WhatsApp. Beware of cyber-crooks and scams!

This week, WhatsApp has announced that it now has 600 million active users.

The news was released by Jan Koum, the CEO and co-founder of WhatsApp, through his Twitter page. Koum made it very clear that this figure refers to the number of active, not registered, users, which means that WhatsApp’s user growth may actually be larger.

The term ‘active users’ refers to the number of users who have used the app at least once in the last month.

WhatsApp security
Despite the doubts raised a few months ago when Facebook bought WhatsApp, it seems that the messaging app continues to be as popular as ever. The figure of 600 million users affirms WhatsApp as the world’s most widely used instant-messaging application, well ahead of rivals like Line or Telegram.

But this success has also placed it in the crosshairs of cyber-criminals who, over the last few months, have come up with countless ways to exploit the app as a means to attack users.

Want to know how? Discover the most dangerous WhatsApp scams and beware of malicious messages!

The largest ever theft of passwords uncovered

What appears to be the greatest theft of user credentials in history has been reported by Hold Security, a small US security firm. No less than 1,200 million login credentials have been stolen from numerous websites around the world.

Although all the details are still not clear, it seems the cyber-crime group behind this theft used automated tools to exploit known bugs in databases such as SQL. Apparently, they were on the lookout for websites that had failed to update software and were therefore vulnerable to attacks. A total of 420,000 websites were targeted.

It’s still not known which websites are affected by the attack, neither have they all been contacted to advise them to update their defenses. Hold Security has yet to contact the authorities, although it planned to do so after reporting this story.

What can you do in the light of this attack?
It is clear that no matter how well protected your computer is, there’s nothing you can do if, as in this case, you are not the direct victim. Here for example they have stolen user databases from websites, not from users’ computers. That’s why one of the most important security measures you can take is to never use the same login credentials on more than one website. If you reuse usernames and passwords for different services you are increasing the risk, because if one of these sites is compromised, your other accounts will be vulnerable.

A good example of this was the recent case in Australia, where users of iPads/iPhones had their devices hijacked by cyber-criminals who demanded a ransom to hand back control. Some sources speculated that Apple’s databases may have been hacked, though the company denied this. Everything then pointed towards the source of the problem as being an Internet forum on which users had set the same password as they had for Apple’s iCloud service.

How to make a strong password

• Use numbers
• Include letters as well
• Combine upper and lower case
• Add symbols such as@, #, ? or %
• Where possible it should have at least eight characters. The longer it is, the more difficult it will be to guess
• Never use a run of consecutive numbers or letters: 123456; 987654; abc123
• Never use adjacent keyboard letters: qwer123; asd987
• Your password should not be something easily associated to you. Never use your name or date of birth.

Spanish hacker manages to control every room at a luxury hotel remotely

Imagine the following situation. You arrive at your hotel. And not just any hotel, no. A gorgeous 5-star hotel that occupies the top 28 floors of a 100-storey skyscraper. You enter your room and find a tablet with an app that lets you control the room temperature, lights, TV and even the blinds.

You’d probably be very surprised and also amazed by the latest technological developments. A hotel where the Internet of Things has finally become a reality: home automation at your fingertips! In this scenario, if, for example, something started to malfunction in your room, you’d probably think it is just a system error. But what if it wasn’t? Maybe a hacker has just taken control of your room...

Traveling in luxury
The hotel we have just described is real, as real as the iPad2 that guests find in their rooms. And yes, the hacker who managed to take control of this hotel’s rooms is also real.

His name is Jesús Molina, a San Francisco-based security consultant from Spain who, during a stay at the beginning of the year in Shenzhen, a Chinese city located approximately 50 minutes away from Hong Kong, discovered he could take control of every single room in his hotel.

This hotel is none other than the St. Regis Shenzhen, a luxury 5-star hotel that provides guests with an iPad 2 to control features of their rooms.

As explained by Molina at this year’s Black Hat convention, one of the world’s largest computer security events, he managed to control room devices in over 200 rooms.

