Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Website. Show all posts
Website
4Chan Ad Tech AI vulnerabilities Cyber Breach Cyber Security Cyberhackers CyberThreat MySQL Website

Unexpected 4Chan Downtime Leads to Cybersecurity Speculation

 


There has been a significant breach of security at 4chan recently, which has been widely reported. According to several online sources, a hacker may have managed to penetrate the platform's internal systems after successfully infiltrating the platform's anonymous and unmoderated discussions. This may represent the beginning of what appears to be a significant cybersecurity incident. 

Early reports indicate that the breach occurred when a section of the website that was inactive suddenly became active, displaying prominent messages such as "U GOT HACKED", a clear indication that the site had been hacked. This unexpected reactivation was the first indication that unauthorised access had been achieved. There was also growing speculation as a result of several online posts claiming the perpetrator behind the breach was leaking sensitive information, including personal information about the site moderators and their identities. 

The nature of the claims has sparked widespread concern about the possibility of data exposure and wider cybersecurity vulnerabilities for the platform, even though the platform has not yet released an official statement verifying the extent of the compromise. In this instance, it underscores the growing threat landscape facing digital platforms, particularly those that operate with minimal moderation and host large volumes of user-generated content, as the story unfolds. 

As cybersecurity experts and digital rights advocates continue to follow the story closely for confirmation and implications of the alleged breach, cybersecurity experts are closely monitoring developments. According to reports on social media platforms, 4chan was experiencing prolonged periods of downtime, which was widely reported by users across social media platforms, indicating the alleged breach of the website.

As of this writing, the website remains largely inaccessible. It appears that the disruption has been caused by a targeted and prolonged cyber intrusion, as suggested by independent observations, including those cited by TechCrunch. One user of a competing message board seemed to be revelling in the incident, with another claiming that the attacker had been able to use 4chan's systems for more than a year after gaining covert access through a user-created account. It is believed that numerous screenshots, purported to depict the administrative interface of the site, were circulated online as evidence of these claims. 

The images depicted what appeared to be internal tools and infrastructure, including moderation templates, user banning policies, and the source code of the platform, all of which would normally belong to the moderation team of the site. The most disturbing aspect of the leak has to do with a document that allegedly gives the identities of some 4chan moderators, as well as "janitors," who are users with limited administrative rights. 

In contrast to janitors, who are capable of removing threads and posts, moderators possess a more powerful set of capabilities, including the ability to view the IP address of users. This disclosure could have serious security and privacy implications if verified, especially given 4chan's history of hosting political, sometimes extreme content that is frequently unethical, oriented and extremist. 

Among other things, cybersecurity analysts warn that such a leak could compromise not only individual safety but could also give us a clearer picture of how one of the most polarising online communities functions. There have been reports of widespread service disruptions at 4chan, which were first reported early Tuesday, when thousands of users documented their experiences on Downdetector, a platform for monitoring website outages, reporting that 4chan's service has been disrupted. 

Since then, 4chan’s site has been intermittently accessible, with no official acknowledgement or explanations from its administrators, leaving a void that has quickly been filled by speculation. The narrative that has circulated, albeit unverified, points to a significant security breach. Multiple sources suggest that a hacker may have infiltrated the back-end infrastructure of 4chan and may be able to gain access to sensitive data, including moderator email addresses, internal communications and internal communications, among others. 

According to some users, the alleged vulnerability may be the result of outdated server software, which has been reported not to have been patched for more than a year. An even more detailed analysis was provided on the imageboard soyjack Party, a rival imageboard, where one user claimed the intruder had been able to access 4chan's administrative systems secretly for over a year. 

By these posts, the hacker eventually published portions of the platform's source code, as well as internal staff documentation, which led to a 4chan administrator taking it offline to prevent further exposure, as a result of the leak. As well as these allegations, many users on Reddit have shared screenshots of moderator login interfaces, private chat logs, as well as fragments of leaked code, as well as other claims that users echo. 

It is important to note that, while none of these allegations have been independently verified, cybersecurity professionals warn that if the breach is authentic, it can have serious repercussions for the site's operational security as well as the privacy of its users and employees. There has long been a reputation for 4chan as a place where controversial content is posted and politically sensitive discourse is conducted, and any breach of personal data, especially that of moderators, raises concerns about the possibility of identity theft, doxxing, and targeted harassment, as well as broader cyber exploitation. 

