India Lacks Awareness of Cyber Threats Related to Cryptocurrencies: Avast Report
The awareness and knowledge of cyber threats associated to digital currencies in India are very low, despite around 77% of Indians being familiar with such currencies, said a report released on Thursday by Avast, a consumer-focused cybersecurity software company.
Around 23% of consumers are unconcerned about cryptomining malware infecting their personal and smart home devices. Among this group, 39% mistakenly believe that cryptomining malware cannot affect them as they do not own or mine cryptocurrencies themselves, the report said.
The research was carried out to better understand public perceptions and knowledge of cryptomining – the malicious process of covertly mining cryptocoins using malware planted on an individual’s device. Two-thirds (66%) of Indian consumers said they have heard of malware or infected websites mining cryptocurrencies.
Indian consumers adopt an apathetic attitude towards malicious cryptomining, shows the report, which is based on research carried out by the company to better understand public perceptions and knowledge of cryptomining.
Around two-thirds (66%) of the consumers have heard of malware or infected websites mining cryptocurrencies, though they do not have sufficient knowledge about it, the report said.
“We are seeing a significant increase in cybercriminals recruiting Internet of Things (IoT) devices and smartphones to botnets with the intention to mine cryptocoins. The malware can run surreptitiously in the background on any smart device – it doesn’t matter if the victim owns a cryptocurrency or not. At Avast, our goal is to dispel the myths associated with malicious cryptomining and educate people about the risks to personal data and device performance,” said Martin Hron, Security Researcher at Avast.
A compromised machine or device can also increase the risk of personal data theft, the report said. “For victims, this can mean higher energy bills, lost productivity, poor device performance and shorter device lifespan,” it said.
There have been a few cases where websites have offered visitors a choice between viewing ads or mining cryptocurrencies in the background. Half of the users in India said they would choose cryptomining for an ad-free online experience, the report said.
Avast conducted the survey in April 2018. Over 1,020 PC users were polled. Almost one-fifth (19%) own or invest in cryptocoins and 37% are planning to invest in cryptocoins.
Experts Say Cryptocurrencies Related Crimes Will Surpass All Other Cyber-Attacks in 2018
Tel Aviv cybersecurity conference witnessed leading experts weighing the pros and cons of cryptocurrencies like bitcoin and the risks of blockchain technology in financial transactions. Lotem Finkelsteen, a threat intelligence analyst with the Israeli cybersecurity company Check Point Software Technologies, said “not a day goes by without our hearing about a new ICO [initial coin offering] scam or mining attack.” The term cryptocurrencies related cyberattack means all attacks related to cryptocurrencies involving financial scams and hacking. Haim Pinto, the CTO of Bank Hapoalim, Israel’s largest bank said, “As long as we are under anti-money laundering and FATCA rules, we have to know the source of customers’ money.” Pinto added cryptocurrencies present problems for banks seeking to comply with anti-money laundering and privacy regulation.
Defence Sector More Prone To Cyber Threats: Defence Minister Sitharaman
Defence Minister Nirmala Sitharaman on Tuesday said the defence sector is more prone to cyber threats and there is a need to safeguard the country’s cyberspace from possible attacks.
Sitharaman touched upon the need to create a workforce in all establishments in accordance with the nation’s vision to become a dominant force in cyberspace
“The defence minister stressed upon the fact that the defence sector is more prone to cyber threats and hence it becomes important to safeguard our cyberspace with anticipation of possible attacks,” according to a defence ministry statement.
She was speaking after the inauguration of a workshop on Cyber Security Framework for Department of Defence organised by the department of defence production under the ministry.
Addressing the workshop earlier on Tuesday, Secretary (Defence Production) Ajay Kumar said all defence PSUs and ordnance factories are increasingly relying on information technology, and any compromise in information and cyber security in defence production can have far-reaching consequences on the effectiveness of the defence forces and national security.
Kumar also emphasized the need to establish a strong, robust and resilient cyber-security infrastructure on a priority basis.
Phishers Bypass Office 365 Protections by Using ‘ZeroFont’ Techniques
Cybercriminals have been leveraging a technique that involves manipulating font sizes in an effort to increase the chances of their phishing emails bypassing the protections implemented by Microsoft in Office 365.