Hacking without bad intentions
Molina limited his tinkering to turning on and off various “Do Not Disturb” lights in hallways, but claims that a hacker could take control of virtually every appliance in the hotel remotely, and the attacker wouldn’t even need to be in the same city, or country, as the hotel.

The deployment of the room automation system used by the hotel contained a flaw that could allow an arbitrary attacker to control the lights, TVs, temperature, music and even the automated blinds in every single room.

The problem stemmed from the fact that the hotel’s room automation system was based on KNX, an outdated, insecure standard from the 1990s. That, plus the fact that all devices were connected to the same Wi-Fi network that guests connect to, allowed Molina to write a script to potentially control every one of the hotel’s rooms.

The worrying thing is that a hacker with malicious intent could take advantage of a flaw such as this to perpetrate actions much more dangerous than Molina’s innocent manipulation. For example, rising the temperature of a room where elderly people sleep to 40 degrees Celsius in the middle of the night might have fatal consequences.

And not only that, Molina discovered that it wasn’t even necessary to be connected to the hotel’s Wi-Fi network to be able to access its automation system. Actually, any hacker could be able to access it from anywhere in the world, as the network didn’t use device authentication controls. In other words, it was possible to hack into the hotel’s network without having to use the iPads provided by the hotel.

Google Reportedly Prepping 'Child-Safe' Version of Services

Google is reportedly preparing to launch a child-centric version of some of its services — a move that would give kids their own Google accounts for the first time.

Currently, the company's age limit on those who can officially obtain a Google in the U.S. is 13 years old.

According to a report in a report by The Information Monday, the new initiative will allow younger users to obtain their own YouTube accounts on a "child safe" version of the video site.

Google will also start requiring that users disclose their age when signing up for a Google account on Android devices, the report says — and will give parents a dashboard application that will allow them to monitor the activity of their children on Google services.

Many underage children are likely already accessing Google's account-only services through various illicit means. Introducing such a change could dramatically increase Google's user base, particularly among children whose digital activities are more closely monitored by their parents.

"We don't comment on rumor or speculation," a Google spokesperson told Mashable when asked to comment on the report of the new initiative.  

Life was good without technology.

1983 vs 2013 Life was good without technology.

Do you agree?

Sony PlayStation Network Taken Down By DDoS Attack

It’s been a bad weekend for Sony Playstation. The entire PlayStation Network was down much of the day after a dedicated distributed denial-of-service (DDoS) attack by online attackers, which left the network inaccessible to users.

It's possible that EVE Online and Guild Wars 2 have also been hit by the attackers. Developers on the EVE Online forums have announced DDoS issues, and many users on the Guild Wars 2 forums have been reporting login issues.

Sony’s PlayStation Network is an online service that connects PlayStation 3 and PlayStation 4 video game consoles to the Internet and to over-the-top video services such as Netflix.

What’s weird about this attack is that it also includes a security threat against the American Airlines plane in which the President of Sony Online Entertainment, John Smedley, was traveling today. The aircraft along with a full load of passengers was diverted to Phoenix due to a bomb threat.

WHO BRING DOWN SONY PLAYSTATION NETWORK?
Two separate hacker groups, Lizard Squad and Famed God, took to social media, Twitter and YouTube, respectively, to claim responsibility for the DDoS attack on the entertainment company, which, according to Sony, inflicted an "artificially high" amount of traffic on the PlayStation Network and Sony Entertainment Network.

EXPLOSIVES IN AIRPLANE

At 1.30 p.m. ET, the Lizard Squad took group posted on Twitter that an American Airlines plane, with Sony Online Entertainment president John Smedley on board, had explosives, which caused the grounding of American Airlines flight 362 by way of a bomb threat on Twitter. The flight has since been sent safely on its way.

@LizardSquad Today we planted the ISIS flag on @Sony's servers #ISIS #jihad - 11:03 PM - 24 Aug 2014

Smedley later confirmed that his flight flying from Dallas to San Francisco was being diverted to Phoenix, Arizona. "Flight diverted to Phoenix for security reasons," he said. "Something about the security and our cargo. Sitting on Tarmack."

