A Modern Twist on the 'Honeypot' Scam
This week we saw mobile apps making headlines. Tinder was used by a potential spy to unsuccessfully bait military secrets out of an airman and Snapchat’s source code was published on Github. The marketing campaign for the PGA championship has hit a speed bump in the form of a ransomware attack and an Australian hospital specializing in maternal health exposed treatments on the web.
1. Samsung Meets Meltdown
2. Snapchat Source Code
3. Think of the Children
4. The PGA is in the Sand Trap
In Other News:
Catfished : A hacker recently tried a new take on an old trick, utilising the dating app Tinder in a honeypot scheme. The cyber criminal set out to steal military secrets from the British Royal Air Force, using a compromised RAF airwomen’s dating profile to try and trick a serviceman into revealing the details of the F-35 stealth fighter. The brand-new fighter is the result of a £9 billion project . China and Russia are eager to get their hands on any details they can about the plane. The airwomen realized almost immediately that her account was hacked and informed RAF, who was able to confirm that no information was disclosed, and the airman targeted was not connected to the F-35 program.
Galaxy Meltdown: Samsung phones are not invulnerable to the microchip security flaw known as Meltdown as previously thought. Researchers at an Austrian University uncovered a way to exploit the vulnerability on the popular smartphone. The researchers plan on testing other phones in the future and believe that they will have similar results with other devices. With as much damage as Spectre exploits have done since its discovery, the same kind of exposure in smartphones could wreak havoc.
Oh Snap! : A hacker got ahold of some of the source code for the popular photo-messaging service Snapchat, publishing the valuable code on Github. The hacker is believed to be from Pakistan and the code has since been taken down by the company. It is likely that the repo contained part of or all of their iOS app but because the code was removed from Github there is no way to verify the amount of source code published. The validity of the source data is also questionable, but given Snapchats all-caps DMCA request, (seen below) it seems like there’s a good chance the code was the real deal.
“SNAPCHAT SOURCE CODE. IT WAS LEAKED AND A USER HAS PUT IT IN THIS GITHUB REPO. THERE IS NO URL TO POINT TO BECAUSE SNAP INC. DOESN’T PUBLISH IT PUBLICLY.”
Threat Focus: The Professional Golfers’ Association (PGA) - USA
PGA Golfers Association: Is a golfing association that hosts the PGA Championship.
Exploit: Ransomware. Risk to Small Business: High: Ransomware is highly disruptive to any organization.
Individual Risk: High: Loss of data and possibly exfiltration of personal information can result from a ransomware attack. Date Occurred/Discovered: August 7, 2018 Date Disclosed: August 9, 2018
• Creative material for the PGA Championship
◦ Promotional banners
◦ Digital signage
• Creative material for the Ryder’s Cup in France
◦ Abstracts of logos
Customers Impacted: With the PGA championship around the corner, this breach could affect golf fans all over the country.
Threat Focus: Hova Health - Mexico
Hova Health: Is a technology company that services the Mexican health care sector
Exploit: Exposed the MongoDB database.
Risk to Small Business: High: Carelessness with customers’ sensitive data can cause irreparable damage to an organizations image.
Individual Risk: High: The information exposed on the internet could be used in identity theft.
Occurred/Discovered: August 2018 Date Disclosed: August 7, 2018
• Date of birth
• Insurance information
• Disability status
• Home address
Customers Impacted: 2 million individuals.
Threat Focus: The Adelaide Women’s and Children’s Hospital - Australia
The Women’s and Children’s Hospital: An Adelaide based health care facility that provides treatment for women, babies and children
Risk to Small Business: High: The sensitive nature of the data exposed as well as the scope of the breach will cost the organization the trust of its customers and could possibly result in hefty fines.
Individual Risk: High: The data exposed by the organization could be extremely useful for bad actors to impersonate them, in addition to the high value of personal medical information on the Dark Web.
Date Occurred/Discovered: Occurred over the last 13 years Date Disclosed: August 6, 2018
• Date of birth
• Test results
Customers Impacted: 7,200 individuals.
Threat Focus: Comcast - USA
Comcast: Is one of the United States largest cable providers
Exploit: Web vulnerability.
Risk to Small Business: High: The loss of customer trust and the expense of providing identity monitoring for the affected individuals could damage any organization.
Individual Risk: High: Key data needed for identity theft was exposed.
Date Occurred/Discovered: August 2018 Date Disclosed: August 8, 2018
• Social Security Numbers
• Partial home addresses
Customers Impacted: 26.5 million individuals.
Phishing emails have evolved far past the misspelled words and suspicious email addresses that most people use to help judge the validity of an email. The phishing email of today can look like an exact copy of the communications coming from the imitated company. With the constant Personal Identity Identifier (PII) saturation of dark web, personal details can be added to the phishing email to make it look even more convincing. The malicious emails will continue to get better and more refined, so how do you counter them? The best way to keep your organization safe is by training employees about social engineering attacks, encouraging employees to be skeptical of suspicious emails and to report them, and utilising technologies such as an antivirus and simulated phishing awareness training and using “real time” credential monitoring. A properly executed phishing email could result in a business’s operations suspended due to ransomware, the theft of IP or the exposure of customer data… so why wouldn’t any organisation proactively get prepared?
Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING
Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication for general information only and has compiled the content from number of sources believed to be reliable. No warranty, implied or otherwise, is given as to its accuracy or fitness for use, no validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.