Facebook Account Mysteriously Hacked: The Police Was Not Able To Help

As we all know, social media can take all our free time and even create addiction.  This was the case with one Australian software support specialist, who recently decided to deactivate her Facebook account precisely to fight her social media addiction.

However, several months later, the account mysteriously appeared.

Different Password

According to 9news.com, an Australian website, Louise tried to login to her account, but she realized that the password has been changed. She was confused at first but eventually decided to forget about it.

The matter would have probably stayed forgotten if other two strange circumstances hadn’t happened. Few months later, Louise realized that she can’t access her other Facebook account either. This caused more confusion, so she decided to check her Instagram account.

This is when she realized that her Instagram account has been lost.

It Didn’t Stop There

This time she couldn’t just drop the matter and forget about it. Her active accounts have been lost and inaccessible. Unfortunately, it didn’t stop there.

One day, after a short travel, she needed to check her emails but while trying to assign in to her account, she realized that somebody changed her password. At this point, it was rather obvious that someone hacked all her accounts.

The most frightening part was that they did this to try to gain access to her bank and Centrelink accounts.

 “There was also an address changed on my Centrelink account to an address that I have never heard of in my life.”

No Help From Facebook

Louise’s friends informed everyone on their social media profiles that Louise’s accounts have been hacked. Louise also wrote to Facebook and explained her situation, hoping the could help her.

The only idea that came to her mind was to write a private message to her hacked account. So, she did it. Several hours later, her message was read, which only proved that there was someone using her account and watching all her photos and conversations.

“This person was seeing everything – clear copies of my bank details, cards, visa and passport details, copies of drivers’ license, Medicare – and more over personal images and messages.”

391054-PCEIQK-500

No Help From The Police

The only thing left to do was contact the police. Louise reported the matter to Queensland police, but their answer brought no comfort. They told her they cannot help her because the issue was not under their jurisdiction.

Desperate, Louise then turned to ACORN (Australian Cybercrime Online Reporting Network) and ID CARE, the national identity and cyber support service, hoping they would take the matter more seriously.

Unfortunately, this was not the case. They too gave no assistance.

Help Comes at Last

The website 9news.com, found out about Louise’s case and decided to help her out. They contacted Facebook and received a reply from them and managed to regain Louise’s accounts in 48 hours.

Louise was grateful for this but frustrated at the same time because even though the news website was able to help her, how come the police and the government agencies couldn’t?

It Can Happen to Anyone

According to 9new.com, Louise wanted her experience to be a warning to others.

“I’m not a naive person when it comes to the dark side of the cyber world. I did my certificates in Information Technology, I work in the IT industry, I take all the security measures available like an antivirus program, regular scanning of my computer, not clicking on emails or links that look suspicious, changing my passwords often.”

“I know there are people out there that aren’t as aware as I am and are even more of a vulnerability than myself, yet they still got me.”

Conclusion

When it comes to social media accounts, keep in mind that your deactivated accounts are in same danger as your active accounts. Deactivation implies that even though the account is in no longer in active use the data is still there. The same goes for old accounts that may have been forgotten.

 

 

 

 

Future Threats Of The Cyber World

Age of Artificial Intelligence is upon us. Artificial Intelligence is started being used and it will be used in broader areas. If you did not notice before, YouTube tracks what you watch and recommends you other videos that you might like. If you like the video that was recommended, you choose to watch and let the circle continue.

At one point, you don’t even notice that the main topic of the video has changed. You started watching a video about a do-it-yourself project that you want to do, but now you are watching top 10 goals in the World Cup 2018.

Thus, you end up losing so many minutes or even hours in front of your computer and doing what YouTube offers you to do. If you can’t resist watching recommended videos, it seems like your brain is hacked, doesn’t it?

Integration of Artificial Intelligence into our lives

In 2016, the public’s opinion about contentious issues in United States, such as gun control and the presidential election, was aimed to be manipulated through social media. In this manipulation, autonomous computer programs – bot accounts – were used to tweet or share propagandas.

In 2016, Microsoft created an AI chatbot to act like a curious teenage girl and engage in smart conversations with Twitter users. The chatbot Tay displayed extremely racist and sexist behaviors in less than a day.

