vulnerability assessment and penetration testing to check loop holes, keep your CMS up to date, And Keep your server secured with security products.

  1. Breach Notification Website LeakedSource Allegedly Raided, Shut Down

LeakedSource, a website dedicated to informing the public about data breaches, has gone offline and it has been 24 hours now since it is down. LeakedSource had functioned as a giant repository with more than 3 billion internet accounts — all of which had been compiled from stolen databases, taken from the likes of LinkedIn, MySpace, and Dropbox. For as little as US$2 a day, anyone could use the site to look up password and other login information. U.S. law enforcement has allegedly confiscated its servers, and now some hackers are wondering if customers of LeakedSource might be next.  All the people who used PayPal, credit card, etc. to buy membership, the FBI now have your email, payment details and lookup history,” wrote one user on HackForums.net. But whether the FBI really shut down LeakedSource is still unclear. The site itself has been offline and its operators have been mum on Twitter and through email. In addition, the U.S. Department of Justice has declined to comment said by PC world report.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: