Tag Archive for: Drops

Zero-Click iPhone Exploit Drops Spyware on Exiled Russian Journalist


A report this week about Pegasus spyware showing up on an iPhone belonging to award-winning Russian journalist Galina Timchenko has highlighted again the seemingly myriad ways that government and law enforcement agencies appear to have to deliver the odious surveillance tool on target devices.

Timchenko is an exiled Russian investigative journalist and co-founder of Meduza, a Russian- and English-language news site headquartered in Riga, Latvia. On June 22, Apple sent Timchenko a threat notification that warned her that her device is likely the target of a state-sponsored attack. Apple earlier this year rolled out the spyware threat notifications, which are designed specifically to assist users that the company determines are being individually targeted because of what they do.

Targeted for Spying

Meduza’s technical director reached out to the University of Toronto’s Citizen Lab for help understanding what the alert might have been about. Researchers at Citizen Lab, who have earned a reputation over the years for their ability to conduct investigations into incidents of digital espionage, analyzed forensics artifacts from Timchenko’s phone and quickly determined that someone had installed Pegasus on it in February.

Citizen Lab and Access Now, a nonprofit that advocates for human rights in the digital age, collaborated on the investigation of the incident and released two separate reports on it this week.

“We believe the infection could have lasted from days up to weeks after the initial exploitation,” Citizen Lab said. “The infection was conducted via a zero-click exploit, and forensic traces lead us to assess with moderate confidence that it was achieved via the PWNYOURHOME exploit targeting Apple’s HomeKit and iMessage.” Neither Citizen Lab or Access Now attributed the attack to any specific nation-state actor.

PWNYOURHOME is one of three iOS 15 and iOS 16 zero-click exploits that Citizen Lab previously determined NSO Group’s clients to have used in 2022 to drop Pegasus on target iPhones. The two-phase zero-click exploit first targets the HomeKit smart home functionality built into iPhones, and then uses the iMessage process to essentially breach device protections and enable Pegasus…

Source…

Ransomware Revenue Drops Amidst Less Successful Extortion Attempts: Chainalysis


2022 has been a turbulent year. One good thing to come out of it is that – ransomware earnings are significantly down.

Attacks on the crypto industry remain rampant. However, data suggests that victims are increasingly refusing to pay ransomware attackers. Blockchain analytics company Chainalysis, in a new report, shed light on the changing dynamics in the ransomware industry.

Zooming in on Ransomware Attacks 2022

It found that over 10,000 unique strains were active in the first half of the year alone – a trend that was also confirmed by on-chain data. In comparison, around 5,400 unique strains were recorded to be active over the same period of 2021. The number of active strains has increased substantially in recent years, a major portion, however, goes to a small group of strains at any given time.

Lifespans of ransomware have slid in 2022. In fact, the average ransomware strain was found to be active for just 70 days, down from 153 in 2021 and 265 in 2020. Most attackers funnel the extorted funds to mainstream centralized cryptocurrency exchanges. This number surged from 39.3% in 2021 to 48.3% in 2022.

On the other hand, ill-gotten funds being moved to high-risk exchanges fell from 10.9% to 6.7%. A similar declining trend was seen in the usage of illicit services such as darknet markets for ransomware money laundering. However, the usage of coin mixers for the same purpose has increased from 11.6% to 15.0%.

Less Frequent Ransom Payments

Chainalysis stated that the estimate for 2022’s total ransomware revenue fell by 40.3% to at least $456.8 million in 2022 from $765.6 million in 2021. The drop is substantial and demonstrated increasing unwillingness among the victims to pay ransomware attackers and not a decline in the actual number of exploits.

While asserting that ransomware continues to be a major cyber threat to businesses and enterprises, Michael Phillips, Chief Claims Officer of cyber insurance firm Resilience, noted:

“There have, however, been signs that meaningful disruptions against ransomware actor groups are driving lower than expected successful extortion attempts.”

Especially over the past four years, the probability of victims paying a…

Source…

Huawei drops 5G for new P50 phones as US sanctions grip


Huawei Technologies updates

Huawei Technologies revealed its first premium smartphones equipped with the Chinese group’s alternative to Android software but without 5G connectivity on July 29, in a setback forced by restrictions on its access to American technology.

Huawei — the world’s second-biggest smartphone maker as recently as last year — said its latest P50 and P50 Pro phones run on HarmonyOS.

Consumer electronics group chief executive Richard Yu unveiled the phones in a low-key, Chinese-language-only online event — a stark contrast to previous launches aimed at a global audience. Yu did not say whether the new models would be available outside the Chinese market.

“Because of the US sanctions, our new smartphones cannot run on 5G wireless connections even though we are surely the global leader in 5G technology,” Yu said. “But with 4G, Wi-Fi 6 connectivity and our AI computing algorithms, we still can provide as powerful a performance as all the 5G phones.”

This article is from Nikkei Asia, a global publication with a uniquely Asian perspective on politics, the economy, business and international affairs. Our own correspondents and outside commentators from around the world share their views on Asia, while our Asia300 section provides in-depth coverage of 300 of the biggest and fastest-growing listed companies from 11 economies outside Japan.

Subscribe | Group subscriptions

Most of the new premium smartphones from Samsung Electronics, Xiaomi and other Huawei rivals are 5G models. Apple shifted to faster 5G technology last year for its top-of-the-line iPhone 12 series, and plans to add 5G to its lower-cost iPhone SE next year, Nikkei Asia has reported.

Huawei was an early adopter of 5G technology. The company’s Mate 30 series in 2019 was the first in the industry to feature an integrated 5G chipset with a built-in 5G modem — all designed by its semiconductor arm HiSilicon Technologies.

The new P50 smartphones will run on the Kirin 9000 processor developed by HiSilicon, as well as Qualcomm’s Snapdragon 888 4G processor, according to Huawei.

This marks…

Source…

MSCI drops seven Chinese companies from its indices


The index provider MSCI said it would drop seven companies that the US government has labelled as having ties to the Chinese military from its indices, after President Donald Trump barred US investors from holding stakes in such businesses.

MSCI said the seven companies — which included SMIC, China’s biggest chipmaker — would be removed from its global equity indices at the end of the trading day on January 5. The businesses will be dropped from MSCI’s popular emerging markets indices.

The decision has been keenly anticipated, given MSCI indices are the benchmark for many money managers who specialise in emerging markets. More than $12tn is invested in funds benchmarked to one of the company’s thousands of indices, according to MSCI.

Other large index providers including FTSE Russell, Nasdaq and S&P Global Dow Jones Indices have taken similar action to comply with an executive order signed by Mr Trump last month.

The order prohibited new transactions in shares of Chinese businesses that the Pentagon alleges have ties to the Chinese military from January 11 and gives existing shareholders until November 2021 to divest their holdings.

The White House applauded Tuesday’s move by MSCI. “For years American investors have unknowingly financed Chinese Communist military companies, which help the [People’s Liberation Army] threaten US and allied service members,” said John Ullyot, the National Security Council spokesman. “Under President Trump’s leadership, this is coming to an end.” 

The companies MSCI had decided to remove include China Railway Construction Corporation, China Communications Construction Company and Hikvision, a surveillance camera company that supplies some of the equipment used in detention camps in the Xinjiang region where the Chinese government has held an estimated 1m ethnically Muslim Uighurs. The locomotive manufacturer CRRC, the computer server maker Dawning Information Industry Group and the satellite manufacturer China Spacesat will also be cut.

MSCI said it had only removed companies explicitly named in the executive order and not subsidiaries or affiliated companies. The seven companies trade in China and Hong Kong…

Source…