MazerBOT Targets Android Phones – Unless They’re In Russia

Malware, or malicious software, includes everything from your pop-up ads to opening doors for full-scale hacks to companies. Taking a trip the malware museum shows you how software like Dridex can not only threaten banking systems but also your everyday smartphone. The latest malware on the Net is called MazarBOT and has a unique feature, it won’t install itself if you are in Russia.

MazarBOT has been seen advertised on certain forums for a few months now but was never actually seen in use, until now. MazarBOT is a nasty piece of software that takes control of your android phone, with a specific focus on people who use their phone for online banking. Peter Kurse, IT security expert and founder of CSIS Security Group, did a deep investigation into the problem discovering more about this malware.

By sending a “swarm” of SMS’s to random phone numbers to Denmark, the software has started to spread by sending a message with a link to the android package file, the contents of which are none other than MazarBOT. Able to intercept text messages, including those with two-factor authentication codes, MazarBOT is a nasty piece of work, sending your phone’s location to a number (starting with Iran’s country code) upon successful installation.

Upon detecting that the phone is in Russia though the malware will stop installing, this is initially thought to be in order to avoid drawing the wrath from Russia’s security services.

White Hat Hacker Tweaks Dridex Malware to Distribute Antivirus Software

The Dridex banking malware has been a huge headache for a large part of the financial and technology industries, but it seems there’s a white knight out there looking to turn the tables on this pesky infection. After a mysterious hijacking of the virus distribution servers, they’ve now started dealing out legitimate installers for Avira Free Antivirus, thus helping to remove the infection from systems and hopefully clearing up a few other issues along the way. The bonus being that anyone stupid enough to fall for the infection in the first place could technically come out cleaner on the other side.

The malware is most often spread through spam messages and malicious Word documents. Being one of the three most widely used trojans in the world, the malware targets online banking users and steals information before feeding it back to a server where it can be used to take money, as well as other information from your accounts. Agencies in the UK and US managed to disrupt the botnet last year, even going as far as indicting a man in Moldova who they believe was responsible for the attacks, but it did little, if anything, in the long run to prevent the botnet from distributing the software.

Researchers at Avira recently noticed that the Dridex distribution servers begin pushing an up-to-date Avira web installer instead of the trojan, which is obviously a great step in combatting the problem, although how long this will last remains to be seen.

“We still don’t know exactly who is doing this with our installer and why, but we have some theories,” said Moritz Kroll, a malware expert at Avira, via email. “This is certainly not something we are doing ourselves.”

The only theory that makes sense so far is that a white hat hacker has hijacked their servers and tried to turn the tables.

“I really think it is a hacker who has discovered how to do a good thing but perhaps with not strictly legal methods,” Kroll said. “If you think about it, there was a huge media announcement when Dridex was ‘taken down’ by the government authorities and a much smaller level of reporting on its return to the marketplace. That has got to be frustrating to some and might cause them to think: ‘The government tried to take it down, they could not, I can do something myself’.”

Either way, anything that slows this nasty bit of software is a good thing!

NCA Warning After Hackers Steal £20 Million from UK Bank Accounts

The UKs National Crime Agency have urged the people of Britain to ensure they take adequate measures of online security after a significant strain of malicious software allowed criminal hackers to steal an estimated £20 million from UK bank accounts.

The highly skilled malware developers are thought to be based in Eastern Europe. The details that are collected are then exploited to steal money from individuals and businesses globally. The NSA has reported one significant arrest in relation to the multi-million pound scam. However, only after thousands of computers had already been infected by the Dridex malware known as Bugat and Cridex, with the majority of computers being Windows based machines.

Computers can become infected with the virus when users open documents in emails they believe to be legitimate. I myself have recently received emails proclaiming to be from PayPal stating: “Your PayPal account has been limited! Take a few moments to confirm your information. After you do, you can shop online and send money using your account.” After checking PayPal directly (not through the given link) I establish that there was no such limitation on my account.

To avoid becoming an unwilling victim of the costly Dridex malware the National Crime Agency is encouraging all internet users to ensure they have up to date operating systems and anti-virus software installed on their machines, to protect themselves from further cybercrime attacks. The NSA also urged users to visit the CyberStreetWise and GetSafeOnline websites where they state there is a number of anti-virus tools are available to download to help clean up infected machines; these sites also are a great way to gain further advice on how to protect yourself in the future.