A definitive identification of the person responsible for the alleged 4chan breach has not been made yet, as conflicting reports and a lack of verifiable evidence continue to obscure the exact origins of the alleged attack. However, some emerging theories suggest that individuals connected with the Soyjak.party community, which is formally called the “Sharty” group, may have been involved in the incident. 

According to the allegations of these attackers, they are suspected to have exploited longstanding vulnerabilities in the backend architecture of 4chan, specifically outdated PHP code and deprecated MySQL functions, and gained access to a previously banned discussion board known as /QA/, as well as exposed some email addresses of the moderators of the platform. It remains unclear about the motives of the group. 

In recent weeks, certain users on X (formerly Twitter) have suggested that it might have been a retaliatory act resulting from the controversial removal of the /QA/ board in 2021. Although these assertions have been widely circulated, they have not been verified by credible sources. A comparison has also been made to previous breaches, including one which was revealed by 4chan's founder Christopher Poole in 2014, in which an attacker allegedly compromised moderator accounts due to his grievances. 

The incident at that time ended without any clarity as to who was responsible for the incident. It is clear that securing anonymous platforms, especially those that have a complex legacy and a volatile user base, continues to present several challenges, especially when layered with historical precedent and fresh suspicions. There will likely remain questions regarding accountability and intent until a formal investigation produces conclusive findings. 

It is likely, however, that if the breach is authenticated, it will significantly damage both 4chan's credibility and the privacy of its users. In addition to the possibility of exposing moderator emails and internal communications, leaked materials are allegedly showing evidence of deep system access, as well. According to these materials, user metrics, deleted posts and related IP addresses are exhibited alongside internal administrative documentation as well as portions of the platform's underlying source code assets. 

These materials, if genuine, may pose considerable security threats to users in the future. Even though WIRED is not able to independently verify the leaked content, there has been some controversy surrounding the situation since at least a few elements of the breach have been acknowledged as authentic by a moderator on the forum. Several concerns have been raised regarding 4chan's infrastructure since this incident, particularly allegations that the outdated and unpatched legacy software could have led to vulnerabilities ripe for exploitation. 

It is clear that these concerns have been around for nearly a decade; in 2014, following a previous security incident, the site's founder, Christopher Poole (also known as "moot"), made public a call for proactive measures in cybersecurity. In retrospect, it seems as though those early warnings went mostly unanswered. 

As a professor at the University of California Riverside who has a keen interest in digital discourse, online subcultures, and digital discourse, Emiliano De Cristofaro commented on the wider implications of the data breach, stating, “It seems that 4chan hasn’t been properly maintained in years,” he noted, noting that a failure to modernize and secure its infrastructure could now have exposed the site to irreversible consequences.
Read more »
WordPress
Hacking Internet Plugins Technology Website WordPress

Hackers Exploit WordPress Sites to Attack Mac and Windows Users


According to security experts, threat actors are abusing out-of-date versions of WordPress and plug-ins to modify thousands of sites to trap visitors into downloading and installing malware.

In a conversation with cybersecurity news portal TechCrunch, Simon Wijckmans, founder and CEO of the web security company c/side, said the hacking campaign is still “very much live”.

Spray and pray campaign

The hackers aim to distribute malware to loot passwords and sensitive data from Mac and Windows users. According to c/side, a few hacked websites rank among the most popular ones on the internet. Reporting on the company’s findings, Himanshu Anand believes it is a “widespread and very commercialized attack” and told TechCrunch the campaign is a “spray and pray” cyber attack targeting website visitors instead of a specific group or a person.

After the hacked WordPress sites load in a user’s browser, the content immediately turns to show a false Chrome browser update page, asking the website visitor (user) to download and install an update to access the website, researchers believe. 

Users tricked via fake sites

When a visitor agrees to the update, the compromised website will ask the user to download a harmful malware file disguised as the update, depending on whether the visitor is a Mac or Windows user. Researchers have informed Automattic (the company) that makes and distributes Wordpress.com about the attack campaign and sent a list of harmful domains. 

According to TechCrunch, Megan Fox, spokesperson for Automattic, did not comment at the time of press. Later, Automattic clarified that the security of third-party plugins is the responsibility of WordPress developers.

“There are specific guidelines that plugin authors must consult and adhere to ensure the overall quality of their plugins and the safety of their users,” Ms Fox told TechCrunch. “Authors have access to a Plugin Handbook which covers numerous security topics, including best practices and managing plugin security,” she added. 