According to the company, no personal information had been leaked in the attack, but the rolling outage persists in various places, some ten hours or more after the attack began.

Think twice before downloading freeware

Free wallpapers, free music, and free widgets - these can all lead you to just click or swipe on links and icons without thinking twice about the malicious programs you’re letting into your computer. 

In this video, Trend Micro traces how your love for freeware downloads can lead to adware spying on your computer. 

Adware are known for the many troubles they ultimately may cause users, which range from displaying annoying ads to downloading malware. We found a specific adware that exhibited malicious behavior, showing that the permissions you give to adware can be risky for your computer and personal information.

Don’t fall for the “free” or “discount” trap, watch the video now and be informed!

Researchers Show Malware Can Hack Gmail App With 92% Success Rate

Researchers claims a new piece of malware can steal highly sensitive data from smartphone apps on Android, Windows Phone and iOS with up to a 92% success rate.

The researchers have showcased the proof-of-concept malware running on an Android smartphone with the malicious software able to steal information such as login details, credit card numbers and even sensitive pictures taken with the victim's smartphone camera.

The researchers have not shown the attack working on iOS or Windows Phone operating systems, but they believe that the weakness exists in both platforms to carry out similar attacks "because they share a key feature researchers exploited in the Android system."

One of the researchers, Zhiyun Qian, said: "The assumption has always been that these apps can't interfere with each other easily. We show that assumption is not correct and one app can in fact significantly impact another and result in harmful consequences for the user."

Benign
The attack only works if the attackers can get their victims to download what looks like a benign application, which is in fact a piece of malware. While this can be done on Android through third-party app stores, it is not as easy on iOS, while Apple only allows apps to be downloaded from the official App Store.

For the attack to work, say the researchers, it must happen at the exact time the victim is inputting the sensitive information the attackers are after.

In order to achieve this, the researchers have exploited "a newly discovered public side channel" - the shared memory statistics of an app's process, which can be accessed without any privileges.

The malware is constantly monitoring for changes in the shared memory of the target app (which can be anything from a banking app to Gmail or Amazon) and once the malware notices a change to what the researchers have called an "activity transition event" - such as taking a picture or logging into your Gmail account - the malware takes over and begins capturing the data.

92% successful
The researchers have released three videos (which can be seen here) showing the exploit in action, capturing login details, credit card information and pictures.

The researchers tested the malware against seven different apps including Gmail, Amazon, Newegg, Hotels.com and an app from Chase bank.

Of the apps tested Gmail was the most vulnerable with a 92% success rate in capturing sensitive data, while Amazon was the least vulnerable with just a 48% success rate.

The reason for the Amazon app's lower vulnerability according to the researchers was because it allows one activity to transition to numerous other activities, making it more difficult to guess which activity the app was using.

IBTimes UK contacted Google for a comment on the report with a spokesperson saying they are looking into the matter.

The researchers will publish their full report, called Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks on Friday, 22 August at a security conference in San Diego.

The authors of the paper are Zhiyun Qian, of the Computer Science and Engineering Department at University of California; Z. Morley Mao, an associate professor at the University of Michigan; and Qi Alfred Chen, a Ph.D. student working with Mao

Hackers breach social network MeetMe

Anyone who logged into social network MeetMe between Aug. 5 and Aug. 7 is being asked to change their password because hackers breached the MeetMe network and compromised certain user information.

How many victims? Undisclosed.  

What type of personal information? Usernames, email addresses and encrypted passwords.

What happened? Hackers breached the MeetMe network and gained access to the information.

What was the response? The vulnerability has been closed. MeetMe is notifying users and recommending that they change their passwords.

Details: Hackers gained access to the information between Aug. 5 and Aug. 7. Financial information was not compromised.

