Ensuring phishing protection is an important security measure. But that cannot be guaranteed without a minute study of the recent trends of cyberattacks. Here are the latest updates from the world of digital security for this past week:
Ransomware Hits Cooke County Sheriff’s Office
In a recent attack, the adversaries have encrypted and stolen the confidential files of the Sheriff’s Office for Cooke County, Texas. Although the Sheriff’s Office hasn’t disclosed anything about the ransom’s data theft or nature, it is speculated that the attack was from the REvil ransomware group.
This anti-phishing protection failure of Cooke County is the most recent one among other such attacks by REvil. The adversaries have threatened to sell all stolen data within a week if their financial demands aren’t met. The compromised details include data related to past and present police cases.
Dating Apps Not Protecting User Data
Security researchers have identified five apps that have not been following the phishing prevention best practices lately. Some of the dating apps used predominantly in the United States and East Asia have been letting out customers’ details, including their names, billing addresses, phone numbers, profiles, private/direct messages, and other sensitive information.
These leaked details are publicly available on sites like MongoDB databases, and AWS buckets. Users of CatholicSingles, YESTIKI, Blurry, Congdaq/Kongdaq, and Charin and Kyuun need to adopt phishing prevention measures. But this serves as a message to all dating app users in general, to take email phishing prevention seriously.
Data Breach At BMW
In the newest revelation, Tel Aviv based darknet threat intelligence firm KELA found a database with details of over 380,000 BMW car owners in the U.K. for sale on the dark market. The database had been put up for sale by the KelvinSecurity Team hacking group, which was involved in selling data belonging to U.S. firm Frost & Sullivan recently.
The compromised details include the initials and last names, emails, addresses, vehicle numbers, dealer names, etc. of the victims. BMW car owners in the U.K. are advised to adopt phishing prevention tips.
Adware Functions In The Background Of Android Devices
Security researchers at Kaspersky found that 14.8% of Android users become targets of mobile malware or adware with undeletable files. This malware includes trojans that install apps without the user’s permission and continuously operate in the background.
Some of the detected trojans include Lezok, Triada, Agent, Sivu, Necro.d, Penguin, Facmod, Plague, Virtualinst, Guerrilla, Secretad, etc. In other cases, mobile devices come with in-built, undeletable apps like the ‘AppStore,’ which are nothing but hidden adware consuming internet and battery. But these apps can download and execute third-party JavaScript code, which is why it’s so important to subscribe to anti-phishing services.
Data Breach At Bcycle
Fort Worth’s bicycle-sharing service BCycle recently underwent a data breach that compromised the details of around 12% of its users. The exposed features include the names, credit card numbers, and addresses of all users who signed up for a membership pass between 24th January and 26th April.
However, the company is doing everything in its control to prevent phishing attacks, right from notifying customers to offering free identity theft protection to victims for a year.
Fake Currency Calculator App Distributing Trojan
An app going by the name of “Calculadora de Moneda” has been conning Spanish users lately. The mentioned currency calculator app disguised its way into the Google Play store and initially intended to function as a regular currency app. But once it had attained the trust of the 10,000 users who had downloaded the app, it began to distribute the Cerberus Trojan.
The app defies all phishing attack prevention measures and reads users’ text messages, two-factor authentication (2FA) details, etc. Spanish users of the app are advised to stay on guard.
Beware Of Celebrity Endorsed Bitcoin Scams
Bitcoin scams have become rampant, but this time the adversaries have intensified their wicked schemes and created fake websites. To increase credibility, they have also added fake comments and interviews with celebrities on these websites where renowned stars praise a cryptocurrency trading platform.
Almost 250,000 people fell for this trick in the U.K., Australia, South Africa, the U.S., Singapore, Malaysia, and Spain. A lot of sensitive information was breached in the attack, enabling attackers to launch a plethora of cyberattacks in the future.
Security Breach At Over 570 Online Stores
Owing to the hacker group ‘Keeper actions, over 570 stores have experienced data breaches in the last three years. Keeper has launched a variety of web skimming, e-skimming, or Magecart attacks since April 2017.
A security research group could successfully track the Keeper’s actions and found a list of online stores hacked by the group. Keeper has compromised over 700,000 payment cards to date, a list of which is available with the researchers.
CNY Works Undergoes Data Breach
A ransomware attack hit CNY Works recently, which has probably affected 56,000 of its users. Although the compromised details include just the names and Social Security numbers of CNY users, it poses a severe security threat. Security numbers are often used by attackers to procure other sensitive user information. The adversaries use this stolen information to apply for credit cards in the name of the victim and make purchases.
However, CNY has reported that they are taking all possible security measures to ensure protection against phishing. They hired a group of security researchers to investigate the breach and successfully restore some encrypted files. CNY has also offered free membership in Experian IdentityWorks Credit 3B to all affected customers for a year to ensure that they do not become victims of some identity theft.
Hackers Leaking Clubillion User Data Every Day
Researchers recently found that adversaries have been publicly sharing the details of millions of users of the casino app Clubillion. These details include their emails, private messages, winnings, and I.P. addresses.
Although Clubillion was notified on 23rd March and the database was secured on 5th April 2020, the adversaries continued to add information to this database every day. The daily data size went up to even 50GB. The users of the gambling app need to get anti-phishing tools before hackers make them pay a heavy price for online gambling!