Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Keystrokes. Show all posts
Scams
AI Cyber Fraud Deepfake Identity Theft Keystrokes Ransomware Scams

AI Turns Personal: Criminals Now Cloning Loved Ones to Steal Money, Warns Police

 



Police forces in the United Kingdom are alerting the public to a surge in online fraud cases, warning that criminals are now exploiting artificial intelligence and deepfake technology to impersonate relatives, friends, and even public figures. The warning, issued by West Mercia Police, stresses upon how technology is being used to deceive people into sharing sensitive information or transferring money.

According to the force’s Economic Crime Unit, criminals are constantly developing new strategies to exploit internet users. With the rapid evolution of AI, scams are becoming more convincing and harder to detect. To help people stay informed, officers have shared a list of common fraud-related terms and explained how each method works.

One of the most alarming developments is the use of AI-generated deepfakes, realistic videos or voice clips that make it appear as if a known person is speaking. These are often used in romance scams, investment frauds, or emotional blackmail schemes to gain a victim’s trust before asking for money.

Another growing threat is keylogging, where fraudsters trick victims into downloading malicious software that secretly records every keystroke. This allows criminals to steal passwords, banking details, and other private information. The software is often installed through fake links or phishing emails that look legitimate.

Account takeover, or ATO, remains one of the most common types of identity theft. Once scammers access an individual’s online account, they can change login credentials, reset security settings, and impersonate the victim to access bank or credit card information.

Police also warned about SIM swapping, a method in which criminals gather personal details from social media or scam calls and use them to convince mobile providers to transfer a victim’s number to a new SIM card. This gives the fraudster control over the victim’s messages and verification codes, making it easier to access online accounts.

Other scams include courier fraud, where offenders pose as police officers or bank representatives and instruct victims to withdraw money or purchase expensive goods. A “courier” then collects the items directly from the victim’s home. In many cases, scammers even ask for bank cards and PIN numbers.

The force’s notice also included reminders about malware and ransomware, malicious programs that can steal or lock files. Criminals may also encourage victims to install legitimate-looking remote access tools such as AnyDesk, allowing them full control of a victim’s device.

Additionally, spoofing — the act of disguising phone numbers, email addresses, or website links to appear genuine, continues to deceive users. Fraudsters often combine spoofing with AI to make fake communication appear even more authentic.

Police advise the public to remain vigilant, verify any unusual requests, and avoid clicking on suspicious links. Anyone seeking more information or help can visit trusted resources such as Action Fraud or Get Safe Online, which provide updates on current scams and guidance on reporting cybercrime.



Read more »
Zoom Security
Acoustic Attack CoatNet Cyber Attacks Data Stolen Keyboard security Keystrokes side-channel attacks Zoom Security

With 95% Accuracy, New Acoustic Attack can Steal from Keystrokes


UK universities’ researchers have recently developed a deep learning model, designed to extract information from keyboard keystrokes collected using a microphone, with 95% accuracy. 

The prediction accuracy decreased to 93% when Zoom was used to train the sound classification algorithm, still exceedingly good and a record for that medium.

Such an attack has a significantly adverse impact on the users’ data security since it is capable of exposing users' passwords, conversations, messages, and other sensitive information to nefarious outsiders.

When compared to the other side attacks that need specific circumstances and are susceptible to data rate and distance restrictions, these acoustic attacks are easier to operate because of the popularity of devices that are now equipped with high-end microphones. 

This makes sound-based side-channel attacks achievable and far more hazardous than previously thought, especially given the rapid advances in machine learning.

Listening to Keystrokes

The attack is initiated in order to acquire keystrokes on the victim’s keyboard, since the data is required for the prediction algorithm to work. This can be done via a nearby microphone or by accessing the microphone on the target's phone, which may have been compromised by malware.

Additionally, keystrokes can also be recorded via Zoom call, in which, rogue meeting attendee compares the messages entered by the target with the auditory recording of that person.

The researchers acquired training data by pressing 36 keys on a modern MacBook Pro, 25 times each, further recording the sounds produced on each press. 