C/side has traced over 10,000 sites that may have been a target of this hacking campaign. The company found malicious scripts on various domains by crawling the internet, using a reverse DNS lookup to find domains and sites linked with few IP addresses which exposed a wider number of domains hosting malicious scripts. TechCrunch has not confirmed claims of C/side’s data, but it did find a WordPress site showing malicious content earlier this week.

Read more »
Website
Cyber Security EMA fake websites FDA Healthcare Healthcare Cyberattacks Healthcare cybersecurity Illicit Activity Pharmaceutical US FDA. Website

Combatting Counterfeit Drugs Online: BrandShield's Success in Dismantling Illicit Websites

 

In the rapidly evolving landscape of online pharmaceuticals, the proliferation of counterfeit drugs poses a significant threat to consumer safety. Cybersecurity firm BrandShield has emerged as a stalwart defender in this battle, successfully dismantling over 250 websites selling counterfeit weight-loss and diabetes medications. Led by CEO Yoav Keren, BrandShield's efforts represent a concerted endeavor to combat the scourge of counterfeit pharmaceuticals and protect consumers from the dangers of fraudulent medications. 

The counterfeit drugs targeted by BrandShield predominantly belong to the GLP-1 class, including popular medications like Novo Nordisk's Ozempic and Wegovy, as well as Eli Lilly's Mounjaro and Zepbound. Originally developed to manage type 2 diabetes, these medications have garnered attention for their additional benefits in weight loss, with patients experiencing significant reductions in body weight. Unfortunately, the efficacy and popularity of these drugs have also made them lucrative targets for counterfeiters seeking to exploit the growing demand. 

According to Reuters, the majority of the illicit websites shut down by BrandShield were purveyors of counterfeit GLP-1 drugs, indicating the scale of the problem. Alarmingly, studies suggest that an estimated 95% of all online pharmacies operate unlawfully, highlighting the pervasive nature of the issue. 

Moreover, reported cases of harm linked to fake GLP-1 drugs have emerged in at least nine countries, underscoring the urgent need for action. BrandShield's recent crackdown on counterfeit drug websites represents a significant victory in the ongoing battle against online pharmaceutical fraud. The company's efforts have resulted in the closure of 90% of the identified pharmacy websites selling counterfeit GLP-1 medications. This operation accounts for just over 15% of the total counterfeit drug websites reported by BrandShield last year, emphasizing the scale of the challenge. 

Collaborating closely with the Pharmaceutical Security Institute (PSI), BrandShield employs rigorous evidence collection and intelligence gathering to identify and target illicit websites. By providing actionable intelligence to service providers hosting these websites, BrandShield facilitates their removal from the internet, effectively disrupting the operations of counterfeiters. Furthermore, the company coordinates with law enforcement agencies to investigate and prosecute criminal networks involved in the production and distribution of counterfeit drugs. 

In addition to targeting counterfeit drug websites, BrandShield's efforts extend to social media platforms, where it has removed nearly 4,000 fake drug listings. Notably, a significant portion of these listings—almost 60%—was found on Facebook, highlighting the need for vigilance across all online platforms. BrandShield's global reach ensures that illegal drug listings are eradicated from marketplaces in countries around the world, including India, Indonesia, China, and Brazil. 

Contrary to concerns raised earlier, the EMA found no evidence linking these medications to an increased risk of suicidal thoughts or self-injury. This reaffirmation of safety aligns with previous findings by the US Food and Drug Administration (FDA), providing reassurance to patients and healthcare providers alike. 

Overall, BrandShield's relentless efforts to combat counterfeit drugs online serve as a beacon of hope in the fight against pharmaceutical fraud. By dismantling illicit websites, removing fake drug listings, and collaborating with industry partners and law enforcement agencies, BrandShield is making significant strides towards safeguarding consumers and upholding the integrity of the pharmaceutical industry.
Read more »
Website
Cyber Security FBI Online Data Ransomware TAD Texas Website

Ransomware Strikes Tarrant Appraisal District

 



Tarrant Appraisal District (TAD) finds itself grappling with a major setback as its website falls prey to a criminal ransomware attack, resulting in a disruption of its essential services. The attack, which was discovered on Thursday, prompted swift action from TAD, as the agency collaborated closely with cybersecurity experts to assess the situation and fortify its network defences. Following a thorough investigation, TAD confirmed that it had indeed fallen victim to a ransomware attack, prompting immediate reporting to relevant authorities, including the Federal Bureau of Investigation and the Texas Department of Information Resources.

