Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Messaging Apps. Show all posts
Telegram
Cyber Attacks DDoS Hactivist Group Messaging Apps Telegram

Hackers Attack Telegram With DDoS After Targeting Microsoft and X

 

Anonymous Sudan has launched a distributed denial-of-service (DDoS) attack against Telegram in response to the messaging platform's decision to deactivate its principal account, according to threat intelligence firm SOCRadar. 

Anonymous Sudan, claiming to be a hacktivist group motivated by political and religious concerns, carried out DDoS attacks against organisations in Australia, Denmark, France, Germany, India, Israel, Sweden, and the United Kingdom. 

The group has been active since the beginning of the year, and on January 18, it launched its Telegram channel, proclaiming its intention to undertake cyberattacks against any entity that opposes Sudan. The group's operations began with the targeting of many Swedish websites. 

However, in June, Microsoft 365, Outlook, Microsoft Teams, OneDrive for Business, and SharePoint Online were the targets of a string of disruptive DDoS attacks launched by Anonymous Sudan, which quickly gained attention. Cloud computing platform Azure from Microsoft was also impacted. Microsoft, which records the group as Storm-1359, confirmed DDoS attacks were the cause of the interruption after Anonymous Sudan boasted about the strike on their Telegram channel. 

With the goal of forcing Elon Musk into establishing the Starlink service in Sudan, the organisation launched a disruptive DDoS attack against X (previously Twitter) in late August. The hacktivists' primary Telegram channel has been moved temporarily as a result of the attack on Telegram, which had a different objective than the group's usual targets but yet failed to accomplish its goal. 

Uncertainty around the ban on Telegram has led the threat intelligence company to speculate that it may be connected to recent attacks on X or the use of bot accounts. Current DDoS and defacement operations are being carried out by the Anonymous Sudan group, which may not be based in Sudan and may actually have connections to the Russian hacking collective KillNet, according to previous reports from SOCRadar and Truesec. 

The group doesn't request the support of pro-Islamic organisations, only communicates with Russian hackers, and mostly posts in English and Russian rather than Arabic. The campaigns that have been noticed also have no connection to political issues regarding Sudan. 

The group also doesn't seem to be associated with the original Anonymous Sudan hacktivists, who first showed up in Sudan in 2019, or with Anonymous, the decentralised, anti-political hacktivist movement.
Read more »
Security
Application Cyber Security Data Location data Messaging Apps Safety Security

Can Messaging Apps Locate You? Here's All You Need to Know

 

If you're worried about cybersecurity, you might question whether texting apps can follow you. Yes, but it's not as big of a deal as you believe. Understanding how location monitoring works on major messaging applications, as well as the risks associated with it, is critical. Many social media apps require location information in order to streamline the services they provide. Road directions, food delivery, and other features that require access to your location to serve you better are examples of these services. So messaging applications can easily and precisely follow you, and they collect this information from you in a variety of ways.

One of the most typical methods is to simply ask you to enable your location and grant the app permission to access it. The GPS technology allows the programme to access your latitude and longitude coordinates, pinpointing your location, after you grant it permission. For example, several free messaging programmes, including your standard SMS app, iMessage, and WhatsApp, provide a live-location function that allows you to share your current location if necessary.

Wi-Fi and Bluetooth signals from your phone can also provide location information. Apps that monitor the signal strength of adjacent Wi-Fi routers and Bluetooth devices can track your whereabouts. However, this technology is less dependable than GPS tracking and can only provide an estimated location.

Some photo-sharing social networking apps, such as Instagram and Snapchat, leverage location-based functionality on your device, such as geotagging photos or providing more accurate search results. Then there's Twitter, which uses algorithms to serve your feed items based on location.

Another culprit is your IP address. When a device connects to the internet, it is assigned a unique IP address. This address may expose your general location, such as your city or area. Location history (a record of where your phone, i.e. you, has been) can be stored on the servers of apps like Snapchat.

