Russian hacking groups, shipping industry hacking methods, app flaws, oh and the 7th busiest website in the world.. It's all this and more in The Month in Hacks.
Microsoft has released a report detailing website seizures associated with a Russian hacking unit formerly known as the G.R.U. The websites were designed to fool conservative Americans with links claiming to be the International Republican Institute. Each link would instead redirect users to websites designed to steal confidential credentials.
The New York Times has reported that Microsoft was able to apprehend the baited websites as they were being created.
RSA Security confirmed what many have known for a long time; burner devices are bad news. Burner devices now account for 27% of the value of fraudulent payments made through mobile. Additionally, fraud carried out through mobile apps and browsers now accounts for 71% of total fraud, a 16% rise since last year.
RSA identified over 9,000 rogue apps that were carrying out these attacks and an average transaction value of $355 dollars which was more than double a standard transaction. During the undercover operation, RSA also identified over 5 million compromised credit card numbers, a 60% rise from the previous quarter. Beware the $20 gas station cell phones!
Reddit, an anonymous message board full of cat gifs, and political memes experienced a data breach this month, exposing the identities of every user who created an account between 2005 and 2007. What makes this more substantial is that Reddit just so happens to be the 7th busiest website in the world. Due to the sensitive nature of much of the content on the site, users depend on this layer of anonymity when using Reddit.Now unmasked, there are worries that users could see real world consequences due to the hack. Industry experts are comparing the latest breach to the Ashley Madison hack of 2015, a scandal that resulted in dozens of divorces and even several suicides.
Earlier this month personal information was stolen from over two million T Mobile users. While financials and social security numbers remained safe, personal data such as name, address and Fortnite scores, was leaked. Furthermore, T-Mobile was criticized for their response as the SMS the company sent to inform affected users looked like a rudimentary phishing scheme.
CyberKeel, an agency specializing in maritime cybersecurity, has uncovered a method in which hackers would monitor emails from shipping firms and then transfer payments into their own accounts. Co-founder Lars Jensen has explained to BBC the complex hacking technique which resulted in several million dollars being stolen by the hackers.
This discovery agrees with a longstanding belief held by Jensen, in which he has stated the shipping industry is vulnerable to hacks and needs to protect itself better.
Air Canada is forcing 1.7 million mobile app account users to reset their passwords after it detected unusual login behavior that it says may have exposed 20,000 accounts, including passport information. The hack is being blamed on Air Canada's mobile app and although the state department is claiming that the probability of a person's identity being due to the leak is low, customers are clearly not thrilled that Air Canada's weak password systems allowed this catastrophe to happen. No word on if any of the victims will be given business class upgrades in the near future.
Ron Masas, a cybersecurity researcher from the firm Imperva, uncovered a web browser weakness identified as CVE-2018-6177, which affects all web browsers powered by “Blink Engine.” This includes Google Chrome. The security flaw allows hackers to retrieve sensitive data by using audio or video HTML tags.
Mr. Masas identified and reported the browser vulnerability to Google, which then prompted the Chrome team to patch the issue within the release of Chrome 68.
Cybersecurity firm Kryptowire has recently shared details surrounding Android vulnerabilities found within pre-installed apps. These vulnerabilities provide hackers with the ability to spy on users and reset their devices unknowingly.
Kryptowire researchers discovered additional weaknesses which allow hackers to complete remote commands, access all mobile data, read and send text messages plus more. While the Android operating system is not at risk of these issues, Google does not have control over third-party apps pre-installed by mobile carriers.
Drupal 8.x versions are at risk of a security bypass vulnerability that may allow remote hackers to gain control of outdated websites. Drupal has released a new version of their open-source CMS which patches this vulnerability known as CVE-2018-14773.
Before hackers exploit the flaw, Drupal highly recommends webmasters update their sites as soon as possible."