Monthly Archives: April 2016
Google April Fool's Gmail Button Sparks Backlash, Loses Jobs
Hacker Hijacks a Police Drone from 2 Km Away with $40 Kit
A researcher has demonstrated how easy it is to steal high-end drones, commonly deployed by government agencies and police forces, from 2 kilometres away with the help of less than $40 worth of hardware.
The attack was developed by IBM security researcher Nils Rodday, who recently presented his findings at Black Hat Asia 2016.
Hacking the $28,463 Drone with Less than $40 of Hardware
New Ransomware KimcilWare Targets Magento Websites
Ransomware dubbed KimcilWare is targeting websites running the e-commerce platform Magento and encrypting website files.
Just One? No, FBI to Unlock More iPhones with its Secret Technique
The Federal Bureau of Investigation (FBI) worked with Israeli mobile forensic firm Cellebrite to unlock iPhone used in the San Bernardino shooting last year, confirmed by multiple sources familiar with the matter.
The United States Department of Justice (DoJ) said on Tuesday that the FBI successfully unlocked iPhone and accessed data with the help of an undisclosed alternative method
We know “who’s viewed your Instagram†and it’s not who you think
There’s something every Instagrammer wants to know: who is looking at my photos? We live in a show-and-tell world, with I-see-I-do-I-post-mindsets, comments, and “likes”. No one wants to disappear at fault of a #boring photo.
Instagram makes it easy to play pretend, but what happens when someone else pretends to be you? In theory, social media sites like Facebook make it so that third parties can’t access your “secret information” but without our knowledge, hackers are taking advantage of us: robbing personal data (even those super-complicated-and-thoroughly-though-out passwords) and gaining full access to our profiles.
For Turker Bayram, hacking into social media profiles is his specialty. On multiple occasions, this sadly popular yet elusive malware developer has been able to place his malicious “apps” in the top charts on Google Play and the App Store. Soon after he creates them and uploads them, there are massive numbers of downloads. By the time someone figures out what’s going on, and after hundreds of thousands (potentially millions) of users are robbed of their personal information, Google and Apple finally delete the apps. This has happened at least twice.
Just a few weeks ago, an independent developer named David Layer-Reiss warned us on his blog about Bayram’s new malicious “software”. The iOS version was called “Who Cares With Me – InstaDetector”, and in Android, “InstaCare — Who Cares With Me”. These “apps” discovered by Layer-Reiss have already been eliminated and, in November 2015, both Apple and Google withdrew Bayram’s original platform, InstaAgent. It is not the first time malware takes over a popular site (i.e. Instagram, WhatsApp, Facebook) in order to massively rob user profiles… and it won’t be the last.
These “apps” always return to the top of the charts and sometimes under the umbrella of the same developer. In the case of “InstaDetector”, the victim innocently enters their credentials, unaware that the confidential data is sent to the attacker’s server. Instead of discovering “who has been looking at your Instagram?”, the cyber-attacker seamlessly accesses the account as if it were their own and posts spam photos on the owner’s behalf.
From telegrams to Instagrams, the more technically sophisticated we become the more important it is to trust the communication source, or in this case, the “app”. “InstaDetector” is just one of the many scams designed to take advantage of the enormous interest generated by social networks. The most worrisome thing about them is their popularity, always massive and immediate, that by the time Google or Apple are involved it’s too late for thousands of users. Combat these threats by staying alert, ignoring false promises, and installing a tough antivirus on all of your devices.
The post We know “who’s viewed your Instagram” and it’s not who you think appeared first on Panda Security Mediacenter.