Most messaging apps provide thorough information about their privacy policies and how they track your location and keep your data. So, rather than skipping them without reading the material, you should go into them. If you are uncomfortable with their practices, you can restrict their access through your device settings. However, doing so may result in inconsistencies and inaccuracies with the app's location-based functionality. The most serious hazards linked with location tracking by messaging media apps are invasions of privacy and data breaches.

How to Prevent Messaging Apps from Tracking You

Using airplane mode is the best approach to prevent your location from being tracked. However, doing so would disable incoming calls as well as your data connection. Fortunately, there are less restrictive methods for preventing messaging apps from seeing your location data.

You can always disable your location. Most phones feature a button in the quick panel for this. However, if yours does not, you can do so using a Samsung Galaxy phone:
  • Go to your phone's Settings.
  • Head over to Apps.
  • Select the app you want to turn on/off privacy access.  
  • Tap on Permissions, and then Location.
  • Tap Deny, and WhatsApp won't have access to your location anymore.
VPNs, or Virtual Private Networks: They protect your privacy by routing your internet traffic through a remote server operated by the VPN operator. A VPN uses a variety of approaches to prevent tracking. First, it switches your IP address to that of the VPN server in another location, which is usually far away. Any programme that attempts to trace your location using your IP address will be unable to do so because it has been changed to that of the VPN server.

Premium VPNs also encrypt your data, disguising the data transmitted between your device and the VPN server. Any third party attempting to intercept it will find it illegible as a result. They frequently feature firewalls and ad blockers that they can employ to avoid any problems.

Utilize Private Browsers: Some web browsers include firewalls and ad blockers that restrict third-party cookies and delete your browsing history when you close the app. So, if you use these private browsers to access social media, you can be confident that your location is hidden from prying eyes.

One must also study the privacy policies of these apps and take steps to limit the location sharing to trusted contacts only.
Read more »
Trojanized Apps
Data Hackers Messaging Apps Safety Secure Messaging Security Trojanized Apps

Transparent Tribe Hackers Disseminate CapraRAT via Trojanized Messaging Apps

 

Transparent Tribe, an alleged Pakistan-aligned advanced persistent threat (APT) group, has been interconnected to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT. 

"Transparent Tribe distributed the Android CapraRAT backdoor via trojanized secure messaging and calling apps branded as MeetsApp and MeetUp," ESET said in a report shared with The Hacker News.

It is estimated that up to 150 victims, most of whom have military or political affiliations, were targeted, with the malware (com.meetup.app) available for download from fake websites posing as official distribution centers for these apps. The targets are believed to have been lured by a honeytrap romance scam in which the threat actor approaches the victims via another platform and persuades them to install malware-laced apps under the guise of "secure" messaging and calling.

The targets are believed to have been lured by a honeytrap romance scam in which the threat actor approaches the victims via another platform and persuades them to install malware-laced apps under the guise of "secure" messaging and calling.

The apps, however, come pre-installed with CapraRAT, a modified version of the open-source AndroRAT that Trend Micro first documented in February 2022 and that exhibits overlap with a Windows malware known as CrimsonRAT.

The backdoor includes a plethora of features that allow it to capture screenshots and photos, record phone calls and surrounding audio, and exfiltrate sensitive data. It can also make calls, send SMS messages, and receive download commands. However, in sequence to use the app's features, users must first create an account by linking their phone numbers and completing an SMS verification step.

As stated by the Slovak cybersecurity firm, the campaign is narrowly targeted and there is no evidence that the apps were available on the Google Play Store.

Transparent Tribe, also known as APT36, Operation C-Major, and Mythic Leopard, was recently linked to another wave of attacks against Indian government organizations using malicious versions of the Kavach two-factor authentication solution.

The research comes just weeks after cybersecurity firm ThreatMon detailed a spear-phishing campaign by SideCopy actors targeting Indian government entities with the goal of deploying an updated version of the ReverseRAT backdoor.
Read more »
WhatsApp
internet outage Message Messaging Apps Outage Power Outage WhatsApp

WhatsApp: Instant Messaging App Services Restored After a 2 Hour Outage

The instant messaging app WhatsApp is restored after a two-hour-long outage on Tuesday. WhatsApp, with around a billion active users, was alerted about the global outage when hundreds of thousands of its online users reported the disruption in their messaging app. 