Quote: “There is no evidence that any accounts were accessed, but MeetMe contacted its users regarding the incident by email and with a notice posted on the site,” Aaron Curtiss, senior executive with communications firm G.F.BUNTING+CO, told SCMagazine.com in a Tuesday email.

Source: A Tuesday email correspondence with communications firm G.F. BUNTING+CO.

'AdThief' Chinese Malware Infects Over 75,000 Jailbroken iOS devices

If you have jailbroken your iPhone, iPad, or iPod touch and have downloaded pirated tweaks from pirated repositories, then you may be infected by “AdThief” malware, a Chinese malware that is now installed on more than 75,000 iPhone devices.

According to a recent research paper published on Virus Bulletin by the Security Researcher Axelle Apvrille, the malware, also known as "spad," was first discovered by security researcher Claud Xiao in March this year.

Till now, AdThief aka Spad malware has hijacked an estimated 22 million advertisements and stealing revenue from developers on the iOS jailbreak community, Axelle Apvrille says.

The malware allegedly infects iOS jailbroken devices by disguising itself as Cydia Substrate extension, presents only on jailbroken Apple devices, when a malware infected Cydia package is downloaded and installed by the unsuspecting user.

Once installed, the malware modifies certain advertisements displayed on your iOS devices in an effort to redirect all the revenues to malware developer. In short, if you download or install a free ad-supported iOS app from the App Store, all of the cash generated by that app goes to the cyber criminal behind AdThief rather than the app’s developer.

"In other words, each time you view or click an ad on an infected device, the corresponding revenue goes to the attacker, and not to the developer or the legitimate affiliate," Apvrille said. "[AdThief] hooks various advertisement functions and modifies the developer ID (promotion ID) to match that of the attacker."

Adthief has targeted advertisements from 15 popular mobile advertising networks, including Google’s AdMob and Mobile Ads, AdWhirl, MdotM, and MobClick, four of which were based in the US, two in India and the remainder in China.

The security researcher was able to identify the targets because the hacker mistakenly forgot to remove identifying information from the code. Further investigation allowed Apvrille to identify the coder who ran a blog providing details of various Android hacks, a Github and inactive Twitter account. Researcher located a Chinese vxer Rover 12421 who admitted writing the AdThief code but denied propagating it.

According to the researcher, the number of infected devices by the malware is small if compared to the figure of iOS devices in use, attackers likely generated significant revenue with an estimated 22 million advertisements hijacked.

The most important thing about this particular hack is that there is no way to find out if your device is infected by AdThief malware, because it runs in the background and is almost impossible to detect. Users of unmodified iOS devices need not to worry as they are safe from this malware infection.

Users of jailbroken Apple iOS devices are recommended to avoid downloads from untrusted repositories. Always be careful about adding new sources, and also be suspicious of those sources that promise pirated downloads of paid apps or tweaks.

Yahoo wants to encrypt all of your email, with Google’s help

Yahoo will offer its users full end-to-end email encryption and compatibility with Google’s own end-to-end email encryption at some point in 2015, CNET reports, as Yahoo chief information security officer Alex Stamos on Thursday confirmed the company’s email encryption plans at the Black Hat conference.

End-to-end email encryption will make it harder for third parties to snoop on user data, and it’s a step forward for Yahoo, which has already encrypted email at the data center level. The company hopes to work with other email providers in the future, in addition to Google.

“What this means is that eventually not only will Yahoo Mail users be able to communicate in an encrypted manner with other Yahoo Mail users, but also with Gmail users and eventually with other email systems that adopt similar methodologies,” Stamos said.

“We don’t have any other providers to talk about yet, but the hope is that this is open and will be adopted by many others in the email ecosystem,” a Yahoo spokeswoman said.

Yahoo will be offering its encryption source code to the community this fall, just like Google, hoping that its security will be further improved with help from Yahoo Mail users.

Combined, Google and Yahoo have almost 700 million email users, with Yahoo’s email usage estimated at over 273 million accounts.

