Tag: spying | Page 4

How to check if that mobile app is spying on you

November 22, 2021/in Mobile Security

As smartphone users, many of us don’t think twice before handing over our devices to people we trust. Be it family, a friend or a colleague. Sometimes, it’s for the simplest of tasks—clicking a picture, trying that latest game or just listening to music.

But given the rapidly spreading use of a menacing form of spyware called stalkerware, it may be time to keep that mobile phone safe even from those you trust. And watch out for telltale signs that it may be compromised.

Also read: How to protect your phone from malware and cybercriminals

“Spyware”, as the word suggests, is any software that installs itself on your phone or any other device and starts monitoring your online behaviour without your knowledge. Once in control, attackers can access the camera to take pictures, record video and audio, and track a user’s precise GPS location. Stalkerware is one of the easiest to access.

“The main difference between stalkerware and other types of malware is that stalkerware usually is not used by some anonymous cybercriminals but rather by people that are known and often even very close to the victim,” says Ondrej David, malware analysis team leader at the multinational cybersecurity company Avast. “It is usually installed discreetly on smartphones by their ‘friends’, jealous spouses or ex-partners,” David explains on email.

In fact, Avast identified patterns between the use of stalkerware and the covid-19 lockdown in 2020. Last year, Avast Threat Labs, a global cybersecurity network feed of security researchers, discovered a 51% increase in spyware and stalkerware from March-June compared to January-February. It’s a trend that has shown a particularly steep upward curve in the second quarter of 2021, says David. In the case of India, Avast Threat Labs observed a 30% increase in spyware and stalkerware compared to the first quarter and a 47% year-on-year increase.

According to reports from other cybersecurity companies, stalkerware is hitting users around the world. The State Of Stalkerware In 2020 report, released by the cybersecurity firm Kaspersky in February, showed that 53,870 mobile phone users were…

Source…

China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying

August 26, 2021/in Internet Security

Steven Adair hunts hackers for a living. Back in January, in a corner-of-his-eye, peripheral kind of way, he thought he saw one in his customer’s networks — a shadowy presence downloading emails.

Adair is the founder of a cybersecurity company called Volexity, and he runs traps to corner intruders all the time. So he took a quick look at a server his client was using to run Microsoft Exchange and was stunned to “see requests that we’re not expecting,” he said. There were requests for access to specific email accounts, requests for confidential files.

He followed all this requested information to a virtual server off-site. “The hair is almost rising on my arms right now when I think about it,” Adair told NPR later. “This feeling of like, oh, crap this is not what should be going on.”

What Adair discovered was a massive hack into Microsoft Exchange — one of the most popular email software programs in the world. For nearly three months, intruders helped themselves to everything from emails to calendars to contacts. Then they went wild and launched a second wave of attacks to sweep Exchange data from tens of thousands of unsuspecting victims. They hit mom-and-pop shops, dentist offices, school districts, local governments — all in a brazen attempt to vacuum up information.

Both the White House and Microsoft have said unequivocally that Chinese government-backed hackers are to blame.

NPR’s months-long examination of the attack — based on interviews with dozens of players from company officials to cyber forensics experts to U.S. intelligence officials — found that stealing emails and intellectual property may only have been the beginning. Officials believe that the breach was in the service of something bigger: China’s artificial intelligence ambitions. The Beijing leadership aims to lead the world in a technology that allows computers to perform tasks that traditionally required human intelligence — such as finding patterns and recognizing speech or faces.

“There is a long-term project underway,” said Kiersten Todt, who was the executive director of the Obama administration’s bipartisan commission on cybersecurity and now runs the Cyber Readiness Institute….

Source…

Fears Chinese hackers are spying on YOUR computer as they exploit working from home to steal company secrets

July 22, 2021/in Computer Security

CHINESE hackers could be hacking into your computer while you work from home — and use it as a back door to steal your company’s secrets.

Beijing’s cyber henchmen are said to be exploiting the Covid pandemic that began in its own country to rinse the West of its valuable know-how.

China state hackers are said to be targeting routers of people working from home

The sinister warning comes from the National Cybersecurity Agency of France (ANSSI) which discovered China state hackers are targeting home routers as part of a massive cyber theft blitz to steal ideas they can then rip off.

It comes as MI5’s top boss will warn Britons to be on their guard about spying and hostile state attacks from the likes of China and Russia in the same way they are about terrorism.

ANSSI said the Chinese hacking group — known in security circles as APT31 — is targeting less secure household routers used by staff working from home as a way of breaking into their employers.

The agency warned: “[We] are currently handling a large intrusion campaign.

“Attacks are still ongoing and are led by an intrusion by APT31.

“It appears from our investigations that the threat actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks.”

The threat actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance

National Cybersecurity Agency of France

Crucially, this method allows them to steal secrets without companies and organisations knowing it has happened.

On Monday UK’s National Cyber Security Centre said APT31 was sponsored by the Chinese government and had recently hacked Microsoft Exchange servers.

These are commonly used by people working from home, especially for email.

Foreign Secretary Dominic Raab said: “The cyberattack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour.

“The Chinese Government must end this systematic cyber sabotage and can expect to be held to account if it does not.”

Western cyber spies fear China state hackers are exploiting the pandemic by targeting those who are working from home — Western cyber spies fear China state hackers are exploiting the pandemic by targeting those who are working…

Source…

Aviation, Defense, Health Care Targeted in Global Chinese Spying, Hacking Scheme

July 20, 2021/in Computer Security

The four hackers named in an indictment alleging a conspiracy to hack computers in order for China to gain a competitive advantage. Photo credit: justice.gov

Federal prosecutors in San Diego announced charges Monday against four Chinese nationals accused of hacking computer systems across the globe to steal information to benefit the Chinese government.

The defendants allegedly belonged to and worked for the Hainan State Security Department. The indictment described the agency as a provincial foreign intelligence arm of the People’s Republic of China’s Ministry of State Security.

According to prosecutors, the alleged thefts occurred between 2011 and 2018, involved victims in a dozen countries, and mainly centered “on information that was of significant economic benefit to China’s companies and commercial sectors.”

Authorities allege the goal was to install malware and other hacking tools in computer systems in order to steal data from foreign governments, universities and companies.

The hacks targeted a wide range of industries, including aviation, defense, health care and infectious disease research, prosecutors said.

“This indictment alleges a worldwide hacking and economic espionage campaign led by the government of China,” said Acting U.S. Attorney Randy Grossman. “The defendants include foreign intelligence officials who orchestrated the alleged offenses, and the indictment demonstrates how China’s government made a deliberate choice to cheat and steal instead of innovate.”

The Hainan State Security Department, or HSSD, operated through a front company called Hainan Xiandun Technology, which was publicly marketed as “a fast-growing high-tech information security company,” according to the two-count indictment returned by a grand jury in May and unsealed last week.

According to the indictment, to gain initial access to victim networks, conspirators sent fraudulent phishing emails, that were buttressed by fictitious online profiles and contained links to doppelgänger domain names, which were created to mimic or resemble the domains of legitimate companies.

In some instances, they allegedly used hijacked credentials, and the access they…

Source…

Tag Archive for: spying