Search This Blog

Showing posts with label Cybercrimes. Show all posts

Why Must You Secure Your Bank Accounts With 2FA Verification?

Technological advancement and the internet have made a revolutionary transformation in helping users conveniently handle their personal finances. One can do anything sitting on a couch, as long as he has a phone or laptop handy. However, along with the positive aspects, bank accounts are the most vulnerable to cybercrimes, marking a major drawback of this change. 

Two-factor authentication (2FA) is one of the most robust solutions to this problem. While the finest smart home security systems are excellent for ensuring household security, 2FA (Two-Factor Authentication) is what you need for online security. 

Although many people are aware of 2FA, a considerable number of them are still oblivious to its utility. The few minutes required to set up this cyber shield are totally worth it. 

What is Two-Factor Authentication? 

2FA is a security tool that acts as an additional layer of verification, along with the username and password. You can consider it a more reliable login. Even though 2FA is more secure than a standard login, once it is set up, it does not take much longer. 

One can categorize 2FA verification into three main types - something you are, something you have, or something you know. 

A 2FA login might as well use a user’s fingerprint or retinal scan in order to verify him. An instance of the “something you have” 2FA would be a user receiving a code on his phone. To fulfill the "something you know" requirement of 2FA, you might be asked a few short security questions that you have already confirmed previously. All forms of 2FA increase the security of your login. 

Why must we use 2FA? 

The most legitimate and prominent reason to use 2FA on all your financial accounts is to protect your finances. Cybercrimes in modern days revolve around acquiring access to accounts via username and password information. A hacker gaining unauthorized access to your bank account is worse than someone stealing your credit or debit card since there are more techniques already in place for the stolen card. 

For the same reasons, most banks have now started offering 2FA or making it mandatory for users for any online banking procedures. Since not all banks possess 2FA, it is better if a user checks if their banks offer 2FA for logging in to their bank accounts. 

Keep Your Financial Accounts Secure 

The added security that 2FA creates is worth the short setup time and extra login step, for cybercrime is particularly likely to attack bank accounts. This security measure is a potent deterrent against intruders and must not be overlooked.  

Hackers Could Find a Heaven on Elon Musk's Twitter


The ransomware group Yanluowang appears to be on Twitter now, using its newly created account to announce that they have breached the systems of the messaging platform Matrix, a service that has compromised high-profile companies. 

Yanluowang is one of several cybercrime groups that have been active on Twitter in recent months, and the platform's takeover by Elon Musk, who has promised a more laissez-faire approach to content moderation, could make it an even more attractive environment for cybercriminals to operate in.

It was recently reported that Yanluowang, the cyber security firm known for targeting financial services companies with its malware, had started tweeting. As far as we understand from the account, it appears that it has been used to display data that it steals from its victims. The first of these is Matrix, an open messaging protocol used by 60 million people worldwide. It was breached last week by the gang, which is claiming responsibility for the theft. 

On Twitter's page, several links appear to provide access to leaked data from the Matrix messaging platform as well, including "chief coder and saint thread" and "master stealer task." 

There are six links on Twitter's page, which appear to provide access to leaked data from the Matrix messaging platform. A member of the Tech Monitor team has reached out to Matrix for comment. Tweets are a favorite of ransomware gangs Ransomware gangs are not the first group of criminals to use Twitter as an outlet to promote the theft of data using ransomware. 

Several groups, including Karakurt and BlackByte, have created Twitter profiles for themselves to make their illicit merchandise more widely known to the world. In terms of Yanluowang's page, it appears to be still up, though both appear to be suspended, at least for the time being. A website set up by Karakurt on the open web was also used to sell their data to the highest bidder at the time of the hack. 

This method of data extortion is so common, even though it may prove to be short-lived and risky because cybercrime gangs experimenting with it need somewhere public and with a large reach that they can advertise their stolen data, according to Allen Liska, an intelligence analyst at Recorded Future. 

Liska told Tech Monitor in August that "Not everyone has a Tor browser, and Karakurt needs to be able to earn money as much as it can whether or not it can make any money from where it's getting its data," if it wants to succeed. Essentially, if you are trying to extort someone, you cannot make it difficult for them to obtain the data if your aim is extortion." A hacker could be attracted to Elon Musk's Twitter account in the wake of Elon Musk's acquisition of Twitter for $44 billion, Twitter is currently experiencing a period of upheaval that might last for years to come. 

It has been confirmed that Tesla CEO Elon Musk is now working for Twitter as their "Chief Twit" after completing the takeover of the company on Friday, which occurred after several months of legal proceedings. Musk expressed his intention to make Twitter into an environment where freedom of speech is a flourishing characteristic in the very public wranglings that preceded the deal, referring to himself as a "free speech absolutist" during the public debate that preceded the deal. The site is believed to change its approach to the way it moderates content shortly as a result of this change in approach. Before Musk's takeover, there was reportedly an increase in hate speech on the platform in the days leading up to his takeover. 

