Tag Archive for: posing

Iranian hackers, posing as Proud Boys, tried to disrupt 2020 election, feds say

/in


A pair of Iranian hackers ran a sophisticated online campaign aimed at interfering with last year’s presidential election by threatening and influencing American voters, federal officials said Thursday.

As part of their campaign, the conspirators got confidential U.S. voter information from at least one state election website and sent threatening email messages to intimidate people before they cast their ballots, prosecutors said.

The disinformation duo also created a video that detailed false voting vulnerabilities, and even gained unauthorized access to a U.S. media company’s computer network — but were stopped before they could do any further damage to it, authorities said.

Seyyed Mohammad Hosein Musa Kazemi, 24, and Sajjad Kashian, 27, were both charged with conspiracy, voter intimidation and transmission of interstate threats. Kazemi was also charged with unauthorized computer intrusion, computer fraud and knowingly damaging a protected computer.

The accused hackers were equal opportunity disruptors. According to the indictment, hackers targeted Republicans with messages claiming voter fraud, and Democrats with “false flag” threats from the Proud Boys.

The fake Proud Boys sent Facebook messages and emails to Republican senators and members of the House, individuals associated with former President Donald Trump’s campaign, White House advisers and members of the media.

The false election messages claimed that the Democratic Party was planning to exploit “serious security vulnerabilities” in state voter registration websites to “edit mail-in ballots or even register nonexistent voters.”

Hackers also sent intimidating emails to tens of thousands of registered voters, threatening them with physical injury if they did not change their party affiliation and vote for Trump.

“The FBI remains committed to countering malicious cyber activity targeting our democratic process,” said Bryan Vorndran, assistant director of the FBI’s Cyber Division.

Even the day after the election, on Nov. 4, the suspects tried to use stolen credentials to gain access to a media company’s computer network to disseminate more false information, the indictment said. But the…

Source…

Connected home devices posing more hacking risks for Indian firms

/in


Nearly 86 per cent of Indian enterprises believe that the shift to remote working during the pandemic has resulted in an increased number of IoT (Internet of Things) security incidents via connected devices at home, according to a new report.

Smart home  connected devices such as light bulbs, wearable devices such as heart rate monitors, connected sports equipment, kitchen appliances such as coffee machines, game consoles and even pet technology are among the list of the strangest devices identified in the study.

About 84 per cent organisations in the country have seen an increase in the amount of non-business IoT devices connected to their business network over the past year, according to cyber-security firm Palo Alto Networks.

While 73 per cent respondents believe that IoT security regulations are not keeping pace with the amount of IoT connecting devices, thus putting them at risk, 97 per cent believed that their organisation’s approach to IoT needs improvement.

Connected cameras, connected wearables and connected home devices are some of the non-business devices organisations have found attached to their networks, which could be posing risk to Indian enterprises.

“Remote workers need to be aware of devices at home that may connect to corporate networks via their home router. Enterprises need to better monitor threats and access to networks and create a level of segmentation to safeguard remote employees and the organisationa�s most valuable assets,” said Vicky Ray, principal researcher, Unit 42 at Palo Alto Networks.

Cyber criminals know that one small IoT sensor can provide entry into a corporate network to launch ransomware attacks and more.

According to the global survey of IT decision makers by Palo Alto Networks, 78 per cent of respondents from organisations that have IoT devices connected to their network reported an increase in non-business IoT devices on corporate networks in the last year.

“IoT adoption has become a critical business enabler. It presents new security challenges that can only be met if employees and employers share responsibility for protecting networks,” Ray added.

Source…

Gigaset Android phones receive malware posing as software update

/in


Gigaset Android Phone Malware Trojan

Remember Gigaset? The Android phone maker released the Gigaset QV830 and QV1030 Android tablets back in 2013. It then entered the smartphone market with sleek devices and modern specs in 2015. More Gigaset Android devices have been introduced but unfortunately, it seems a malware has infected several of them. According to a report, it appears to be a supply-chain attack caused by a Trojan that is downloaded and installed on a device. It disguises as a software update but is actually a malware.

It is said to be a very annoying malware because it can do a lot of things like send people SMS to spread malware, fetch other malicious apps, and open browser windows among others. Our source said the updates were actually seeded as early as April 1.

There is no word on the cause of the attack but there are people working on a fix. At the moment, it may be difficult to remove since “Permanent removal usually fails”. Interestingly, it’s Gigaget’s servers that are delivering the malware as an update.

Some good news though. The malware only attacks the older Gigaset phones. More information are expected to be released by the company so let’s wait and see.

Gigaset isn’t exactly fully to blame here. The hackers are believed to have gotten into the update servers of Gigaset to deliver the Trojans. But then this means Gigaset isn’t that secure.

If you own an older Gigaset smartphone, you can check HERE and see how to wipe the malware. You need to do some uninstalling but only if you know how.

Here’s what Gigaset Senior Vice-President for Communications Raphael Dörr said:

We take the issue very seriously and are working intensively on a short-term solution for the affected users. In doing so, we are working closely with IT forensic experts and the relevant authorities. We will inform the affected users as quickly as possible and provide information on how to resolve the problem.

We expect to be able to provide further information and a solution within 48 hours. It is also important to mention at this point that, according to current knowledge, the incident only affects older devices.

The company executive also mentioned the phones not…

Source…

Google and Facebook scammed out of $123 million by man posing as hardware vendor

/in
Google and Facebook scammed out of $ 123 million by man posing as hardware vendor

Even the most tech savvy companies in the world can fall for business email compromise.

A Lithuanian man has this week pleaded guilty to tricking Google and Facebook into transferring over $ 100 million into a bank account under his control after posing as a company that provided the internet giants with hardware for their data centers.

Read more in my article on the Tripwire State of Security blog.

Graham Cluley