According to cloud security company Avanan, one of the phishing protection in Office 365 involves natural language processing in order to identify text typically used in fraudulent or malicious emails.
For instance, researchers say the system flags emails mentioning “Apple” or “Microsoft” but not coming from legitimate domains, or messages referencing user accounts, password resets or financial requests.
In recent attacks spotted by Avanan, cybercriminals sent out phishing emails in which some of the content is set to be displayed with zero-size font using <span style=”FONT-SIZE: 0px”>. The security firm has dubbed this technique ZeroFont.
“Microsoft cannot identify this as a spoofing email because it cannot see the word ‘Microsoft’ in the un-emulated version. Essentially, the ZeroFont attack makes it possible to display one message to the anti-phishing filters and another to the end user,” Avanan’s Yoav Nathaniel said in a blog post.
Last month, Avanan reported that cybercriminals had been splitting malicious URLs in an effort to bypass the Safe Links security feature in Office 365.
Google Home & Chrome Cast Leak Precise Location Data: Researcher
A newly discovered attack against Google Home and Chromecast devices can reveal a user’s precise physical location, a security researcher has discovered.
The issue, Tripwire’s Craig Young reveals, is related to two problems common to the Internet of Things (IoT) devices: the rare use of authentication for connections received on a local network and the frequent use of HTTP for configuration or control. Because of these poor design choices, websites can sometimes interact with network devices.
Young discovered that Google’s Home app, which is used to configure Google Home and Chromecast, performs some tasks using a local HTTP server, and some commands are sent directly to the device, without authentication.
The app implies that the user should be logged into a Google account linked with the target device, but no authentication mechanism is built into the protocol level, Young says.
Using an attack technique called DNS rebinding, the security researcher was able to “use data extracted from the devices to determine their physical location with astonishing accuracy.”
Through DNS rebinding, an attacker can implement a piece of code on a website to bridge to the local network and bypass the same-origin policy (SOP).
“I was able to create a basic end-to-end attack that worked for me in Linux, Windows, and macOS using Chrome or Firefox. Starting from a generic URL, my attack first identifies the local subnet and then scans it looking for the Google devices and registers a subdomain ID to initiate DNS rebinding on the victim. About a minute after the page had loaded, I was looking at my house on Google Maps,” Young says.
The security researchers also note that, even in incognito mode, Google Maps can typically locate a device within 10 meters. This is apparently possible through the analysis of Wi-Fi access point data and triangulation using information collected from devices that opted into Google’s enhanced location services.
The newly discovered attack, the researcher says, can be leveraged for blackmail or extortion purposes, in scams like fake FBI or IRS threats to release sensitive information or photos to friends and family.
Videos Sensitizing People on Cybercrime Launched by Indore Police in Association with the Cooperative Bank.
The cyber police cell of Indore state police jointly with a cooperative bank has launched two videos in order to sensitize people about rising cybercrime in the city. The documentaries have been shot by the cyber cell where it is shown that a link sent to man after a telephonic conversation of him winning a price amount of 80, 000 leads to him entering his card details, where he is duped of lakhs of rupees. Ending the movie, the officials promoted the awareness of cybersecurity issues and how such things can be avoided.
“It is high time to create awareness against the hazards of cybercrime. The best way is to introduce this as a full-fledged subject in schools and colleges,” SP Singh told TOI. He also added that they regularly take sessions and conduct workshops for school and college students to make them aware of the cases they deal with on a daily basis.
Hackers Steal $30 Million From Top Seoul Bitcoin Exchange
Hackers stole more than $30 million worth of cryptocurrencies from South Korea’s top bitcoin exchange, sending the unit’s price falling around the world on Wednesday.
The virtual currency was priced at $6,442 dollars late afternoon in Seoul, down about 4.4 percent from 24 hours earlier, after the latest attack on Bithumb raised concerns over cryptocurrency security.
Hyper-wired South Korea has emerged as a hotbed of trading in virtual units, at one point accounting for some 20 percent of global bitcoin transactions — about 10 times the country’s share of the global economy.
Bithumb, which has more than 1 million customers, is the largest virtual currency exchange in the South.