In 2017, a new technique called Deepfake has been introduced to create new videos. This technique consists of combining and superimposing existing images and videos onto source images or videos with the help of deep learning. This lead to creation of fake celebrity or revenge pornography on the internet. Furthermore, it was also used to damage the reputation of known politicians.

H. Kim et al., 2018/Gizmodo

Comparison of the two studies – the right one done in 2017 and the middle one in 2018. The background does not move anymore. Source: H. Kim et al., 2018/Gizmodo

As of 2018, Deepfake videos are getting harder to differentiate form the real videos. This shows that it is very abuseable and can be used for hoaxes.

All of the examples above have something in common: Artificial Intelligence.

More Malicious Stuff…

One of the most sophisticated malware ever – Stuxnet was released to neutralize Iran’s nuclear infrastructure in 2010. It was designed to spread like a worm and release its payload once it knows that it is inside of the right computer. That was the reason it stayed unseen and it infected over 200,000 computers.

But how?

As a proof of concept, a variation of WannaCry ransomware, which uses deep neural networks to hide and release its payload once it detects the target, was presented by IBM researchers.

DeepLocker was integrated into a video conferencing software. The malware was hidden showing no malicious behavior and the software was working well so that it could be downloaded and used by millions of users.

Designed by Macrovector, can be found on https://www.freepik.com/free-vector/webcam-fixed-on-computer-or-laptop-with-model-data_2874853.htm

Designed by Macrovector

Meanwhile, DeepLocker was waiting for its prey. As programmed, it was using facial recognition neural network and scanning the user via the webcam. Once it acquired the target face, it activated the ransomware encrypting all the files on the computer. A personal ransomware…

Tricking the Artificial Intelligence

There are several reports and studies that show how Artificial Intelligence is targeted by malicious attacks. These attacks aim to manipulate the input data to cause neural networks to act in a misleading way.

For example, students of MIT made computer vision algorithms to flag a toy turtle as a rifle by making minor tweaks to a toy turtle. While this seems as not harmful, a study that is made by University of Michigan, the University of Washington, and the University of California, Berkeley showed that placing small black and white stickers on stop signs made these signs undetectable by Artificial Intelligence of self-driving cars.

Adversarial Artificial Intelligence Attacks

It is extremely difficult to do reverse engineering and investigate the vulnerabilities of neural networks due to their impervious nature. If hackers find a vulnerability within the Artificial Intelligence by chance or trial and error, it would be very easy for them to exploit it secretly.

To relieve the raised concerns, Adversarial Artificial Intelligence Attacks are very hard to develop and even if they are developed, they usually do not work consistently. However, if we look at how Artificial Intelligence was used to create perfectly Deepfake videos, it is only a matter of time before hackers create AI infused malware or Adversarial Artificial Intelligence Attacks.

A New Threat That Will Leave Windows Users Helpless Soon

A new multipurpose attack tool, L0rdix, is currently on sale in Deep Web Forums that are hosted by hackers. L0rdix is written in .NET and designed to infect computers with Windows operating system. It aims to steal and mine while being in stealth mode.

Despite being a one-attack-tool, L0rdix is capable of many actions. It can be considered as a Swiss Army Knife for cyber criminals.

Multiply and conquer!

With its USB infecting module, L0rdix finds and marks all connected removable devices in the network. It changes each file and directory’s attributes to hidden and copies itself in their place with the same name and icon. Thus, it will infect other removable devices when the user double clicks on files.

Takes over the control

With its botnet functionality, L0rdix is able to open a specific URL in a browser, kill a specified process, execute cmd commands, upload files, download and execute an executable file in your computer. It can also execute DDOS attacks by sending large number of HTTP requests on a specific host by its HTTP traffic overloading feature.

Stealing and cryptocurrency mining

L0rdix is after your private data. It aims to collect all files, which match the list of extensions from the configurations data, from your desktop or its directories, cookies and saved login credentials from your browser like Chrome, Kometa, Orbitum, Comodo, Amigo, Torch and Opera.

Designed by Brgfx, can be found on https://www.freepik.com/free-vector/a-man-doing-cryptocoin-mining_2176008.htm

Designed by Brgfx

With its miner functionality, L0rdix can also take over your computer and use its resources for cryptocurrency mining without your consent.