In this respect, hackers could reap the benefits of this, as they would be able to maintain accounts to advertise their illegal activities on the internet. CISO at cybersecurity vendor Recorded Future, Jason Steer, says that this is a possibility that can be just as easily nailed down. In his opinion, "hackers will continue to exploit other platforms like Telegram to promote their work and sell stolen data for decades to come, but he does believe that [Twitter's current issues] could be an opportunity for them."

How to Prevent Malware on Your Android Device

Malware is a term that describes any malicious program or code that is harmful to systems. It seeks to invade, damage, or disable computers, networks, tablets, computer systems, and mobile devices, often by taking command of a device’s operations. 

According to recent happenings, studies show that all devices including smartwatches are all at risk. However, many organizations are working towards the prevention of such events by spreading correct information to the public domain. There are some steps you can follow to prevent your devices from falling into a malicious trap. 

Before learning the mitigating steps, learn how to identify if your devices are trapped by malware.  You will notice that your devices start working slowly, the screen is inundated with annoying ads, system crashes, you will also notice a mysterious loss of disk space, an increase in your system’s internet activity, browser settings will change, antivirus product stops working properly and you will lose the access to your files or your entire computer. 

Now learn how you can prevent such activities from happening on your devices. 

First Step is to Use a Secure Search Engine on Your Devices 

Now people are more aware that major search platforms are tracking them and collecting their private data. That’s why using a secure search engine is very important which can assure users that the engine is not storing IP addresses or personal information, no tracking data related to search queries, and encrypting and applying time-sensitive limits on active searches. 

Second Step is to Keep Your Phone Updated 

Most Android phones now stay updated automatically. However, one should keep checking. It also provides some critical security updates that help keep you safe. 

Third Step is to Clear Your Browser Cookies 

There are many ways that cookies can put your system at risk. Threat actors can store information from your cookies and use data against your devices. To stay safe, users are recommended to clear cookies from the system from time to time. 

Fourth is to Use Multiple Phone Accounts 

To save your data from threat actors and from crashing you can create multiple user accounts on your Android phone. You can keep your important data and apps safer by accessing certain content on separate accounts. 

Users are Recommended to Install Apps From Official Sources 

Internet users should install apps from official sources, like the Play Store or the Galaxy Store. Also, if something goes wrong or the apps get hacked one can hold an official source responsible for the same. 

Furthermore, internet users should avoid using cracked apps and games, meanwhile, it is strongly recommended that they do not click on random links in text messages.

Upgraded Security Deal Among Japan and Australia Against Chinese Cybercrimes


On Saturday, a new defense cooperation pact was signed between Japan and Australia to recognize the deteriorating security situation in the region as a consequence of China's growing assertiveness.

Fumio Kishida, the prime minister of Japan, praised the advancement of relations between the two countries after meeting with his Australian colleague Anthony Albanese in Perth, Western Australia. The two nations are committed to conducting cooperative military games and exchanging more sensitive intelligence.

It expands upon a reciprocal access pact that Kishida signed with Scott Morrison, Australia's prime minister at the time, in January, which lifts restrictions on conducting joint military drills in either nation.

It is the first time Japan has reached such a deal with a nation other than the US. Japan's Self-Defense Forces will train and participate in operations with the Australian defense in northern Australia for the first time as per the agreement, as revealed on Saturday.

According to Albanese, "this major proclamation sends a powerful signal to the area of our strategic alignment" in relation to that deal. In an "increasingly hostile strategic environment," according to Kishida, a new structure for collaboration in operations, intelligence, information, and logistical support was devised.

Since the Australian leader's administration was elected in May, Kishida has met with Albanese four times. This visit is for an annual bilateral summit. Two days after the election, they first met in Tokyo at the Quadrilateral Security Dialogue meeting, also known as the Quad, which also included U.S. Vice President Joe Biden and Indian Prime Minister Narendra Modi.

It was emblematic of the close economic links between the two countries that the meeting was decided to be held in Perth, the state capital of Western Australia, which supplies much of Japan's liquid natural gas and the wheat used to make udon noodles.

According to a website maintained by the Australian government, Australia has some of the world's top five resources for vital minerals such as antimony, cobalt, lithium, manganese ore, niobium, tungsten, and vanadium.

Australia is the world's top producer of lithium, rutile, zircon, and rare earth elements, as well as the second-largest producer overall.

Since 2007, when Australia and Japan signed their first military statement, China's defense expenditure has more than doubled. Japanese jets were called into action 22 times in 2006 to stop Chinese military aircraft from entering Japanese airspace. 722 times in response to Chinese aircraft last year, Japanese warplanes had to scramble.

US Government Seizes Cryptocurrency Worth $30 Million From Lazarus Hackers

The U.S. government in collaboration with blockchain analysts and FBI agents successfully seized $30 million worth of cryptocurrency stolen by the North Korean-linked hacker group 'Lazarus' from the popular token-based 'play-to-earn' game Axie Infinity earlier in the year. 

