Tag Archive for: Blackmail

Watchdog says it won’t give in to hackers’ blackmail

/in


The Consumer Council on Friday confirmed it has been the victim of a hacking attack, saying it won’t pay a blackmail demand and will only find out exactly what data has been stolen when it gets leaked on the internet.

The watchdog said its computer system was hacked on Wednesday and was told to pay a ransom of US$700,000 to prevent the stolen data from being made public.

The hackers are offering a US$200,000 discount if the ransom is paid by 11.20pm on Saturday.

The attack comes just weeks after government-owned Cyberport also fell prey to hackers who stole personal information on various individuals linked to the technology park.

The Consumer Council said it wasn’t sure what data has been stolen from its system, but it could include ID and phone numbers of current and former staff, their relatives, as well as job applicants.

The watchdog said the breach might also affect some 8,000 subscribers to its CHOICE magazine.

“Because we will definitely not pay the ransom, we will probably need to wait after the ransom deadline and the attackers leak the stolen data to determine what data has exactly been stolen,” said Gilly Wong, the council’s chief executive.

At a press briefing, chairman Clement Chan said the hacking incident has caused disruption to the council’s services.

“The attack has resulted in almost 80 percent damage of the computer system, causing disruption to its hotline services and update of price comparison tools,” said Chan.

“The council has taken immediate action to strengthen the security measures of the system to prevent further attacks by the hacker, whilst appointing a forensic expert immediately to conduct investigations. Hotline services have currently resumed after emergency repairs.”

The council said it would reach out to potential victims of the breach in the next few days, adding that it has also reported the incident to the police and the privacy watchdog.

Source…

Botched Bitcoin blackmail, iSpoof, and Meta’s billion dollar data bungle • Graham Cluley

/in


Smashing Security podcast #323: Botched Bitcoin blackmail, iSpoof, and Meta’s billion dollar data bungle

13 years jail for spoofing scammer, a rogue IT security expert’s Bitcoin blackmail goes wrong, and Facebook’s eyewatering GDPR fine may be only the beginning of its problems.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast’s Zoë Rose.

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Zoë Rose – @RoseSecOps

Episode links:

Sponsored by:

  • Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
  • Kolide – Kolide ensures that if your device isn’t secure it can’t access your cloud apps. It’s Zero Trust for Okta. Watch a demo today!
  • Centripetal – Centripetal’s CleanINTERNET defends your assets from cyber threats by leveraging dynamic threat intelligence on a mass scale.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy.
Follow him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an email.

Source…

Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims

/in


Dec 15, 2022Ravie LakshmananMobile Security /

Money-Lending Apps

A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices.

Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform Flutter framework to develop the apps.

MoneyMonger “takes advantage of Flutter’s framework to obfuscate malicious features and complicate the detection of malicious activity by static analysis,” Zimperium researchers Fernando Sanchez, Alex Calleja , Matteo Favaro, and Gianluca Braga said in a report shared with The Hacker news.

“Due to the nature of Flutter, the malicious code and activity now hide behind a framework outside the static analysis capabilities of legacy mobile security products.”

The campaign, believed to be active since May 2022, is part of a broader effort previously disclosed by Indian cybersecurity firm K7 Security Labs.

None of the 33 apps used in the deceptive scheme have been distributed through the Google Play Store. The money lending applications, instead, are available through unofficial app stores or sideloaded to the phones via smishing, compromised websites, rogue ads, or social media campaigns.

CyberSecurity

Once installed, the malware poses a risk as it’s designed to prompt the users to grant it intrusive permissions under the pretext of guaranteeing a loan, and harvest a wide range of private information.

The collected data – which includes GPS locations, SMSes, contacts, call logs, files, photos, and audio recordings – is then used as a pressure tactic to force victims into paying excessively high-interest rates for the loans, sometimes even in cases after the loan is repaid.

To make matters worse, the threat actors subject the borrowers to harassment by threatening to reveal their information, call people from the contact list, and send abusive messages and morphed photos from the infected devices.

The scale of the campaign is unclear owing to the use of sideloading and third-party app stores, but the rogue apps are estimated to have racked up over 100,000 downloads through the distribution vector.

“The extremely…

Source…

Lookout Exposes New Spyware Used by Sextortionists to Blackmail iOS and Android Users

/in


SAN FRANCISCO, Dec. 16, 2020 /PRNewswire/ — Lookout, Inc., the leader in mobile security, today announced the discovery of Goontact, a new spyware targeting iOS and Android users in multiple Asian countries. Uncovered by the Lookout Threat Intelligence team, Goontact targets users of illicit sites and steals personal information stored on their mobile devices. Evidence shows these sextortion scams are affecting Chinese-, Japanese- and Korean-speaking people. Goontact may also be operating in Thailand and Vietnam. Lookout discovered evidence the campaign may have been active since 2018 and is still active today. 

The goal of adversaries is likely extortion or blackmail, based on the information gathered and the quality of the sites that distribute these malicious apps. The bounty of information Goontact can exfiltrate includes device identifiers and phone numbers, contact information, SMS messages, photos on external storage and even location information. The culprits spearheading Goontact are still unknown but based on the Lookout research, it is highly probable that Goontact is the newest addition to a crime affiliate’s arsenal, rather than nation-state actors.

The private data individuals keep on mobile devices both makes it easier for cybercriminals to socially engineer successful attacks and, in the case of Goontact, run successful extortion campaigns. Acting on human impulse, this scam begins when potential targets are lured into initiating a conversation on websites offering escort services. In reality the targets communicate with Goontact operators who later convince them to install mobile applications meant to enhance the user experience. The mobile applications in question appear to have no real user functionality, except to steal the victim’s personal data, which is then used by the attacker ultimately to extort money from the target. 

“It’s no secret that mobile devices are a treasure trove for cybercriminals,” said Phil Hochmuth, Program Vice President of Enterprise Mobility at IDC. “As the use of mobile devices continues to increase, so does the maturity of iOS and Android cybercrime. Now more than ever, consumers must be proactive in avoiding compromise with…

Source…