Robin Williams goodbye video used as lure in social media scams

Within 48 hours of the news surrounding the death of actor and comedian Robin Williams, scammers honed in on the public’s interest and grief. There is currently a scam campaign circulating on Facebook claiming to be a goodbye video recorded by the actor just before his death.

Fake BBC news site with fake Robin Williams goodbye video

There is no video. Users that click on the link to the supposed video are taken to a fake BBC News website. As with many social scams, users are required to perform actions before they can view the content. In this case, users are instructed to share the video on Facebook before watching.

 Facebook share dialog with fake comments and shares

If a user clicks on the “Share on Facebook” button, they are prompted with a share dialog box. This box misleads users into believing this page has received millions of comments and shares but, actually, scammers have leveraged Facebook Open Graph metadata as a trick.  

Scam site asks users to install fake Facebook media plugin

After sharing the link to their Facebook friends, users won’t be presented with a video. Instead, they’ll be asked to install an application on their computer or to fill out a survey. Scammers operating these sites use affiliate programs to earn money for the completion of surveys and file downloads.

Symantec has alerted Facebook about this scam campaign and they are taking steps to block the offending URLs.

Over the years, scammers have used both real and fake celebrity deaths as a way to convince users to click on links and perform actions. From Amy Winehouse and Paul Walker to the fake deaths of Miley Cyrus and Will Smith, scammers are opportunistic and always looking for ways to capitalize.
 
Before you click on a link a friend may have shared on social media, follow these best practices:

• Be vigilant and skeptical when reading sensational stories on social media sites.
• Don’t install applications or do surveys in order to view gated content. It's a trick to put money in the pockets of scammers and your computer or device is at risk to malware.
• Visit trusted news sources for information. Instead of clicking on random links online, go directly to your trusted news source.
• Report suspicious content. Do your part by reporting these types of posts as spam.
  

Russian criminals steal 1.2 billion passwords

Russian criminals have stolen 1.2 billion Internet user names and passwords, amassing what could be the largest collection of stolen digital credentials in history, a respected security firm said Tuesday.

The news was first reported by The New York Times, which cited research from Milwaukee-based Hold Security. The firm didn't reveal the identities of the targeted websites, citing nondisclosure agreements and a desire to prevent existing vulnerabilities from being more widely exploited.

Hold Security founder Alex Holden told CNNMoney that the trove includes credentials gathered from over 420,000 websites -- both smaller sites as well as "household names." The criminals didn't breach any major email providers, he said.

Alex Holden of Hold Security said most of the targeted websites were still vulnerable.

Holden said the gang makes its money by sending out spam for bogus products like weight-loss pills, and had apparently amassed its collection of digital credentials for that relatively innocuous purpose.

"It's really not that impactful to the individuals, and that's why they were under the radar for so long," Holden said. "They've ignored financial information almost completely."

But Holden said the gang's success at amassing passwords demonstrates that weak security procedures are common on websites of all sizes.

The criminals began collecting user data a few years ago by simply buying it on the black market. Their stash has grown significantly this year thanks to their use of an automated program that trawls the Internet to find vulnerabilities on websites, Holden said.

The reported theft dwarfs the one revealed last year by discount retailer Target, which admitted in December that hackers had stolen credit- and debit-card data from 40 million accounts.

Hackers from Russia and Eastern Europe are known for launching sophisticated cyberattacks for financial gain. Beyond spam, organized crime syndicates in the region have engaged in more sophisticated activities like corporate espionage and the theft of credit-card details.

The extent of the theft shows people need to better manage their credentials, cybersecurity experts say. Most people keep the same password for multiple services, such as banking, email and social media accounts. That allows hackers to turn a single password database into a treasure trove.

One simple way to stem the damage is to use two-factor authentication whenever possible to sign into online services, said Eric Cowperthwaite, an executive at network security provider Core Security. This method requires you to enter a second password, usually generated by your smartphone, upon login.

Jay Kaplan, CEO of cybersecurity firm Synack, criticized the companies involved for not being alert enough about their own security.