The spectrogram images were used to train the image classifier "CoAtNet," and it took some trials and errors with the epoch, learning rate, and data splitting parameters to get the best prediction accuracy outcomes.

The same laptop, whose keyboard has been present in all Apple laptops over the past two years, an iPhone 13 mini positioned 17 cm from the target, and Zoom were utilized in the researchers' tests.

The CoatNet classifier gained 95% accuracy in the smartphone recordings and 93% from the content captured via Zoom. Skype, on the other, produced comparatively lower accuracy, i.e. 91.7%.

Possible Security Measures

In order to protect oneself from side-channel attacks, users are advised to try “altering typing styles,” or generating passwords with randomized keys. 

Another safety measure includes utilizing software in order to generate keystroke sounds, white noise, or software-based keystroke audio filters. 

Moreover, since the attack model proved highly efficient even against a very silent keyboard, installing sound dampeners to mechanical keyboards or shifting to membrane-based keyboards is unlikely to help in any way. 

Finally, using password managers to avoid manually entering sensitive information and using biometric authentication whenever possible also serve as mitigating factors.

Read more »
Software
Chrome Extensions Cloud9 Cyber Crime Keystrokes Software

Chrome Extensions That Record Keystrokes and Steal Personal Data Should be Avoided

 


Using their Zimperium zLabs research department, Zimperium researchers have discovered a malicious browser extension, dubbed Cloud9. This extension is designed to steal private and sensitive user information and to completely take over the victim's computer. 

Cloud9 is very unnerving because it steals data directly from your computer by monitoring your keystrokes (i.e. keylogging). Cybercriminals would delight in spying on victims' web browser activity since spying can be done through web browsers. After all, it is while you are browsing the web that you are more likely to input highly sought-after credentials, including your bank passwords and other sensitive information. 

Even though you are browsing the web during the time that you are more likely to input highly sought-after credentials, such as your bank passwords or other sensitive information, it is very easy to enter these credentials while you are online. 

In terms of Cloud9, what information do we have? 

As its name suggests, Cloud9 is a botnet that operates as a remote access trojan (RAT) because of the operation method employed. It was found that there were two different versions of Cloud9 that were encountered by researchers: the original and an improved version. The investigators focused their attention in the report, however, on the latter because it "contains all of the functionalities of both variants" according to the report. 

• This type of software runs on a computer to track your keystrokes to steal your credit card information, bank passwords, and more. 

• Using the clipboard, steal your data that was copied and pasted (e.g., you copied it and pasted it). 

• To compromise the user's session, steal your cookies and use them to do so. 

• Cryptocurrencies can be mined using the resources of your browser and computer.

• By inserting malicious code into your device, you will be able to take full control of it.

• From your PC, you can perform DDoS attacks against other websites. 

• A pop-up or an advertisement can be injected into the page. 

The Zimperium zLabs team claims that although Cloud9 is a malicious browser plugin, it cannot be found in any official repository for browser extensions (e.g. Chrome Web Store), despite it being a known malware on the internet. Researchers have found that Cloud9 has been masquerading as an Adobe Flash Player update on malicious websites more frequently than not, according to the research. 

What is the history of Cloud9 and where did it come from? 

A malware group called Keksec was connected to Cloud9 by the investigators to trace its origin. There have been many attacks targeted by this group that has been associated with mining-related malware, said Zimperium zLabs researchers. 

It seems as though the Cloud9 botnet is currently being sold for a few hundred dollars or for free on several hacker forums throughout the world. A report from the company warned that this malware was not targeting a specific type of group. To exploit as much valuable information as possible from all users, cyber criminals target all users to maximize their profits from their exploits. 

In a report released by Zimperium, it was said that because traditional endpoint security solutions do not monitor this vector of attack, browsers are susceptible. However, Cloud9 should remain a distant threat as long as you do not side-load extensions from malicious websites into your browser or use fraudulent executables that originate from malicious websites.
Read more »
Subscribe to: Posts (Atom)