Reportedly, the instant messaging platform went down at 12:30 PM IST, on Tuesday. The users reported they were unable to send messages or make calls through the app, which was earlier thought of as a mere network connectivity issue. The outage was not limited to the smartphone users of the app, since users of WhatsApp web were also facing the same consequences of the disruption. 

As per a report by Downdetector, an online platform providing real-time stats and information regarding online web services, more than 11,000 online users had reported the outage, while in the United Kingdom the count was 68,000. While in Singapore, about 19,000 users reported disruption in the app since 07:50 GMT. 

Downdetector gathers status updates from various sources, including user-submitted errors on its platform, to keep track of outages. There may have been many users who were impacted by the outage. 

Additionally, WaBetaInfo, an online portal tracking WhatsApp services claimed that the issue is indeed from the server’s side and thus cannot be resolved from the online user’s end. 

Soon after acknowledging the issue, WhatsApp’s parent company Meta said that their engineers are working on the outage issue and will solve it as soon as possible. Following this, Meta Spokesperson even apologized to the users for the inconvenience.  

“We are aware that some people are currently having trouble sending messages and we are working to restore WhatsApp for everyone as quickly as possible,” says Meta Company Spokesperson. While the reason behind the outage is still not revealed by the parent company. 

Considering the popularity of the messaging app which has increasingly emerged as an important communication tool between users, businesses, and governments globally, over 100 billion messages are exchanged daily through WhatsApp as of 2020. This recent outage may have affected a large number of users, including government officials and telecom service providers.
Read more »
Vulnerabilities and Exploits
Eavesdrop Interaction-Less Flaws Messaging Apps Vulnerabilities and Exploits

The 'Interaction-Less' Flaws in Messaging Apps Allowed Hackers to Eavesdrop

 

Last week, at the Black Hat security conference in Las Vegas, Google’s Project Zero researcher, Natalie Silvanovich presented her findings of remote eavesdropping bugs in communication apps like Signal, Google Duo, and Facebook Messenger, as well as popular international platforms JioChat and Viettel Mocha. 

Natalie was concerned with the surge of bugs in the popular apps. The vulnerability in the Facebook Messenger app could have allowed hackers to listen in on audio from a victim's device. The flaws in Viettel Mocha and JioChat gave advanced access to both audio and video. The Signal flaw exposed audio only and the Google Duo flaw gave video access, but only for a few seconds. These few seconds were enough to record a few frames or grab screenshots.

In early 2019, a bug in group FaceTime calls of iPhone would have allowed threat actors to activate the microphone, and even the camera, of the iPhone they were calling and eavesdrop before the recipient did anything at all. The implications were so severe that Apple blocked the Group FaceTime feature entirely until the company patched the bug. 

“When I heard about that group Face Time bug, I thought it was a unique bug that would never occur again, but that turned out not to be true. This is something we didn’t know about before, but it’s important now for the people who make communication apps to be aware. You're making a promise to your users that you’re not going to suddenly start transmitting audio or video of them at any time, and it’s your burden to make sure that your application lives up to that,” Silvanovich explained.

Silvanovich has kept a close eye on the “interaction-less” flaws, vulnerabilities that don't require their targets to click a malicious link, download an attachment, enter a password in the wrong place, or engage in any way. 

“The idea that you could find a bug where the impact is, you can cause a call to be answered without any interaction—that's surprising. I went on a bit of a tear and tried to find these vulnerabilities in other applications. And I ended up finding quite a few,” says Silvanovich. 

The developers of messaging apps were extremely responsive about patching the flaws within days or a few weeks of her disclosures. All of the bugs have been patched, but the surge of security loopholes in messaging apps emphasizes how common these flaws can be and the need for developers to take them seriously.
Read more »
Subscribe to: Posts (Atom)