Decision to make

After a targeted computer is infected, L0rdix collects information about your computer, such as version of the Operating System, CPU model, all installed antivirus solutions, device ID, user privileges. It encrypts the collected data along with a screenshot of the infected computer then sends to command and control server. According to this forwarded information, L0rdix updates its files and settings to decide whether to mine and steal or not.

Along with the functionalities above, the developers of L0rdix made it highly advanced so that it can differentiate the virtual environment from the real world. When it is in the virtual environment, L0rdix does not execute itself. Therefore, it cannot be analyzed by common malware analysis tools.

And more…

According to researchers, L0rdix consists of other unfinished modules and weak implementation details. This indicates that L0rdix is still under development and more sophisticated versions of it will cause troubles in the future.

New troubles of the cyber world

While we at Zemana are working to eliminate zero-day threats by implementing deep learning mechanisms into our products and applying new multi-layered defense systems, it is no surprise that cyber criminals are working to create new types of malware that are harder to be detected and cause more damage than before.

Designed by Zirconicusso, can be found on https://www.freepik.com/free-vector/thief-stealing-the-information-from-de-devices_939988.htm

Designed by Zirconicusso

Users: Weakest link in the cyber security chain

This is the reason why there is are no computers in the world that cannot be hacked. Everyday hackers find new weaknesses to exploit and most of these new weaknesses become exploitable because of the careless and negligent users.

Zemana Endpoint Security protects your corporate network with its multi-layered defense while restricts your users. Your IT department can create policies to block applications, malicious websites or other websites that contain certain keywords, removable devices such as USB, Bluetooth devices, CD Roms, disk drives, and more.

Your business will be more secure once the weakest link in the chain is handled. This is why Zemana Endpoint Security will come in handy in controlling careless and negligent users in your corporate business environment.

This is What You Should Avoid This Shopping Season

Holiday shopping season is finally here and many of us can’t wait to surprise our loved ones with new things. Some of us are looking forward to spoiling ourselves too. 😊 Black Friday, Thanksgiving, Christmas shopping – these are all around the corner.

New data shows that 91 percent of the people shopping this weekend will buy at least one thing online. Mobile shopping is expected to jump 32% and will represent nearly half of all ecommerce sales. However, keep in mind that the shopping season is open for cyber criminals as well.

 

Cyber Criminals Are Also Shopping

Unlike you, they are not looking for exclusive deals and discounts, they are shopping for something else:

  • Your passwords
  • Your credit card credentials
  • Account takeover

 

Tips To Help You Out

Here are some tips you should follow this holiday season:

  1. Don’t use the same password

You should avoid using the same username/password. For many, this is inconvenient and often annoying, but it will help you not become an easy victim of cybercrime. If you need help remembering your passwords, try utilizing a password manager. For sites where your data is more valuable, use stronger, more complex and unique passwords to ensure they can’t be reverse engineered by hackers.

  1. Don’t overshare

Don’t overshare personal information on your social media accounts. This means you should avoid sharing your birth date, hometown etc. because cyber criminals can use it to commit identity fraud or open a new account in your name. Also, don’t forget to make your profiles private jus for your close friends and family.

  1. Keep an eye on suspicious links

Never click on unknown or suspicious links in your email or on a website. These usually contain malware and can infect both your PC and your network. Phishing still makes up half of online frauds, so keep this in mind when you do your online shopping this Black Friday.

  1. Always read app permissions

Before downloading an app, make sure you have read the permission requested by the app. If you don’t, you are risking putting various pieces of malware on your device, that can record or steal your personal information.

  1. Don’t store your credit card credentials

Next time you are making an online purchase via an e-commerce provider, make sure you don’t store your credit card credentials and payment information in your account.

  1. Buy from known companies

One of the easiest ways to protect yourself online is to buy from reputable companies such as eBay, Target, Best Buy etc.

  1. Use your credit card

Don’t make online purchases with your bank debit card. Rather, do it with your credit card because credit cards are more sophisticated methods in preventing frauds.

  1. Always shop using a secure network

Don’t use public and open Wi-Fi connections to perform online purchases. Stick to the private ones that need a password. Keep in mind that web protocols such as HTTPS encrypt communications, but in some advanced attacks even those could fall to a man-in-the-middle attack. Always look for the HTTPS lock symbol in your browser address window when buying online.

