Data Security News Headlines 24th May 2017

  1. Beware! Subtitle Files Can Hack Your Computer While You’re Enjoying Movies

We are downloading movies from the internet with subtitles, be careful your system can be hacked with subtitles movies.  A team of researchers at Check Point has discovered vulnerabilities in four of the most popular media player applications, which can be exploited by hackers to hijack “any type of device via vulnerabilities; whether it is a PC, a smart TV, or a mobile device” with malicious codes inserted into the subtitle files. The researcher discovered malicious subtitles could be created and delivered to millions of devices automatically, bypassing security software and giving the attacker full control of the infected device and the data it holds.  Since text-based subtitles for movies and TV shows are created by writers and then uploaded to Internet stores, like OpenSubtitles and SubDB, hackers could also craft malicious text files for same TV shows and movies. The company has patched vulnerabilities in media players. Following are vulnerable media players.

1.VLC — Popular VideoLAN Media Player Kodi

2.(XBMC) — Open-Source Media Software

3.Popcorn Time — Software to watch Movies and TV shows instantly

4.Stremio — Video Streaming App for Videos, Movies, TV series and TV channels

Cyber Security Tips:  Users are strongly recommended that immediately update their media players, be careful while downloading subtitle movies and keep using reputed antivirus.

  1. Cyber Crime Gang Arrested for Infecting Over 1 Million Phones

Russian Interior Ministry announced on Monday they arrested 20 individuals from a major cybercriminal gang that had stolen nearly $900,000 from bank accounts after infecting over one million Android smartphones with a mobile Trojan called “CronBot.” According to the report, the gang was distributing the Cron Bot malware disguised as Viber and Google Play apps and targeted over 1 million smartphones.  The gang even inserted the malware into fake mobile apps for popular pornography websites.  Once victims downloaded and installed these fake apps on their devices, the apps added itself to the auto-start and the malware hidden inside them granted the hackers the ability to phish victims’ banking credentials and intercept SMS messages containing confirmation codes sent by the bank to verify the transactions. The malware was able to intercept the two-step verification codes sent by the bank to confirm the transaction and block the victims from receiving a message notifying them about the transaction according to news published by Hacker News.

Cyber Security Tips: To protect from such a banking Trojans avoid to visit malicious websites, be aware of phishing, never click on any links, ads and keep using updated antivirus.

  1. 18-Byte ImageMagick Hack Could Have Leaked Images From Yahoo Mail Server

ImageMagick is an open-source image processing library that lets users resize, scale, crop, and watermarking and tweak images. The tool is supported by PHP, Python, Ruby, Perl, C++, and many other programming languages. The security researcher Chris Evans demonstrated an 18-byte exploit to the public that could be used to cause Yahoo servers to leak other users’ private Yahoo! Mail image attachments.  The vulnerability exists in the obscure RLE (Utah Raster Toolkit Run Length Encoded) image format. The researcher said that to exploit the vulnerability, all an attacker need to do is create a maliciously crafted RLE image, and send it to the victim’s email address, and then create a loop of empty RLE protocol commands, prompting the leakage of information. In the demonstration, the researcher created a malicious image containing 18-byte exploit code and emailed it as an email attachment to himself. Once the attachment reached the Yahoo’s email servers, ImageMagick processed the image to generate thumbnails and previews, but due to the execution of Evans’ exploit code, the library generated a corrupt image preview for the image attachment. Yahoo reported the vulnerability to the ImageMagick team, who released ImageMagick version 7.0.5-1 two months ago with a fix for the issue.

Cyber Security Tips:  To protect yourself apply the patches as soon as possible.

  1. Hackers Claim Leaking Thousands of Spotify Login Credentials

The hacker group named as Leak Boat, has taken responsibility for publishing the usernames and passwords of 9,000 Spotify users. Spotify. According to IBT, it was reported that the public website in which the user credentials have been dumped only had 6,410 accounts tweeted hack team. The hacking group has also leaked some private videos which belong to celebrities. These include videos of Iggy Azalea, Jillian Murray and Jeniffer Lawrence. Apparently, the hacking group has listed the usernames and passwords in plain text format, so that anyone is able to read credentials.

Cyber Security Tips:  Users are strongly recommended that always use a strong password to your social media accounts, keep changing your password regularly and be aware of phishing never share your credentials on untrusted websites.

  1. Indian hacker pwned Air India, SpiceJet & Cleartrip; booked free flights

The young ethical hacker Kanishk Sajnani, who was recently managed to conduct a hacking spree and reward himself a discounted flight, a free ticket and much more. However, instead of doing the things he could, he simply informed the respective companies about the flaws their systems had. Sajnani was able to hack into the application tracking system of Air India in 2015 and exploited a major vulnerability that allowed him to book a ticket from India to San Francisco for just Re 1. He immediately notifies the vulnerability to the company then he received a call from the manager of finance asking Sajnani to prove his claims and then he was rewarded for his efforts. SpiceJet was another one of Sajnani’s victims.  Sajnani booked a flight from Ahmedabad to Goa for just Rs. 4. The actual flight would have cost him Rs. 4,000. Later, he canceled the ticket and made himself eligible for a refund of Rs. 2000. However, Sajnani had to call the helpline informing them he has canceled the ticket and should, therefore, receive a refund. Further Sajnani hacked into Cleartrip’s booking system and booked himself a flight for free. He notified the company by sending out an email, he mentions his email that the vulnerability exists in a mobile application.

Cyber security Tips:  To protect from such a hacking clams companies need to patch the issues as soon as possible, secure their payment system, keep checking vulnerabilities in their payment systems and keep their up to date.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: