Heena Sharma Blog

  Cyber-security researchers have identified a stash of 167 counterfeit Android and iOS apps being used by hackers to steal money from people who believe they have installed a financial trading, banking or cryptocurrency app from a trusted organization. Researchers at cyber-security firm Sophos investigated the fake apps and found that many were very similar. The attackers targeted users through dating sites and lured victims into installing money-stealing apps disguised as popular brands. Some apps included an embedded customer support "chat" option. When researchers tried to communicate with the support teams using the chat, the replies they received used near-identical language. The researchers also uncovered a single server loaded with 167 fake trading and cryptocurrency apps. Taken together, this suggests that the scams could all be operated by the same group. Read More

  Cybercriminals targeting web applications have grown more reliant on automated tools as nearly 20 per cent of the attacks detected were fuzzing attacks, trying to find the points at which applications break to exploit, a report said on Wednesday. Fuzzing is the usually automated process of finding hackable software bugs by randomly feeding different permutations of data into a target programme until one of those permutations reveals a vulnerability. The cloud-enabled security solutions provider Barracuda Networks that analyzed a sample of two months of blocked data on web application attacks in the month of November and December, found that the top five attacks using automated tools were fuzzing attacks, injection attacks, fake bots, App DDoS and blocked bots. Read More

  Prime Minister Narendra Modi 's account on the micro-blogging website Twitter was hacked briefly. The social media giant confirmed the compromise and said "active investigation" was underway. The hack appears to have happened during the wee hours of Thursday and the hacker group John Wick posted tweets appeared urging followers to make donations to 'PM National Relief Fund for COVID-19' through cryptocurrency. The account is linked to Modi's personal website narendramodi.in and has around 2.5 million followers since it was created in May 2011. "We're aware of this activity and have taken steps to secure the compromised account. We are actively investigating the situation. At this time, we are not aware of additional accounts being impacted," said Twitter India spokeswoman in response to queries. Read More               

The coronavirus (COVID-19) outbreak has cast a shadow on cyberspace as well. Subex, a Bengaluru-based firm that provides analytics to telecom service providers, said hackers are using the panic and confusion to trick employees and other stakeholders into downloading infected payloads or malware. In a situation where many employees work from home or access wi-fi networks that operate at enterprise-level security, devices such as routers can be hacked to plant a range of malware into handheld devices used by employees. “ Such devices could be turned into zombies or bots and added to botnets or used to launch attacks on systems and networks it connects once the employee is back in the office,” said Prayukth K V, chief marketing officer, Internet of things (IoT), Subex. Subex said this indicates a high level of adaptability as far as hackers are concerned. It said there were concerns that the outbreak could be used to breach networks and infrastructure components to either atta

Microsoft has said that it obtained a court order allowing it to seize web domains used by North Korean hacking groups to launch cyberattacks on human rights activists, researchers and others. The US technology giant said on Monday that a federal court allowed it to take control of 50 domains operated by a group dubbed Thallium, which tricked online users by fraudulently using Microsoft brands and trademarks. "This network was used to target victims and then compromise their online accounts, infect their computers, compromise the security of their networks and steal sensitive information," said Tom Burt, Microsoft's vice president for customer security and trust. "Based on victim information, the targets included government employees, think tanks, university staff members, members of organizations focused on world peace and human rights, and individuals that work on nuclear proliferation issues. Most targets were based in the US, as well as Japan and Sou

Since the revelations about the Pegasus spywar e having been used to snoop on more than a hundred Indians, many are justifiably worried. You may think that if you are doing things that the government or powerful interests may not like, then it may seem like all the more reason to arrive at the decision that because you cannot do anything about the snooping, it is best to stop using your phone or stop communication altogether. Some may feel equally justified in reaching the conclusion that you should forget about security and go about your business seeing that you cannot protect yourself any way. It is true that it is very, very hard to protect yourself against a hack like this. Perhaps not with Pegasus, which has probably run aground, but other hacks of this kind will most likely occur again. But that does not mean you should give up on either communicating, or on communicating securely. Because the reality is that while you may not be able stop an attack like this, you

Senior government officials in multiple US-allied countries were targeted earlier this year with hacking software that used Facebook-owned instant messaging app WhatsApp to take over users' phones, according to people familiar with the messaging company's investigation. Sources familiar with WhatsApp’s internal investigation into the breach said a “significant” portion of the known victims were high-profile government and military officials spread across at least 20 countries in five continents. The hacking of a wider group of top government officials' smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences. WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 us

Google and Facebook collect information about us and then sell that data to advertisers. Websites deposit invisible “ cookies ” onto our computers and then record where we go online. Even our own government has been known to track us. When it comes to digital privacy, it’s easy to feel hopeless. We’re mere mortals! We’re minuscule molecules in their machines! What power do we possibly have to fight back? That was the question I posed to you, dear readers, in the previous “Crowdwise.” Many of you responded with valuable but frequently repeated suggestions: Use a program that memorizes your passwords, and make every password different. Install an ad blocker in your web browser, like uBlock Origin. Read up on the latest internet scams. If you must use Facebook, visit its Privacy Settings page and limit its freedom to target ads to you. What I sought, though, was non-obvious ideas. It turns out that “digital privacy” means different things to different people. “ Everyone

The discovery that hackers could snoop on WhatsApp should alert users of supposedly secure messaging apps to an uncomfortable truth: “End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them. According to a report in the Financial Times on Tuesday, the spyware that exploited the vulnerability was Pegasus, made by the Israeli company NSO. The malware could access a phone’s camera and microphone, open messages, capture what appears on a user’s screen, and log keystrokes — rendering encryption pointless. It works on all operating systems, including Apple’s iOS, Google’s Android, and Microsoft’s rarely used mobile version of Windows. The cybersecurity community has known about it for years, and activists have been raising hell about its use against dissidents and journalists in dozens of countries — although NSO itself says it doesn’t sell Pegasus to unsavory regimes and t

About 100 million users of Quora were affected by unauthorized access to one of its systems by a "malicious third party," the knowledge-sharing website said on Monday. Account information, including name, email address, encrypted password and data imported from linked networks when authorized by users may have been compromised, it said. The company said it is logging out all Quora users who may have been affected to prevent further damage. "We are in the process of notifying users whose data has been compromised," Quora CEO Adam D'Angelo said in a blog post. The breach, discovered on Friday, did not affect question and answers that are written anonymously, the company said, adding that it has also notified law enforcement officials. "We have retained a leading digital forensics and security firm to assist us," it said. Read More Business Standard