Mike Hulett, Head of Operations at the National Crime Agency’s National Cyber Crime Unit said:  “This is a particularly virulent form of malware and we have been working with our international law enforcement partners, as well as key partners from industry, to mitigate the damage it causes. Our investigation is ongoing and we expect further arrests to be made.”

What measures do you take to ensure your online security? Let us know down in the comments below.

Thank you National Crime Agency for providing us with this information.

Latvian Malware Creator Pleads Guilty to Hacking Charges

Deniss Calovskis is a Lativan man who helped code part of the Gozi virus and has finally accepted his role in the project during a court hearing. The virus was first discovered way back in 2007 but ran rampant for many years and supposedly infected over a million computers worldwide. During the court proceedings, Calovskis said:

“I knew what I was doing was against the law,”

The Lativan government originally resisted against the USA’s deportation request because they strongly believed the 60 year jail term did not qualify as “proportionate punishment”. However, after a prolonged and heated legal discussion, the Lativan government agree to deport Calovskis providing he only served a maximum of two years, and agreed not to appeal the result. Now a compromise has been achieved, the court hearing is scheduled for the 14th December. Controversially, it’s unknown if the 10 month term Calovskis spent in jail in Latvia counts towards his final jail time.

Calovskis and two other people are responsible for stealing millions of dollars from online bank accounts. One of his accomplices, Nikita Kuzmin has been in jail since 2011 in relation to hacking and fraud. Another individual called Mihai Ionut Paunescu is currently in the middle of an extradition dispute. At least the hackers are being brought to justice after long and drawn-out legal proceedings.

Thank you BBC for providing us with this information. 

iPhone 6C Rumoured to Have a 4-Inch Display and Metallic Body

There are always speculations about what the next Apple devices will boast. However, sometimes these speculations turn out to be true, so here it is. According to a blog post on MyDrivers.com posted a pic, emphasising how the upcoming iPhone 6C would look like.

The blog also mentions that the global investment banking firm, Jefferies, said Apple is still considering small screens for their low-end handset, which means that we have a lot of chances to see a 4-inch iPhone 6C this fall. In addition to the latter, Apple is rumoured to ditch the cheap plastic body for a full-on metallic body. However, this might mean that the price would be bumped up a bit since metallic bodies are more expensive than plastic ones.

The investment firm also hints that Foxconn Technologies will be in charge of shipping most of the iPhone 6C models, which is to be expected since Apple used Foxconn as their main supplier for their components in the past. However, take the information with a grain of salt, since rumours are just rumours until they are officially announced. But since we are talking about Apple here, we are definitely going to see what they have cooking right before they plan on shipping it.

Thank you MyDrivers.com for providing us with this information

Mastercard Trials New Scheme to Replace Passwords with Selfies

The convenience of online shopping has applied severe pressure on traditional retail stores and many companies went into administration due to large overheads. In the past, consumers were rightfully concerned about fraud and a lack of protection when purchasing from unfamiliar websites. Thankfully, there are now security certificates and enhanced checks before a transaction can be completed. For example, MasterCard utilizes a SecureCode system which requires you to input a password before the payment is processed. This adds another layer of protection and failing to enter the right code on 3 occasions will enforce a card block. To remove this, you must contact MasterCard and provide a wide range of security details.

MasterCard’s SecureCode is a fantastic way to protect yourself online and eliminates the hassle of being contacted via a card company when a large transaction is made. However, any security expert will advise you to create different passwords for various credentials. If you currently only use one password across banking, entertainment mediums and other accounts, please change it immediately. Storing a different password for every purpose can be a difficult task and most users do not trust password management software. MasterCard believes the answer could be via photo recognition.

So how does this work? Firstly, an image corresponding to your account is recorded on file and compared to a snapshot you take to confirm your identity. The data from the image is converted into binary form and users must have the MasterCard app installed on their smart device to proceed. This piece of software also supports fingerprint recognition which many modern phones are beginning to accommodate. MasterCard has selected a small sample of 500 people and awaiting feedback to see if this is the future of internet banking. In a CNN Money interview, a MasterCard executive explained,

“We want to identify people for who they are, not what they remember.”

“We have too many passwords to remember and this creates extra problems for consumers and businesses.”

“The new generation, which is into selfies … I think they’ll find it cool. They’ll embrace it.”

