Tag Archive for: hackers

This social media migration is a hacker’s dream

/in


Early 2021 has seen an inspiring evolution in the way people communicate online. Unfortunately hackers are eager to find ways to exploit these advances, particularly in forums where politics are discussed, and especially on the conservative side. 

Case in point the various platforms where citizens discussed QAnon conspiracy theories and MAGA agenda. Most of the platforms experienced a shake-up following the riots that resulted in the breach of the Capitol in Washington, DC. 

The platforms derided by what has become a mass exodus from traditional Big Data social media are Twitter, Facebook, Instagram, WhatsApp and TikTok. The companies that hosted the “problem” include Amazon, Apple, Facebook and Google. The migration landed primarily at Gab, Parler, Rumble and Signal, as well as some smaller players in the messaging game. 

In its never-ending march to a post-privacy society, Facebook announced it would deploy data associated with its nearly 2 billion users throughout the company’s ecosystem of apps on the same day of the riot–January 6. The announcement was met with universal disapproval but it quickly became more amplified on the Right, since it coincided with the de-platforming of former President Donald Trump and riot participants who posted their crimes in the Capitol online. The right-wing Twitter alternative Parler was swamped with new users and then shortly thereafter taken offline by its hosting provider at Amazon Web Services.

That’s an enormous number of people moving digitally, and concomitantly provided an opportunity for hackers. The secure messaging service Signal reported periodic outages from the influx of new users, and Telegram added 25 million new users over a 72 hour period according to its CEO.

Although the privacy and security settings offered by alternative messaging services like Telegram and Signal may appeal to users looking for a secure place to exchange views and information, they may not be as failsafe an option as they seem.

Reports of hacking are already circulating 

I was contacted by a person who was doing research on QAnon in the wake of the riot who had a surprising interaction. While messaging on Telegram with Trump supporters and…

Source…

Russian Hackers Suspected In Cyber Attack At Federal Agencies : NPR

/in


News Highlights: Russian Hackers Suspected In Cyber Attack At Federal Agencies : NPR.

According to reports, the US Treasury Department, which is featured here in 2019, was hacked along with the US Department of Commerce. Russia is suspected, but denies involvement. The US government has acknowledged a violation and says it is investigating to make a full assessment.

Patrick Semansky / AP

hide caption

switch caption

Patrick Semansky / AP

According to reports, the US Treasury Department, which is featured here in 2019, was hacked along with the US Department of Commerce. Russia is suspected, but denies involvement. The US government has acknowledged a violation and says it is investigating to make a full assessment.

Patrick Semansky / AP

Updated at 5:00 p.m. ET

According to US officials and media reports, Russian hackers working for the Kremlin are said to be responsible for breaches of US government computer systems in the Treasury, Commerce and Homeland Security departments, which may have taken months to be discovered.

The hackers had allegedly broken into the email systems of the government departments, but the full extent of the breach was not immediately apparent as US officials rushed to make an assessment. There are concerns that hackers may have invaded other government departments and perhaps many private companies as well.

The Department of Commerce, the National Security Council and the Department of Homeland Security all acknowledged the breach in brief statements but did not provide details.

“We can confirm that there has been a breach in one of our offices,” said the Department of Commerce.

“We have worked closely with our agencies regarding recently discovered activity on government networks,” said NSC spokesman John Ullyot.

The US government did not identify Russia or any other actor as responsible.

Reuters first reported the story on Sunday, and subsequent reports identified Russia’s foreign intelligence agency, the SVR, as the most likely culprit.

Russia’s SVR, the rough equivalent of the CIA in the US, was blamed in 2014-15 for major hacks involving unclassified email systems at the White House, the State Department and joint chiefs of staff.

Russia on…

Source…

Hackers Breach U.S. Cellular Customer Database After Scamming Employees

/in


U.S. Cellular, the fourth-largest wireless carrier in America, has suffered a data breach. Hackers reportedly gained access to protected systems by installing malware on a computer at a U.S. Cellular retail store.

According to the breach notification filed with the Office of the Vermont Attorney General the attack began on the 4th of January. Hackers targeted a handful of U.S. Cellular store employees who had access to its customer relationship management (or CRM) software.

The notification doesn’t offer a lot of specifics about the attack itself. It notes only that those employees fell victim to a scam of some sort.

In incidents like this one, hackers will often contact employees and pretend to be IT support staff or outside contractors providing technology services. If they’re convincing enough, the victims are all too willing to grant remote access.

Once connected the attacker can implant malware that sets up the next phase of the attack. Since the U.S. Cellular staff were logged in to its CRM software at the time of the attack, the hackers immediately went to work collecting customer data.

Their activity was detected on January 6th — just two short days later. Unfortunately some U.S. Cellular customers had already been impacted.

The hackers were able to access customer names and addresses, cellular phone numbers, plan information and access PINs used when making changes to service. In some cases the attackers used that information to port customers’ phone numbers to other cellular carriers.

This can be very bad news for consumers. A ported phone number can allow a hacker to break into sensitive accounts if they’re protected by SMS-based two-factor authentication.

Porting can provide fodder for blackmail schemes and access to private photos and other data. A stolen phone number also gives a cybercriminal a convincing starting point for launching further attacks against a victim’s close contacts.

Impact of the attack was limited because the infected computer was quickly isolated before further harm could be done. U.S. Cellular has reset the affected customer PINs,…

Source…

USCellular hit by a data breach after hackers access CRM software

/in


USCellular

​Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers’ accounts.

In a data breach notification filed with the Vermont attorney general’s office, USCellular states that retail store’s employees were scammed into downloading software onto a computer.

This software allowed an attacker to access the computer remotely, and as the employee was logged into the customer relationship management (CRM), they gained access to that as well.

“On January 6, 2021, we detected a data security incident in which unauth0rized individuals may have gained access to your wireless customer account and wireless phne number. A few employees in retail stores were successfully scammed by unauthorized individuals and downloaded software onto a store computer.”

“Since the employee was already logged into the customer retail management (“CRM”) system, the downloaded software allowed the unauthorized individual to remotely access the store computer and enter the CRM system under the employee’s credentials,” states the USCellular data breach notification.

USCellular believes the attack occurred on January 4th, 2021.

It is not clear from the notification how many customers were affected and whether the employees were scammed via a phishing email or another method. 

While viewing a customers’ account in the CRM, the threat actor would have been able to see their name, address, PIN, cell phone numbers, service plan, and billing/usage statements.

“As indicated above, your customer account was impacted in this incident. Information your customer account includes your name, address, PIN c0de, and cellular telephone numbers(s) as well as information about your wireless services including your service plan, usage and billing statements known as Customer Proprietary Network Information (“CPNI”),” the data breach notification continues.

USCelluar states that customers’ social security numbers and credit card information were not accessible as they are masked in the CRM.

After learning of the attack, USCellular isolated the infected computer and reset the employee’s passwords.

The company also reset impacted customers’ and authorized contact’s PIN and…

Source…