Despite concerted efforts to minimise the impact, TAD continues to work towards restoring full functionality to its services. Presently, while the TAD website remains accessible, the ability to search for records online has been temporarily suspended. Moreover, disruptions extend beyond the digital realm, with phone and email services also facing temporary outages. This development comes hot on the heels of a recent database failure experienced by TAD, which necessitated the expedited launch of a new website. Originally intending to run both old and new sites concurrently for a fortnight, the agency was compelled to hasten the transition following the database crash.

Chief Appraiser Joe Don Bobbitt has moved seamlessly to reassure the public, asserting that no sensitive information was compromised during the disruption. However, TAD remains vigilant and committed to addressing any lingering concerns. The agency is poised to provide further updates during an upcoming board meeting.

These recent challenges encountered by TAD underscore the critical importance of robust cybersecurity measures and organisational resilience in the face of unforeseen disruptions. Against the backdrop of escalating property values across North Texas, scrutiny of appraisal processes has intensified, with TAD having previously grappled with website functionality issues. Nevertheless, the agency remains steadfast in its commitment to enhancing user experience and fostering transparency.

In light of recent events, TAD remains resolute in prioritising the integrity of its operations and the safeguarding of sensitive data. The deliberate response to the ransomware attack prompts the agency's unwavering dedication to addressing emerging threats and maintaining public trust. As TAD diligently works towards restoring full operational capacity, stakeholders are urged to remain careful and report any suspicious activity promptly.

The resilience demonstrated by TAD in navigating these challenges serves as a testament to its dedication to serving the community and upholding the highest standards of accountability and transparency in property valuation processes.


Read more »
WordPress Plugin
Cyber Attacks Cyber Hacking Pop-ups Website Website Hack WordPress hacks WordPress Plugin

Hackers Exploit Vulnerability in Popup Builder Plugin for WordPress

 

In a concerning development for website owners and administrators, hackers have been exploiting a vulnerability in the popular Popup Builder plugin for WordPress, resulting in the infection of over 3,300 websites worldwide. This security flaw, officially tracked as CVE-2023-6000, allows malicious actors to execute cross-site scripting (XSS) attacks on websites that are using outdated versions of the Popup Builder plugin, specifically versions 4.2.3 and older. 

The vulnerability was initially disclosed in November 2023, raising alarm bells in the cybersecurity community. Despite this disclosure, many site administrators failed to promptly update their systems, leaving them vulnerable to exploitation by hackers. Now, the consequences of this oversight are becoming apparent, with Sucuri, a prominent cybersecurity firm, reporting a recent surge in attacks targeting WordPress sites through this vulnerability. 

At the core of the exploit is the injection of malicious code into the Custom JavaScript or Custom CSS sections of the WordPress admin interface. This injected code is then stored within the 'wp_postmeta' database table, allowing hackers to manipulate the behavior of the Popup Builder plugin. By leveraging event handlers within the plugin, such as popup open or close events, hackers can execute various malicious actions, including redirecting unsuspecting visitors to phishing pages or malware-dropping sites. Sucuri's analysis has revealed that the attacks originate from domains such as "ttincoming.traveltraffic[.]cc" and "host.cloudsonicwave[.]com." 

As a proactive measure, site owners are advised to block access to these domains to mitigate the risk of infection. However, blocking domains alone may not be sufficient to fully protect websites from exploitation. To effectively safeguard against this threat, website owners must update to the latest version of the Popup Builder plugin, currently version 4.2.7. 

This updated version addresses CVE-2023-6000 and other security vulnerabilities, providing enhanced protection against malicious attacks. Despite the availability of patches, WordPress statistics indicate that a significant number of active sites continue to use outdated versions of the plugin, leaving them vulnerable to exploitation. 

In the unfortunate event of a website being infected, swift action is necessary to mitigate further damage. Site administrators should immediately remove any malicious entries injected into the Popup Builder's custom sections and conduct thorough scans to detect and eliminate any hidden backdoors that could facilitate reinfection. The prevalence of this vulnerability underscores the importance of maintaining robust cybersecurity practices for WordPress sites. 