  1. Watch out for fake deals

Cyber criminals know that you are out there looking for the best and cheapest offers. They will try to trick you by showing you ads that promise amazing deals and discounts. Don’t be fooled by this.

 

No Need To Worry Too Much

These warnings should not keep you from shopping online. You simply need to stay aware and follow the tips we shared with you. They will help you shop smarter and with confidence.

WannaCry: Still Threatening To Make You Cry

One and a half year later, WannaCry ransomware is still considered as one of the most serious threats in cyber world as well as the most widespread in the ransomware family. According to statistics, it has attacked 74,621 users worldwide.

Biggest Ransomware Epidemic in History

In May 2017, WannaCry caused one of the biggest ransomware epidemics in history and left devastating consequences. Its target were mostly businesses, factories and hospitals. WannaCry was unique because this was the first large ransomware attack targeted at the healthcare vertical and affected not only computers, but also many medical devices like MRI machines.

Unfortunately, latest data shows that it is still spreading uncontrollably.

WannaCry spreads via the use of the EternalBlue exploit, a leaked NSA hacking tool with worm-like capabilities.

Microsoft released a patch to protect systems from the exploit almost two months before WannaCry hit, but unfortunately, many organizations still hadn’t applied the update, leaving their network vulnerable.

Attackers know the power of EternalBlue, and still regularly deploy it to help spread trojans, cryptocurrency miners and other malware campaigns.

wannacryyyy

Created by Jemastock – Freepik.com

Continuing Threat

The ending is not near. EternalBlue is still threatening unpatched and unprotected systems.

Many security experts are now concerned that the original version of WannaCry might not be the most urgent threat. It is rather the ability of hackers to reengineer and refine the malicious piece of software.

Many firms are still struggling to act a year after WannaCry, with IT security employees saying that their companies are more exposed than it was a year ago. It seems that there was panic immediately after the WannaCry attack, but nothing has changed since.

According to one of the studies, 62% of UK companies responded immediately after the attack and 38% redefined the process for reacting to security incidents. However, many businesses are still struggling with basic systems management tasks, such as patching, which are critical to preventing future attacks.

Lack of Awareness

One of the most crucial factors in enabling ransomware or any other type of malware to spread is lack of awareness. Senior leadership teams fail to realize how exposed their companies are to cyber threats. They also often fail in educating their employees about the dangers of cyber threats and ways to protect themselves.

Another crucial factor is that companies still don’t have backups of their critical data.

Companies should not let their guard down. They need to plan ahead to tackle the newest threats, making it difficult for attackers to be successful at their job.

Antivirus and Antimalware Protection is a Must

Even though, the situation is serious there is no need to panic. You are safe with Zemana AntiMalware and Zemana AntiLogger. Both products are designed to protect you from all types of ransomware, including WannaCry.

Years of careful ransomware character investigation helped Zemana in developing the best possible anti-ransomware tool. For that, Zemana AntiMalware has been rated as the best ransomware protection for years by MRG Effitas.

In case you are not yet a user of Zemana products, just go here, download any of Zemana products and stay ransomware free. Get the proactive protection that will make your mind worry free.

Modern Day Assassination Tool: Spyware

What is Spyware?

As the name itself suggests, spyware is a malicious software used to spy on someone’s privacy. It can be used to capture data through screenshots or webcam captures. Another common way is through a technique called keylogging. This technique allows the malicious software to record every keystroke made by the user, which means it can steal your passwords, credentials or any other confidential information.

It is often used to record your phone calls as well or steal your phone contacts information. The use of spyware increased rapidly in 2017 by 30%. Modern day criminals are using this piece of malware as a tool in performing different attacks, including assassinations.

Hiding in the Background

Spyware is not easy to detect because it hides in the background. Many people don’t have a clue that someone is watching them or recording their data right at this moment. However, there are some indicators that can tell you if this threat is hidden somewhere on your device. You PC or mobile device could slow down or freeze from time to time, but this doesn’t have to happen necessarily.

Khashoggi Murder

Few days ago, US whistle-blower, Edward Snowden stated that Saudi Arabia used Israeli spyware to track and murder Saudi journalist Jamal Khashoggi.

