Search
  • Avantia Threat Update

A Modern Twist on the 'Honeypot' Scam


Social Media in the hackers crosshairs

This week we saw mobile apps making headlines. Tinder was used by a potential spy to unsuccessfully bait military secrets out of an airman and Snapchat’s source code was published on Github. The marketing campaign for the PGA championship has hit a speed bump in the form of a ransomware attack and an Australian hospital specializing in maternal health exposed treatments on the web.


Highlights:

1. Samsung Meets Meltdown

2. Snapchat Source Code

3. Think of the Children

4. The PGA is in the Sand Trap


In Other News:

Catfished
 : A hacker recently tried a new take on an old trick, utilising the dating app Tinder in a honeypot scheme. The cyber criminal set out to steal military secrets from the British Royal Air Force, using a compromised RAF airwomen’s dating profile to try and trick a serviceman into revealing the details of the F-35 stealth fighter. The brand-new fighter is the result of a £9 billion project . China and Russia are eager to get their hands on any details they can about the plane. The airwomen realized almost immediately that her account was hacked and informed RAF, who was able to confirm that no information was disclosed, and the airman targeted was not connected to the F-35 program.


Galaxy Meltdown: 
 Samsung phones are not invulnerable to the microchip security flaw known as Meltdown as previously thought. Researchers at an Austrian University uncovered a way to exploit the vulnerability on the popular smartphone. The researchers plan on testing other phones in the future and believe that they will have similar results with other devices. With as much damage as Spectre exploits have done since its discovery, the same kind of exposure in smartphones could wreak havoc.



Oh Snap!
: A hacker got ahold of some of the source code for the popular photo-messaging service Snapchat, publishing the valuable code on Github. The hacker is believed to be from Pakistan and the code has since been taken down by the company. It is likely that the repo contained part of or all of their iOS app but because the code was removed from Github there is no way to verify the amount of source code published. The validity of the source data is also questionable, but given Snapchats all-caps DMCA request, (seen below) it seems like there’s a good chance the code was the real deal.


“SNAPCHAT SOURCE CODE. IT WAS LEAKED AND A USER HAS PUT IT IN THIS GITHUB REPO. THERE IS NO URL TO POINT TO BECAUSE SNAP INC. DOESN’T PUBLISH IT PUBLICLY.”



Threat Focus: The Professional Golfers’ Association (PGA) - USA

PGA Golfers Association: Is a golfing association that hosts the PGA Championship.

Exploit: Ransomware.
Risk to Small Business: High: Ransomware is highly disruptive to any organization.


Individual Risk: High: Loss of data and possibly exfiltration of personal information can result from a ransomware attack.
Date Occurred/Discovered: August 7, 2018 
Date Disclosed: August 9, 2018

Data Compromised:

• Creative material for the PGA Championship

◦ Promotional banners

◦ Logos

◦ Digital signage

• Creative material for the Ryder’s Cup in France

◦ Abstracts of logos

Customers Impacted: With the PGA championship around the corner, this breach could affect golf fans all over the country.


Threat Focus: Hova Health - Mexico

Hova Health: Is a technology company that services the Mexican health care sector

Exploit: Exposed the MongoDB database.


Risk to Small Business: High: Carelessness with customers’ sensitive data can cause irreparable damage to an organizations image.


Individual Risk: High: The information exposed on the internet could be used in identity theft.


Occurred/Discovered: August 2018 Date Disclosed: August 7, 2018


Data Compromised:

• Name

• Gender

• Date of birth

• Insurance information

• Disability status

• Home address

Customers Impacted: 2 million individuals.


Threat Focus: The Adelaide Women’s and Children’s Hospital - Australia

The Women’s and Children’s Hospital: An Adelaide based health care facility that provides treatment for women, babies and children

Exploit: Negligence.


Risk to Small Business: High: The sensitive nature of the data exposed as well as the scope of the breach will cost the organization the trust of its customers and could possibly result in hefty fines.


Individual Risk: High: The data exposed by the organization could be extremely useful for bad actors to impersonate them, in addition to the high value of personal medical information on the Dark Web.


Date Occurred/Discovered: Occurred over the last 13 years
 Date Disclosed: August 6, 2018


Data Compromised:

• Names

• Date of birth

• Test results

Customers Impacted: 7,200 individuals.


Threat Focus: Comcast - USA

Comcast: Is one of the United States largest cable providers

Exploit: Web vulnerability.


Risk to Small Business: High: The loss of customer trust and the expense of providing identity monitoring for the affected individuals could damage any organization.

Individual Risk: High: Key data needed for identity theft was exposed.


Date Occurred/Discovered: August 2018 
Date Disclosed: August 8, 2018


Data Compromised:

• Social Security Numbers

• Partial home addresses

Customers Impacted: 26.5 million individuals.


Postscript:

Phishing emails have evolved far past the misspelled words and suspicious email addresses that most people use to help judge the validity of an email. The phishing email of today can look like an exact copy of the communications coming from the imitated company. With the constant Personal Identity Identifier (PII) saturation of dark web, personal details can be added to the phishing email to make it look even more convincing. The malicious emails will continue to get better and more refined, so how do you counter them? The best way to keep your organization safe is by training employees about social engineering attacks, encouraging employees to be skeptical of suspicious emails and to report them, and utilising technologies such as an antivirus and simulated phishing awareness training and using “real time” credential monitoring. A properly executed phishing email could result in a business’s operations suspended due to ransomware, the theft of IP or the exposure of customer data… so why wouldn’t any organisation proactively get prepared?




Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING


Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication for general information only and has compiled the content from number of sources believed to be reliable. No warranty, implied or otherwise, is given as to its accuracy or fitness for use, no validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

Want The Information  Cyber Criminal's  Don't Want You To Know?

Subscribe below to receive our weekly Threat Updates straight to your inbox.

Call (07) 3010 9711 

info@avantiacorp.com.au

 

Avantia Corporate Services Pty Ltd,                    Level 7, 320 Adelaide Street

Brisbane, Queensland 4000

AUSTRALIA.

  • LinkedIn Social Icon
  • Facebook Social Icon

DISCLAIMER*: Avantia Corporate Services Pty Ltd and Avantia Cyber Security provides the content in this publication to the reader for general information purposes only and has compiled the content from a number of sources in Australia, the USA, and up to 56 other countries who provide cyber breach and cybersecurity information to us in real-time. Given their international focus and experience in the cyberspace arena, we believe their data to be accurate and reliable, however, we give no warranty (implied or otherwise), as to the content's accuracy or fitness for use. No validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.

*COPYRIGHT 2020* Avantia Corporate Services  PTY LTD - All Rights Reserved.