By staying vigilant, promptly applying software updates, and implementing proactive security measures, website owners can better protect their sites and mitigate the risk of falling victim to malicious attacks. As the threat landscape continues to evolve, proactive security measures are essential to safeguarding the integrity and security of WordPress websites.
Read more »
Website
AI App Images Data Safety data security Technology Website

This Website Wants to Use AI to Make Models Redundant

 

Deep Agency is an AI photo studio and modelling agency founded by a Dutch developer. For $29 per month, you can get high-quality photos of yourself in a variety of settings, as well as images generated by AI models based on a given prompt. “Hire virtual models and create a virtual twin with an avatar that looks just like you. Elevate your photo game and say goodbye to traditional photo shoots,” the site reads. 

 According to the platform's creator, Danny Postma, the platform utilises the most recent text-to-image AI models, implying a model similar to DALL-E 2, and is available anywhere in the world. You can personalize your photo on the platform by selecting the model's pose and writing various definitions of what you want them to do. This website does the opposite of making models, photographers, and creatives obsolete.

Postma does state on Twitter that the site is "in open beta" and that "things will break," and using it does feel almost silly, like a glorified version of DALL-E 2 but only with female models. The site then reminds us of AI's limitations, showing how AI-generated images are not only stiff and easy to spot, but also biassed in a variety of ways.

So far, the prompt requires you to include "sks female" in it for the model to work, meaning the site only generates images of women unless you purchase a paid subscription, which unlocks three other models, one woman and two men, and allows you to upload your own images to create a "AI twin".

To create an image, you type a prompt, select a pose from the site's existing catalogue of images, and choose from a variety of settings such as "time & weather," "camera," "lens & aperture," "shutterspeed," and "lighting." Most generated images appear to be the same brightly lit female portrait, pictured in front of a very blurred background, indicating that none of those settings have been keyed in yet.
When you say "sks female," it generates an image of a blonde white woman, even if you chose an image of a woman of a different race or likeness from the catalogue. If you want to change the model's appearance, you must add additional words denoting race, age, and other demographic characteristics.

When Motherboard chose one of the site's pre-existing images and corresponding prompts of a person of colour wearing a religious headscarf to generate an image based on it, the result was a white woman wearing a fashion headscarf. The DALL-E 2 text-to-image generator from OpenAI has already been shown to have biases baked in. When asked to generate an image of "a flight attendant," for example, the generator only produces images of women, whereas when asked to generate an image of "a CEO," it mostly displays images of white men. 

Though examples like these are common, it has been difficult for OpenAI to determine the precise origins of the biases and fix them, despite the company's acknowledgement that it is working to improve its system. The deployment of a photo studio based on a biassed model will inevitably result in the same problems.

This AI model generator is being released at a time when the modelling industry is already under pressure to diversify its models. After massive public backlash, what was once a unique industry with a single body and image standard has now become more open to everyday models, including people cast from the street and platforms like Instagram and TikTok.  Though there is still a long way to go in the world of high fashion representation, people have taken to creating their own style-inclusive content on social media, proving that people prefer the more personable, casual "model"—in the form of influencers.

Simon Chambers, director at modelling agency Storm Management, told Motherboard in an email that “AI avatars could also be used instead of models but the caveat here is that compelling imagery needs creativity & emotion, so our take, in the near future, is that AI created talent would work best on basic imagery used for simple reference purposes, rather than for marketing or promoting where a relationship with the customer needs to be established.”

“That said, avatars also represent an opportunity as well-known talent will, at some point, be likely to have their own digital twins which operate in the metaverse or different metaverses. An agency such as Storm would expect to manage the commercial activities of both the real talent and their avatar. This is being actively discussed but at present, it feels like the metaverse sphere needs to develop further before it delivers true value to users and brands and becomes a widespread phenomenon,” he added. Chambers also said their use has implications under the GDPR, the European Union’s data protection law. 

It's difficult to predict what Deep Agency's AI-generated models will be used for, given that models cannot be generated to wear specific logos or hold branded products. When Motherboard attempted to generate an image of a woman eating a hotdog, the hotdog appeared on the woman's head, and she had her finger to her lips, looking ponderous.

An AI model has been in the works for several years. In 2020, model Sinead Bovell wrote in Vogue that she believes artificial intelligence will soon take over her job. She was referring to the rise of CGI models, rather than AI-generated models, such as Miquela Sousa, also known as Lil Miquela on Instagram, who has nearly 3 million followers. She has her own character story and has collaborated with brands like Prada and Samsung. Bovell stated that AI models that can walk, talk, and act are the next step after CGI models, citing a company called DataGrid, which created a number of models using generative AI in 2019.