Snowden claimed that Saudi used software that was designed by Israeli cyber intelligence company to track and target Khashoggi, which lead to his murder on 2 October inside the Saudi Consulate in Istanbul.

He believes that there is no way Saudi Arabia could have known Khashoggi’s plans and movements without using the technology developed by NSO Group Technologies. This company is known for developing the “Pegasus” software which can be used to remotely infect a target’s mobile phone and then relay back data accessed by the device.

It has already been revealed that Saudi Arabia used Pegasus software in October to eavesdrop on Khashoggi’s friend, a 27-year-old Saudi dissident Omar Abdulaziz, who was a prominent critic of the Saudi government on social media. The revelation was made by the Canadian research group Citizen Lab. They proved that the software had been used to hack Abdulaziz’ iPhone between June and August this year.

Snowden also reminded everyone that Israel is routinely at the top of the US’ classified threat list of hackers along with Russia and China.

Increased Usage of Spyware

In his speech, Snowden emphasized that Mexico used NSO Group’s most notorious software to target journalists. It is believed that the Mexican government started using the Pegasus software in 2011, which coincided with a dramatic increase in the assassinations of Mexican journalists.

In 2017, Mexico was rated as the second-deadliest country for journalists in the world just behind war-torn Syria due to the high number of murders.

The NSO Group responded directly to Snowden’s claims with assertions that it only sells Pegasus software to clients on the condition that it be exclusively used to investigate or prevent crime and terrorism.

A Killing Device or a Protection Tool?

Even though, NSO Group claims their software is used in preventive purposes, the evidence does not support this claim.

There are many organizations who do not use spyware because they believe these tools and practices cross a legal line. However, not everyone shares this viewpoint. Lobbyists are trying actively to prevent anti-spyware regulation.

Therefore, one question keeps rising. Do governments use this sophisticated software to target dissidents and members of the press rather than criminals or terrorists?

 

Modern Day Heists: Bank Hackings

On November 6th, Federal Investigation Agency (FIA) Cybercrimes Director Capt. Mohammad Shoaib reported that almost all the banks in Pakistan were hacked and suffered a major security breach.

The data breach was revealed when 10 banks blocked all international transactions on debit and credit cards. FIA did high level investigation when 100 cases of security breach was reported in the recent past.

According to investigations, the first case of the cyber attack on banks was reported by BankIslami on October 27th. BankIslami blocked all international transactions when they noticed unusual transactions that are worth around 20,000 USD.

In addition to the stolen cash, data of over 8,000 account holders was sold on the black market. A gang was arrested when its members used stolen data to withdraw money from the banks in the disguise of Pakistani Army personnel. FIA wrote to all banks to increase their security against the data breach.

Designed by Macrovector, can be found on https://www.freepik.com/free-vector/thief-and-robbery-horizontal-banners-set-with-stealing-cars-and-internet-theft_2873128.htm

Designed by Macrovector

Hackers vs. Robbers

With the implementation of online banking, the financial systems across the world are the best targets for cyber-attacks. The heists do not happen with guns anymore. Hackers can heist thousands of dollars without getting up from their seats.

When hackers find a weakness in the targeted banking system, they can infiltrate it from another computer from a random location. Since cyber heists are less risky for the hackers, banks must take all security precautions to prevent all kinds of data breach. In the end, banks will be held responsible if their security features are weak.

To Ensure Cyber Safety and Safe Online Transactions

The banks must protect all of end user devices, which connect to their IT infrastructure such as laptops and cellphones, from all kinds of malicious software. To achieve this objective an advanced corporate network protection software, is a must.

We at Zemana are aware that cyber threats are becoming a greater danger in the corporate world, so this is why we invested a lot of resources, time and energy into our business solution, Zemana Endpoint Security. This product offers full protection of your corporate network. You can learn more about it here.

All data stored on end user devices or a cloud must be encrypted. Thus, in an event of a data breach the stolen data cannot be used or the login credentials can be changed until the decryption process is completed.

As many banks use third-party services to give their customers better service, banks should be aware that if a third-party service has a weak cyber security system, it will also weaken banks’ security system.

In this case, the banks should take vendors’ cyber security systems into consideration before deploying their solutions. Banks should consider doing penetration tests to find vulnerabilities of their IT infrastructure.