“It has been confirmed that virtual currencies worth 35 billion won ($32 million) was stolen through the late night Tuesday to early morning Wednesday,” the exchange said in a statement.
All deposits and withdrawals were suspended indefinitely to “ensure security”, it said, adding the losses would be covered from the firm’s own reserves.
It was the second major attack on South Korean virtual currency exchanges in just 10 days after hackers stole 40 billion won from Seoul-based Coinrail, which suspended withdrawal and deposits services since then.
Your Digital Location is Protected by the Constitution: US Supreme Court
On Friday, the U.S Supreme Court ruled that access to historical cell-site records of a person location based on their mobile phone can be obtained only after a warrant is issued for the same thus requiring law enforcement.
“This is a landmark case for privacy, and how the court will deal with emerging technologies going forward,” said Aloke Chakravarty, a partner in the Denver-based law firm of Snell & Wilmer via email. “It creates a new lens through which to view a government’s ability to obtain third-party records where a criminal defendant neither possesses the records, doesn’t have a property interest in them, may not even know they exist, and he cannot personally even access them”, he told.
However, Chakravarty added, “Supreme Court’s decision provides little direction to law enforcement or to the third-party holders and users of this data. If the location data at issue before the court revolved around what websites a defendant visited, it would probably have been less controversial. As data analytics and marketing information is increasingly the currency of the cyber-realm, this type of data collection is going to increase, going to interconnect, and in the view of five of the justices, whether transactional data becomes entitled to specialized content-like privacy protections will be determined by a post-hoc review of what you can do with the data, depending on the ‘nature of the particular documents sought’ and the legitimate expectation of privacy in their contents.”
SABRIC Reports: South Africa has the Third Highest Victims of Cybercrime Worldwide
As per the reports of South African Banking Risk Information Centre (SABRIC), South Africa has the third highest number of cybercrime victims worldwide resulting in a loss of about R2.2 billion each year to it. This reports clearly indicate that anytime a person logs onto his or her smartphone, computer or opens an email, he/she is at risk of being exposed to cybercrime. Most of the targets are affected by Identity Theft, Ransomware, and Phishing. “The most common crimes were generally low-tech, such as attempts to trick individuals into revealing their personal information through bogus emails,” said Maanda Tshifularo, Head of Dialdirect Insurance. He also added that each affected individual on an average spends a minimum of 2 days dealing with the aftermath of the attack.
Google Announces New Anti-Spoofing Software Feature to Make Biometric Authentication Secure
Google announced that a better model for improving biometric security will be available in Android P, allowing mobile app developers to integrate an enhanced mechanism within their apps to keep data safe. Current metrics being used in Android biometric authentication involves False Accept Rate (FAR) and False Reject Rate (FRR) in combination with machine learning techniques. Two more new metrics have been introduced called Spoof Accept Rate (SAR) and Imposter Accept Rate (IAR), that explicitly account for an attacker in the threat model.
“As their names suggest, these metrics measure how easily an attacker can bypass a biometric authentication scheme,” Vishwath Mohan, a security engineer with Google Android team, says. “Spoofing refers to the use of a known-good recording (e.g., replaying a voice recording or using a face or fingerprint picture), while impostor acceptance means a successful mimicking of another user’s biometric (e.g., trying to sound or look like a target user)”, he added.
Generally based upon the user biometric input SAR/IAR metric values define whether it is a strong biometric or weak biometric. If while unlocking it falls under weak biometric, Android P will now enforce strict authentication policies on users.
- It will prompt the user to re-enter their primary PIN, pattern, password or a strong biometric if the device is inactive for at least 4 hours (such as when left at a desk or charging).
- In case, you left your device unattended for 72-hours, the system will enforce policy mentioned above for both weak and strong biometrics.
- For additional safety, users authenticated with weak biometric would not be able to make payments or participate in other transactions that involve a KeyStore auth-bound key.
Google is now also offering easy to use BiometricPrompt API. “BiometricPrompt only exposes strong modalities, so developers can be assured of a consistent level of security across all devices their application runs on,” Mohan said. “A support library is also provided for devices running Android O and earlier, allowing applications to utilize the advantages of this API across more devices.”