"It's likely that most of them do not even realize how many times they've been compromised," he said.

Do We Want Google To Have This Much Power; Child Pornographer Caught By Gmail Scan.

A slightly disturbing piece of news: a child pornographer has been caught as a result of Google scanning his emails for known images of child abuse.

Hundreds of millions of email accounts are now being routinely scanned for illegal images, thanks to sophisticated new Google software

"Technology giant Google has developed state of the art software which proactively scours hundreds of millions of email accounts for images of child abuse.
The breakthrough means paedophiles around the world will no longer be able to store and send vile images via email without the risk of their crimes becoming known to the authorities.

Details of the software emerged after a 41-year-old convicted sex offender was arrested in Texas for possession of child abuse images.

Police in the United States revealed that Google’s sophisticated search system had identified suspect material in an email sent by a man in Houston. 

Child protection experts were automatically tipped off and were then able to alert the police, who swooped after requesting the user’s personal information from Google."

Yes, we know that Google has been scanning our Gmail in order to serve us ads. But this newer link into the criminal justice system is worrying. For of course such a tactic is not going to remain applied to one crime and one crime only. We can easily enough imagine extensions of it to mentions perhaps of drugs, or drug dealing. Or in countries with a rather lower level of protection for civil liberty than our own for certain buzzwords to do with the politics of those countries. And don’t forget that Google is subject to the laws of the countries in which it operates. If, say, China requires that emails that contain “Tiananmen Square” be reported to the Chinese security agencies then Google will have to comply or not do business in that country (and I think Google has declined to do some work inside China on that basis and Yahoo has not so declined).

The point being that having now shown that they can monitor email for the proof of one crime the company will come under ever greater pressure from a number of sources to apply the same monitoring techniques to evidence of other crimes. And there’s plenty of place around the world where it is criminal to do things we regard as being a lot more benign than child pornography. Even, places where it’s illegal to do things that we consider to be basic human rights. It seems to me inevitable that this technique, however just people may think it to be for this one particular crime, is going to expand out to many others.

Of course, one can simply not use Gmail, one can also simply not do anything that might constitute a crime, but it’s still worrying to me that our communications are to be so vetted.

10 Malware Removal Apps Tested, guess which one came out on top?

A recent test done by the independent antivirus research group AV-TEST took a look at the performance of today's most popular malware removal applications. Most of the applications showed excellent performance, but only Malwarebytes - a free download - managed a perfect score.

(Click to enlarge)

AV-TEST sought to answer an important question: can anti-malware software completely clean up and repair a Windows system after an attack?

    It's a worst-case scenario many users have experienced: Malware defeats the security barriers of their system and becomes embedded there. Is it even possible, in the aftermath of such an attack, to restore the Windows system to its previous condition? It ought to work with the help of antivirus software or clean-up tools. But how effectively do these first responders do their job?

The good news is that overall each application was very effective at providing cleanup and repair to Windows machines, which is important if you think someone has broken into your machine or downloaded some suspicious plugins.

Each application was put through a rigorous endurance test that lasted a total of 10 months. During this time several different malware families were tested repeatedly and the malware even underwent constant evolution along the way. All of the samples used were already known to the removal applications, so the primary purpose of the test was efficiency in detection, complete removal, and restoration. Tests were also conducted on antivirus software, but keep in mind there's a difference between antivirus and anti-malware.

(Click to enlarge)

In the end, Malwarebytes Anti-Malware Free scored a cool 100% in total system repair. The paid apps Bitdefender Internet Security 2014 came close in second with a score of 99.4%, and F-Secure Internet Security 2014 tied with Kaspersky Internet Security 2014 at 97.8%. The next best scores for free applications came from AVG AntiVirus Free 2014 and Avast! Free Antivirus 9.0.

Remember, it's important to keep in mind that these were tested for malware removal and not for virus protection. We can show you what we think are the best desktop antivirus applications, and if you're curious to see how antivirus apps ranked at AV-TEST, click here to read more.