Tag Archive for: Singapore

Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial

/in


In a previous update of Google Play Protect, users were recommended to conduct a real-time app scan to better detect whether an Android app may be infected with malware. When the scan was completed, users were notified about whether it could be safely installed. 

Eugene Liderman, director of Android security strategy at Google, told CNA the real-time scanning enhancement to Google Play Protect was fully rolled out in Singapore in November 2023.

Since the launch of real-time scanning last October, Google said it has helped identify over 515,000 potentially harmful apps, and blocked or warned users almost 3.1 million times when they attempted to install such apps. 

Scam victims are often directed to download an Android package kit (APK) file through sources such as websites, messaging apps or file managers. 

“Members of the public are advised not to download any suspicious APK files on their devices as they may contain malware which will allow scammers to access and take control of the device remotely as well as to steal passwords stored in the device,” the police said in an advisory last July. 

Sideloaded apps typically ask for permission to read and receive SMSes and notifications, and grant accessibility to devices.

These permissions enable scammers to intercept one-time passwords via SMS or from notifications and spy on screen content, said Google.

The tech giant’s newest security feature is designed to look out for such permissions, which are “frequently abused by fraudsters”, and block the app’s installation.

“Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources,” it added. 

Source…

DDoS attack was cause behind internet connectivity outage for public healthcare institutions in Singapore, ETCIO SEA

/in


Investigations on the internet connectivity disruption for public healthcare institutions which happened on 1 November 2023 showed that the outage was caused by a Distributed Denial-of-Service (DDoS) attack, where the attackers flood servers with internet traffic to prevent legitimate users from accessing online services. As per national healthtech agency Synapxe, which is responsible for the IT operations that support the country’s public healthcare network, no evidence has been found to indicate that public healthcare data and internal networks have been compromised.

Internet connectivity at public healthcare institutions was disrupted between 9.20am and 4.30pm on 1 November 2023, with most of the affected services restored by 5.15pm. During the disruption, services requiring internet connectivity at public healthcare institutions, including websites, emails, productivity tools for staff, were inaccessible.

Throughout the incident, Synapxe was able to sustain the mission critical systems needed for clinical services and operations at the public healthcare institutions, including access to patient records. Patient data and the internal networks remained accessible and unaffected. Patient care was not compromised.

Synapxe’s networks are protected in a layered defence designed to detect and respond to cyber threats, including DDoS attacks. Its systems are also designed with redundancies for resilience, and these include system backups. To minimise the risks of being overwhelmed by higher-than-usual internet traffic, Synapxe subscribes to services which block abnormal surges in internet traffic before they enter our public healthcare network. In addition, once the traffic is cleared by the blocking service, firewalls are in place to allow only legitimate traffic into the network.

On 1 November 2023, an abnormal surge in network traffic was detected at 9.15am. This surge circumvented the blocking service, and overwhelmed Synapxe’s firewall behind the blocks. This triggered the firewall to filter out the traffic, and all the websites and internet-reliant services became inaccessible. Once the cause was identified, Synapxe…

Source…

$32k gone and $12k in debt: Woman falls for malware scam while buying fish online, Singapore News

/in


Lured in by an advertisement for grouper fish fillets on Facebook, this woman had the misfortune of falling for a scam, hook, line and sinker.

A woman surnamed Qiu, 58, was contacted by a ‘salesperson’ through WhatsApp on Aug 25 after clicking on the advertisement, Shin Min Daily News reported on Friday (Sept 22).

Qiu was instructed to download an application called “Grab&Go” in order to place her order for the fish.

Although she had her suspicions at first, Qiu decided to go ahead with the ‘purchase’ when she realised the app didn’t ask for her bank information.

Instead, all it required was her name, address and mobile phone number.

That night, however, her phone was suddenly inoperable. She assumed it was out of battery, and tried charging it.

But when she did a routine check on her bank account two days later, Qiu discovered that she only had a few dollars left across three bank accounts.

[[nid:648928]]

Additionally, she found herself some $12,200 in debt on two credit cards.

Qiu immediately reported this incident to the police and approached the bank for information – as it turned out, $32,287 had been withdrawn from her three accounts on Aug 25, she said.

One of the accounts is a joint account shared with her 16-year-old daughter, Qiu told Shin Min. That account now only has $3.06 left of the original $6,000.

“I had put my daughter’s ang bao money, scholarship money and so on in this account, which can then be used to repay my daughter’s insurance loan. 

“There are only four years left on the loan, so how can I bear to terminate it?”

Qiu also reportedly sought help from the Monetary Authority of Singapore.

However, she was told they had no way of helping her retrieve her money.

New variant of malware scams

In a press release by the police on Thursday, they announced their observation of a “new variant of malware scams”. 

Victims in this form of malware scam are contacted by ‘salespeople’ via messaging platforms such as WhatsApp and told to download an application.

Internet banking credentials can then be stolen via a keylogger in these applications, allowing scammers to access victims’ bank accounts and perform unauthorised transactions.

“In the…

Source…

Singapore Records Highest Increase in Ransomware Attacks in 2023, According to Sophos

/in


Sophos on Wednesday released its annual “State of Ransomware 2023” report, which found that the rate of ransomware attacks on Singaporean organisations increased considerably in 2022 with 84 per cent of organisations surveyed saying they were a victim of ransom, which compares to 65 per cent the year before. This increase meant that Singapore reported the highest rate of ransomware attacks of all countries surveyed this year.

In 61 per cent of attacks on surveyed organisations, adversaries succeeded in encrypting data with 53% of those who had data encrypted paying the ransom to get their data back. This is up from 48 per cent last year and higher than the global average of 47 per cent.

On a global scale, the survey also shows that when organisations paid a ransom to get their data decrypted, they ended up additionally doubling their recovery costs (US$750,000 in recovery costs versus US$375,000 for organisation that used backups to get data back). Moreover, paying the ransom usually meant longer recovery times, with 45 per cent of those organisations that used backups recovering within a week, compared to 39 per cent of those that paid the ransom.


AI-PoweredAI-Powered

When analyzing the root cause of ransomware attacks, the most common was an exploited vulnerability (involved in 43 per cent of cases), followed by compromised credentials (involved in 26 per cent of cases). This is in line with recent, in-the-field incident response findings from Sophos’ 2023 Active Adversary Report for Business Leaders.

Data for the State of Ransomware 2023 report comes from a vendor-agnostic survey of 3,000 cybersecurity/IT leaders conducted between January and March 2023. Respondents were based in 14 countries across the Americas, EMEA and Asia Pacific and Japan. Organisations surveyed had between 100 and 5,000 employees, and revenue ranged from less than US$10 million to more than US$5 billion.

Source: https://www.sophos.com/en-us/content/state-of-ransomware

Chester Wisniewski, field CTO, Sophos

Rates of encryption are very high, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to…

Source…