Data Security News Headlines 31st January 2017

  1. Cleartrip Website Apparently Hacked by ‘Turtle Squad

Online travel company Cleartrip’s website was hacked briefly on Monday and the group called Turtle Squad took the responsibility for it. News of the defacement of Cleartrip’s website was first brought to light by an eagle-eyed Twitter user, with a screenshot of the defaced website. The screenshot featured the message “Roses are red, violets are blue, all your security is up to you. We Are Turtle Squad Got It?” The hackers also took a dig at the website’s security, by writing, “Hey! Are you one of those 1.4 crores users? They say you’re secure.” If the hacking group’s claims are to be believed, then details of 1.4 crore users may have been compromised.

  1. Fake Netflix, WhatsApp, Facebook Android Apps Contain SpyNote RAT

Recently, the IT Security researchers at Zscaler identified some fake apps uploaded by cyber criminals that are infected with an infamous SpyNote RAT (Remote Access Trojan). The names of those apps are: Netflix, Whatsapp, YouTube, Video Downloader, Google Update, Instagram, Hack Wifi, AirDroid, WifiHacker, Facebook, Photoshop, SkyTV, Hotstar, Trump Dash and PokemonGo. The new variant comes with capabilities to perform actions including reading text messages, viewing contacts, turning on the microphone of an infected device and listening to conversations, recording screen, take screenshots, and send user files to a Command & Control (C&C) set up by cyber criminals.

Cyber Security Tips: Never download apps from a third-party store and only use Google Play Store to download apps. Never click on a link sent by an unknown contact in an SMS or email message.

  1. Police arrests 5 Cyber Thieves who stole 3.2 Million from ATMs using Malware

Law enforcement authorities from Europe and Russia have arrested five members of an international cyber criminal gang for stealing $3.2 million cash from ATMs using malware. The European-based cyber criminal gang used a variety of different hacking techniques to infect ATMs with malware and force them to dispense cash. The gang used spear-phishing emails containing malicious attachments to target bank employees and penetrate the bank’s internal networks. From there, the cyber crooks then located and hacked into the network of ATMs from the inside, and used a malicious software program to delete almost all traces of their activities.

  1. Breach Notification Website LeakedSource Allegedly Raided, Shut Down

LeakedSource, a website dedicated to informing the public about data breaches, has gone offline and it has been 24 hours now since it is down. A message posted on Pastebin by a user read: “LeakedSource is down forever and won’t be coming back. Owner raided early this morning. Wasn’t arrested, but all SSD’s got taken, and LeakedSource servers got subpoenaed and placed under federal investigation. If somehow he recovers from this and launches LS again, then I’ll be wrong. But I am not wrong.” If this is true, then most likely the US law enforcement authorities are responsible for the raid.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: