Tag Archive for: accounts

Meta says it locked pro-Palestinian accounts after signs of security compromise

/in


Palestinians take part in a protest in support of the people of Gaza, as the conflict between Israel and Palestinian Islamist group Hamas continues, in Hebron, in the Israeli-occupied West Bank, October 25, 2023.

Mussa Issa Qawasma | Reuters

Meta, the owner of Instagram and Facebook, said Wednesday that its security staff had detected a possible hacking attempt on pro-Palestinian accounts with millions of followers and locked the accounts while it tries to reach the account owners. 

The account @eye.on.palestine had more than 6 million followers on Instagram before it suddenly went dark Wednesday, according to an archived description on Google’s search engine. A backup account, @eye.on.palestine2, was also unavailable Wednesday, as were a related Facebook account and a Threads account. 

The accounts focused on posting media from Gaza, including videos and images of injured people. The material was generally unverified by international journalists. It’s not clear who or how many people posted to the pages. 

When they were visited Wednesday, the Instagram pages returned the message: “Sorry, this page isn’t available.” 

The disruption to the accounts has sparked anger among followers. In posts on X, some followers interpreted the disappearance of the pages as an example of anti-Palestinian censorship. 

But Meta said late Wednesday that it had disabled the accounts because of security concerns. 

“These accounts were initially locked for security reasons after signs of compromise, and we’re working to make contact with the account owners to ensure they have access,” Meta spokesperson Andy Stone said in a statement. 

“We did not disable these accounts because of any content they were sharing,” he said. 

Stone didn’t provide any other details about Meta’s investigation into the signs of compromise. He said the investigation was continuing. 

The account owners couldn’t be reached by NBC News for comment Wednesday, including by email.

In an update Thursday morning, Stone said the company had been able to reach the accounts’ administrators and that the accounts would be able to reactivate.

“These accounts were initially locked for security reasons after signs of compromise,” Stone said in a…

Source…

Steam Store Spreaded Malware After Hacker Hijacked Developer Accounts

/in


Valve’s Steam store was reportedly exploited to spread malware to a small number of users. 

The incident occurred after a hacker breached several game developer accounts on Steam. The attacker then circulated malware over the platform through game updates to users. 

The problem came to light after Valve was spotted sending out a message to affected users last month about the malware infections. “The Steam account for the developer of this game was recently compromised and the attackers uploaded a new build that contained malware,” the company wrote in the notice. 

Simon Carless, founder of the Game Discover Co newsletter, then connected the message to an announcement Valve made this week, notifying game developers about a new security requirement for their accounts. “Looks like it’s related to hackers taking over Steam dev accounts and adding malware to game builds,” he wrote. 

Valve has since told PCGamer that multiple game developer accounts were recently compromised. Fortunately, the intrusions only led to fewer than 100 Steam users receiving malware through the game updates. These users have since received warnings from Valve notifying them about the threat. 

To prevent future hijackings, Valve is essentially requiring game developers on Steam to enroll in two-factor authentication. However, the company is demanding developers do so by registering their accounts with a phone number to receive the SMS-based two factor codes. 

“This change will go live on October 24, 2023, so be sure to add a phone number to your account now. We also plan on adding this requirement for other Steamworks actions in the future,” Valve said in the announcement

The problem is that SMS-based two factor authentication can be vulnerable to SIM swap attacks and other forms of phishing capable of stealing the access codes. As a result, some game developers have been complaining about the new requirement and instead urging Valve to ditch the SMS-based two factor authentication for more secure authenticator apps

“Why does every company and their grandpa think they’re entitled to my PRIVATE phone number, that so far I’ve managed to keep reasonably spam free,” added one developer…

Source…

Winrar Zero-Day Hack Exposes Crypto Accounts

/in


(MENAFN– CoinXposure)
The developers of the file compression software WinRAR have rectified a zero-day vulnerability that allowed hackers to install malware on the computers of unsuspecting victims and access their cryptocurrency and stock trading accounts.

On August 23, the singapore-based cybersecurity company Group-IB disclosed a zero-day vulnerability in WinRAR’s handling of the ZIP file format.

The zero-day vulnerability identified as CVE-2023-38831 was exploited for approximately four months, allowing attackers to install malware when a victim clicked on archive files.

According to the report, the malware would then enable hackers to compromise online crypto and stock trading accounts.

Using the exploit, threat actors were able to generate maliciRAR and ZIP archives containing files that appeared to be harmless, such as JPG images and PDF documents.

These weaponized ZIP archives were then disseminated on trading forums aimed at crypto traders, containing trading strategies such as“Best Personal Strategy for Trading with Bitcoin.

The report affirmed that maliciarchives made their way onto at least eight public trading forums, infecting at least 130 devices; however, the financial losses sustained by the victim are unknown.

WinRar exploit infection chain. Source: Group-IB

See also cristiano ronaldo, binance partner for“forevercr7” 2 months ago

Upon execution, the script initiates a self-extracting (SFX) archive that infects the target computer with varistrains of malware, including DarkMe, GuLoader, and Remcos RAT.

These grant the perpetrator remote access privileges on the compromised system. DarkMe malware has been utilized in the past for cryptographic and financial-motivated attacks.

The researchers informed RARLABS, which rectified the zero-day vulnerability in the August 2 release of WinRAR version 6.23.

In August, BlackBerry identified several malware families that actively targeted computers to mine or pilfer cryptocurrencies.

In the same month, a newly discovered remote access tool dubbed HVNC (Hidden Virtual Network Computer) was discovered for sale on the dark web. This tool allows hackers to compromise Apple operating…

Source…

Woman loses over $20k from credit card and bank accounts after downloading third-party app

/in


SINGAPORE – A food delivery order that was supposed to cost $58 ended up costing Ms Lim (not her real name) over $20,000 after scammers took control of her Android phone and banking details remotely.

Ms Lim, 54, lost almost $20,500 from a credit card account and two DBS savings accounts in hours after she clicked on a link to download a third-party app, following which scammers then increased her credit limits and siphoned out all her money.

She had been looking for healthy tingkat (tiffin) meal delivery options for her elderly parents, and on July 26, she made an inquiry after seeing a Facebook ad from a company called Healthy Box.

The ad appeared to be from local caterer Grain, whom she had ordered from before. Hence, she was not suspicious.

She contacted the poster of the advertisement via Facebook messenger, after which the conversation continued on WhatsApp at around noon that day.

After the person confirmed they were from Grain, they sent her a link via WhatsApp to download an app – one that she had not used before – to make the order. She then installed the app, which she said looked exactly like the mobile-enabled version of Grain’s site.

When asked to make payment of $58 via PayNow to another number, she received a message saying that the vendor had not installed PayNow and that she could send the vendor a link to do so.

She then messaged the person to inform them that their PayNow was not working and asked them to check on it, but did not receive a reply.

Ms Lim, who works in events and marketing, went back to her online meetings. About 90 minutes later, when taking a lunch break, she noticed that her phone felt “burning hot”.

When she switched it on, the phone showed a blank screen and it had automatically performed a factory reset. Not suspecting anything, she followed the sequence to reset the phone and set it up again, as one would with a new phone.

Later that day, when she attempted to use her ATM card to withdraw money at around 6pm, she realised that her bank balance was zero.

She called the DBS customer service hotline, and an officer confirmed that $20,493.87 had been transferred out of her account.

A few days later, she went to…

Source…