Deep Agency's images, on the other hand, are significantly less three-dimensional, bringing us back to the issue of privacy in AI images. In its Terms and Conditions, Deep Agency claims to use an AI system trained on public datasets. As a result, these images are likely to resemble the likenesses of real women in existing photographs. As per Motherboard, the LAION-5B dataset, which was utilized by train systems such as DALL-E and Stable Diffusion, included many images of real people, ranging from headshots to medical images, without permission.

Lensa A.I., a viral app that used AI to generate images of people on different backgrounds, has since come under fire for a variety of privacy and copyright violations. Many artists pointed to the LAION-5B dataset, where they discovered their work was used without their knowledge or permission and claimed that the app, which used a model trained on LAION-5B, was thus infringing on their copyright. People complained that the app's images included mangled artist signatures and questioned the app's claims that the images were made from scratch. 

Deep Agency appears to be experiencing a similar issue, with muddled white text appearing in the bottom right corner of many of the images generated by Motherboard. The site claims that users can use the generated photos anywhere and for anything, which appears to be part of its value proposition of being an inexpensive way to create realistic images when many photography websites, such as Getty, charge hundreds of dollars for a single photo.

OpenAI CEO Sam Altman has repeatedly warned about the importance of carefully considering what AI is used for. Last month, Altman tweeted that  “although current-generation AI tools aren’t very scary, I think we are potentially not that far away from potentially scary ones. having time to understand what’s happening, how people want to use these tools, and how society can co-evolve is critical.”

In this case, it's interesting to see how an AI tool actually pushes us backwards and closer to a limited set of models.Deep Agency creator Danny Postma did not respond to Motherboard's request for comment.
Read more »
Website
Ad Blockers Apps Cyber Security Data NordVPN Security Website

NordVPN Identifies the Most Risky Websites for Users' Privacy and Security

When you browse the web on a regular basis, it can be quite dangerous, but it becomes even more dangerous when you access certain types of sites. It should come as no surprise that porn, streaming, and video hosting websites top the list of services posing the greatest risk to users' privacy and security. 

Malware attacks, invasive ads, and heavy web tracking were among the threats. That is the exclusive data gathered by NordVPN, one of the best VPN services available. In December 2022 alone, the VPN provider was able to block over 344 million web trackers, 341 million intrusive ads, and 506,000 malware infections thanks to its Threat Protection tool.

"The online world is challenging people in every single move they make," said NordVPN cybersecurity advisor Adrianus Warmenhoven.

"Want to read an article? Dozens of ads and pop-ups are ready to immediately cover your screen. Another privacy threat – malware – is lurking for you on websites and in files you are about to download. Websites you browse are also full of third-party trackers that analyze your browsing history to find out what you do online. It depends on you to stop it."

NordVPN researchers wanted to know how these cyber threats were getting to users. They did this by analysing aggregated data collected by their Threat Protection system. While this did not include any personally identifiable information about users, it did assist them in depicting the scenario that everyone faces on a daily basis online.

Malware is perhaps the most concerning of these threats. This is due to the ease with which such malicious software can infiltrate a device and damage or compromise tonnes of users' sensitive data. Adult content sites contain the most malware, including viruses, ransomware, spyware, and other threats. During the coverage period, over 60,000 domains were blocked. Cloud storage and entertainment platforms are next in line, with approximately 70,000 infected platforms discovered between the two categories.

Intrusive ads are any pop-ups or other ad pages that appear without being requested. These not only annoy people's online experiences, but they are also excellent at gathering information about users without their knowledge. As expected, free streaming platforms are the most involved, with more than 55 minion domains affected. Adult content and shopping websites appear to be close behind.

These findings highlight the importance of using a reliable ad-blocker every time you browse the web, especially when visiting certain types of websites.

"Ad blockers are essential for both security - because they block ads that can infect people’s devices - and privacy because annoying ads rely on collecting data from web activity and violating people’s privacy," explains Warmenhoven. "Also, if a website is loading slower than usual, you can blame intrusive ads. Free apps filled with unwanted ads could also drain your device’s battery faster.” 