I’m not entirely convinced though that customers are so willing to share their personal data even if an algorithm is used to analyse the picture. One’s privacy seems to be diminishing rather fast in the modern world and there might be a backlash from consumers who feel this new system is too personal and overly intrusive.

Let us know what you think of this new security system. Would you have a problem taking a photo of yourself to buy online items?

Thank You Sky News for providing us with this information.

Scientists Developing Unforgeable Credit Cards

Dutch scientists have created a theoretical system that could render credit cards nearly impossible to clone. Currently, credit cards are secured by numerical encryption which, given the appropriate equipment, can be deciphered so that the card can be copied. Scientists at the University of Twente in the Netherlands propose using quantum encryption to secure the credit cards of the future.

Quantum technology uses shaped photons to transmit data in configurations so unique they are the technological equivalent of a fingerprint. Project leader Professor Pepjin Pinkse explains, “The best thing about our method, which we’ve called Quantum Secure Authentication (QSA), is that secrets aren’t necessary… so they can’t be filched either.”

The team maintain that the system could be easily implemented using current technology, so credit card cloning could soon become a thing of the past.

Source: E & T

Barclays Announces Video Banking

Barclays has announced that from 8th December, a select number of its customers will be able to talk directly to banking staff at any time of day.

The service will allow customers to speak face-to-face with a Barclays staff member, possibly one they’ve spoken to before, about their account and other banking matters. Barclays is posting the service as a way to bring the in-store experience completely online.

“While many of our customers are increasingly using digital channels to complete routine transactions, for the important moments, you just can’t beat face-to-face conversations, yet traditional branch opening hours don’t always give customers that choice.” – Steven Cooper, Barclays CEO of Personal Banking.

Primer account customers will be able to take advantage of the new service first, while all customers will eventually receive access throughout next year.

Let’s hope they don’t get the same abuse Amazon’s Mayday service has encountered.

Source: BBC News

UK Banks Will Have Their Cyber Defenses Tested in Live Cyber War Games

Banks in the United Kingdom will have their network security tested over the next few months, as part of a live cyber war demonstration.

This will present banks and the UK government with better analysis of where the financial industry currently stands, with the threat of a major data breach frightening IT security experts. The Bank of England helped spearhead the project, while banks continue to have a close relationship with the GCHQ.

Here is what Stephen Bonner, KPMG cybersecurity team partner, recently noted:

“It’s the first time that banks are having their systems tested for security threats in a live environment as opposed to a simulated or isolated one.”

Global cybercrime ravages the economy, racking up £248 billion in costs each year, and the number is only climbing higher, the Center for Strategic and International Studies (CSIS) claims.

Here is what Paul Docherty, Portcullis Computer Security technical director, recently said regarding the tests:

“A defender has to block every possible route of entry and the attacker only has to find one. That’s the position the banks are still in, the world is so connected now they have to look in every direction to protect themselves.”

Following the successful data breach of JPMorgan Chase in the United States, cybersecurity experts in the UK have become alarmed about a similar breach in the UK. Although financial institutions tend to have better security defenses against data breaches, stealing money – and compromising bank customers – remains a lucrative goal for criminals.

Image courtesy of Phoneworld.com.pk

Google is Forced to Censor Negative Information through ‘Right to be Forgotten’

The law given by the European Union, forcing Google to remove links to information people wish to no longer have available on the Internet, is apparently working like a charm. It is so perfect that even criminals, higher-ups and even ordinary people can remove negative information about them, having corrupt politicians, pedophiles, murderers and others come out with a clean sheet.

One such example is a link to a BBC article about Stan O’Neal, former CEO of Merrill Lynch, who led the bank in mid 2000, a time when the mortgage crisis was at its peak. When it finally hit, Merrill suffered huge losses, having the bank sold to Bank of America. O’Neal lost his job as a result, having him exit the banking market with an estimated $161.5 million. The article in question has nothing wrongly written, but it does describe O’Neal’s incompetence during that period in time, having him selling the company without discussing the sale with the board of directors. And as history will remain history, having it removed will no longer be an example to avoid for young investment bankers.

Another notable example is about a former politician who wanted to remove links to a news article regarding his behavior when previously in office. By removing the article, he would have had a clean sheet, securing him a new position to run for. The news article in question is about the politician in question possessing child sexual abuse imagery. Yes, these are people representing nations, having one of the most important functions in a state and also, thanks to the ‘Right to be forgotten’ law, they can even stay ‘clean’ now.