The government reported this news during the AxieCon event today, where the officials highlighted it as a big achievement. The officials further appreciated and encouraged large-scale collaboration between multiple law enforcement authorities and private entities against growing cyber threats. 

As per the statements made by blockchain analysts on Thursday, it's a momentous event for law enforcement agencies as it is the first time when the agencies have successfully seized crypto tokens from the infamous Lazarus Group. 

“I am proud to say that the Chainalysis Crypto Incident Response team played a role in these seizures, utilizing advanced tracing techniques to follow stolen funds to cash out points and liaising with law enforcement and industry players to quickly freeze funds”, the blog reads. 

Chainalysis talked about the laundering process of the group which involves the following five stages:  

• Stolen Ether sent to intermediary wallets 
• Ether mixed in batches using Tornado Cash 
• Ether swapped for bitcoin 
• Bitcoin mixed in batches 
• Bitcoin deposited to crypto-to-fiat services for cashout,  

However, following the incident, the US Office of Foreign Assets Control - Sanctions Programs and Information has sanctioned tornado cash for its role in the cryptocurrency laundering case. 

The total financial damage caused by Lazarus' Axie Infinity hack is around $620 million, thus, the amount that has been recovered represents only 5% of that value and 10% of the cryptocurrency amount. 

The analysts further stated they “have proven that with the right blockchain analysis tools, world-class investigators and compliance professionals can collaborate to stop even the most sophisticated hackers and launderers. There is still work to be done, but this is a milestone in our efforts to make the cryptocurrency ecosystem safer.” 

Hence, the US government and New York-based blockchain analysis firm are confident that in the future they will recover more damages from the past.

Crypto Scam to be Investigated by British Army


On Sunday, the UK Ministry of Defence confirmed that the British Army’s YouTube and Twitter accounts were hacked. The hackers were using both handles for their cryptocurrency promotion scams. However, at present Ministry department has not confirmed the exact dates of the takeover, and both accounts appear to be back to normal now. 

“We are aware of a breach of the Army’s Twitter and YouTube accounts and an investigation is underway. The Army takes information security extremely seriously and is resolving the issue. Until the investigation is complete it would be inappropriate to comment further,” The Ministry of Defence Press Office said on Twitter. 

Malicious actors took control of the British Army’s Twitter page, swapping out the organization’s profile picture, bio, and cover photo to make it appear genuine like it was associated with The Possessed NFT collection, and promote crypto giveaway schemes. Meanwhile, its YouTube handle aired livestreams with clips of Elon Musk, Jack Dorsey, and Ark CEO Katie Wood discussing cryptocurrency-directed users to crypto scam websites. 

The clips feature the promotion of “double your money” Bitcoin and Ethereum scams. According to Web3 is Going Great, a similar scheme took place in May. However, it is unclear which group is behind this campaign. 

The malicious actors changed the army’s verified Twitter account name to The Possessed, a project involving a collection of 10,000 animated NFTs with a price floor of 0.58 Ethereum (approximately $1,063). 

According to the Department of Ministry, it is possible that the hack is part of a broader campaign to leverage the recent popularity of The Possessed. On Saturday, the project’s official Twitter handle notified its followers of another verified account that was also hacked to promote an NFT scam using The Possessed brand. 

“The breach of the Army’s Twitter and YouTube accounts that occurred earlier today has been resolved and an investigation is underway. The Army takes information security extremely seriously and until their investigation is complete it would be inappropriate to comment further,” the UK Ministry of Defence Press Office tweeted later.

External Attackers Can Penetrate Most Local Company Networks


Positive Technologies in a recently published research claimed that external attackers can breach 93% of organizations’ network perimeters and obtain access to their resources. The study showed that in 93% of cases it only takes an average of two days to penetrate the company’s internal network. 

In addition, another concerning finding was that in 100% of cases companies examined that an insider can have full control over the infrastructure. According to the company’s researchers, this figure has remained high for many years, confirming that cybercriminals are able to breach almost any corporate infrastructure. The study was conducted among financial organizations (29%), fuel and energy organizations (18%), government (16%), industrial (16%), IT companies (13%), and other sectors. 

The most common way of penetrating a corporate network was found to be credential theft. This mainly resulted from weak passwords, no patches, and they were running services they didn't need, all of which were unprotected. The researchers further added that organizations do not have network segmentation by business processes and this enables cybercriminals to develop various attack vectors at once. 

“In 20% of our pentesting projects, clients asked us to check what unacceptable events might be feasible as a result of a cyberattack. These organizations identified an average of six unacceptable events each, and our pentesters set out to trigger those. According to our customers, events related to the disruption of technological processes and the provision of services, as well as the theft of funds and important information pose the greatest danger...,” said Ekaterina Kilyusheva, Head of Research and Analytics, Positive Technologies. 

“...In total, Positive Technologies pentesters confirmed the feasibility of 71% of these unacceptable events. Our researchers also found that a criminal would need no more than a month to conduct an attack which would lead to the triggering of an unacceptable event. And attacks on some systems can be developed in a matter of days,” Kilyusheva added.