Web trackers are another major cyber threat because they compromise users' online anonymity. Video hosting services were the sites with the most web trackers. The NordVPN Threat protection tool blocked over two billion domains. Tracking was also high in cloud storage, web email, and information technology sites. As per Nord, Hong Kong and Singapore have the most web trackers in the world, with an average of 45 and 33 trackers per website. Other countries with high tracking rates include the United States, Australia, the United Kingdom, Spain, and France.

NordVPN Threat Protection is a system that safeguards users from the aforementioned online threats. It accomplishes this by scanning all files you download and blocking all sites containing malware and dangerous ads before you open them.

Threat Protection is available on all NordVPN apps. This means that there is no additional cost to enjoy a safer online experience. All you have to do is follow these simple steps:
  • Launch the latest NordVPN app on your preferred device.
  • Click the shield icon on the left side of your screen.
  • Activate the Threat Protection toggle.

Read more »
Website
Cyber Security Mousetrapping Pop-ups Site Software VPN Website

Mousetrapping: What is it & how to Safeguard Against it?

 

Mousetrapping works in the identical way that a traditional mousetrap does: you unknowingly walk into a trap designed to keep you trapped for as long as possible. Operators who utilize mousetraps actively market their products or services. They may even attempt to steal your personal details. So, how do you know when you've stepped into a trap? 

Mousetrapping is an unethical practice used by some website operators to keep you on their site for longer than necessary. It is a technique that traps you in an endless loop of pages and pop-ups, preventing you from leaving a website.

Some operators will even open the new page you've been redirected to in a new window. You can't access the taskbar, toolbar, or browser menu while in this window, making it difficult to close. These websites may even deactivate the web browser's back or exit buttons, trapping you on the page until you exit the browser. In such cases, the only actionable buttons that work are those in pop-ups that force you to perform whatever action the website owner dictates.

"Your phone is hacked. Download this Antivirus Software Now.
99% of android users have this app on their phone.
Your government is tracking your phone. Install this VPN."

When you visit a website with mousetraps, you will encounter a lot of messages like this: pop-ups requesting you to download an app, visit another site, or even enter your phone number. Clicking the exit button on these pop-ups usually results in more call-to-action messages. Executing these actions and downloading the files will almost certainly result in the installation of malware on your computer and the theft of sensitive information.

How to Recognize a Mousetrap

The first step in making a mousetrap is to closely mimic the URL of a legitimate popular website. It could be a celebrity's official website or your favorite newspaper. The malicious site could end up on a search engine with a simple misspelling and a line of code. Because the code and content closely resemble that of the authentic website, the link to the site ends up on search engines.

It is sometimes difficult to tell if a website is legitimate until you click on a link. Fortunately, there are methods for determining whether a website is genuine. The mousetraps are designed by the owners of these websites in order to capture as many clicks as possible from unwitting visitors. When you realize you've been duped, you immediately attempt to exit the site by clicking on a broken back button.

The logical next step would be to press the forward button or search the toolbar for an escape route. It is already too late at this point. It is nearly impossible to leave this way because the site owner has included lines of code that will open one ad banner after another for every click you make.

That isn't all. Because pop-ups appear quickly, you may need to open multiple windows in order to evade them. You must close each pop-up one by one, and the more clicks you have, the more benefit the site owner receives. The close button on pop-ups does not always work, resulting in more ads, banners, and redirects.

Mousetrapping isn't just for clicks. Some threat actors use these traps to keep their victims occupied. The pop-ups and windows are designed to keep you on the page while malware is downloaded onto your system.

How to Get Out of a Mousetrap

The obvious escape, like most traps, will most likely lead you deeper into the trap. The back button you rush to click will simply open an ad in another window or launch a barrage of banners, further frustrating you. Despite this, there are a few ways to get out of mousetraps.

1. Input Another URL Address
2. Disable JavaScript
3. Use Keyboard Shortcuts

It's difficult to spot a malicious website, especially if it's a carbon copy of a popular platform. When you realize you've been trapped and windows and pop-ups are appearing with every click, go to the URL bar and enter a new address. You should be able to close the opened windows using keyboard shortcuts.

However, prevention is always preferable to cure. Use web browsers that have add-ons and plug-ins that prevent redirects, advertisements, and unauthorized window openings. Another option is to disable JavaScript. Many site features, including pop-ups and banners, would be disabled.
Read more »
Subscribe to: Posts (Atom)