Business insider was told by Forget.me, a company filing these types of request to Google, that they are currently filing around 250 requests per day, having the number of request and type of data to be ‘covered’ displayed below:

If this is not terrifying enough, then maybe the fact that the entire process is so non-transparent that the consequence for the individual is even worse than what the courts intended is. People who have done grave things in the past and we don’t know of just yet may well be our neighbors in the future. The EU law is indeed necessary for some cases, but the extreme cases in which the information could help avoid the same actions in the future, that is not meant to be erased. And yes, this should be terrifying for everyone.

Thank you Business Insider for providing us with this information
Images courtesy of Business Insider

Cash Machines Infected With Malicious Software Via USB Drive

A recent presentation at the hacker-themed Chaos Computing Congress in Hamburg, Germany has detailed how several cash machines were infected with software that allowed thieves to withdraw the cash multiple times before being discovered. The machines were vandalised to allow the insertion of a USB flash drive to the underlying computer, the drive then installed software on the system that runs the cash machine, and the hole was patched up so that it wasn’t obvious that the machine had been compromised.

The thieves were then able to return to the machine at any time and enter a 12 digit code, this brought up a special interface that they had installed which listed the total number of each note, then allowing them to extract the most amount of money in the shortest amount of time.

The intrusion was discovered in July after the lender involved noticed that several machines were being emptied, but that their safes were unharmed. Surveillance was increased and the banks discovered the sneaky tactics that were being used. Interestingly the thieves setup a system to prevent them betraying each other (return to the machine alone). This involved a second prompt that required the user to phone another member of their gang, who would give them the decrypt code based on the numbers displayed on the cash machine.

Despite their efforts, extensive knowledge of the ATM hardware and software, and the great lengths they went to to disguise the hardware intrusion, they still named the file they installed on the system “hack.bat”, which obviously stood out from the usual file names.

Thank you BBC for providing us with this information.

Bank Employees Falls Asleep On Keyboard, A Lot Of Money Gets Moved

Falling asleep on the job is hardly anything new but a story reported by the Inquisitr might make you think twice about falling asleep on or near your keyboard. A German banker fell asleep on his keyboard and accidentally turned a small money transfer into an huge money transfer. The German banker was supposed to be moving €62.40 from the bank account of a retiree when he feel asleep on the keyboard and typed, or should that be face-pressed, €222,222,222.22 equaling about $293 million in USD.

What’s worse is that his colleague, who is supposed to verify transactions, acknowledged that this sum of money was correct and gave the transfer the go-ahead. Even more interesting is that the employee who verified this transaction was sacked by the bank after they discovered the error. The worker who was fired then took his employers to court and won, managing to get his job back. There is no information on whether the banker who actually fell asleep on his keyboard got dismissed or disciplinary action, but given the employee who verified it was fired, it seems likely the “perpetrator” of the mistake would get an even more serious punishment.

Either way this is surely a lesson as to why you should never fall asleep on the job, especially when you are near a keyboard attached to a work computer that isn’t locked or switched off.

Image courtesy of BleacherNation.com

U.S. & China To Setup A Joint Cyber Security Team

U.S. Secretary of State John Kerry said that the United States and China has agreed that both the countries need to work on Cyber Security. This would be an area where both the countries, especially China, will be able to earn each other’s trust and cooperation, as told by China’s Foreign Minister Wang Yi.

It wasn’t too long ago when both countries have accused eachother of series of cyber attacks. It was recently when U.S. said that the attacks originated from China, and they have targetted U.S. government corporates using computer networks to steal data from the respected sectors. It was also been said by a security firm that China has a secret military facility unit which is most likely where the attack originated from. China on the other hand claimed that it was a series of a large-scale attack, but it was then officials and business executives who attended China- U.S. Internet industry forum in Beijing said that both parties need to find a common ground.

Under Secretary of State of Economic Affairs Robert Hormats said in the forum,”It’s important to have a dialogue on this, but it’s also important that the dialogue be a means to an end, and the end is really ending these practices.”

Kerry said that “[Cyber Security] affects the financial sector, banks, financial transactions, every aspect of nations in modern times are affected by the use of cyber networking and obviously all of us – every nation – has an interest in protecting its people, protecting its rights, protecting its infrastructure”.

Its still unclear if U.S. will be allowed Chinese made hardware to be used in government sectors, especially in NASA, Judiciary and police departments.

Source: Reuters