Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label WhatsApp. Show all posts
WhatsApp
AI Advancements CyberCrime Cybersecurity CyberThreat New Transition Privacy Threat Technology Usernames WhatsApp

WhatsApp Moves Toward Usernames, Phasing Out Phone Numbers

 


WhatsApp has announced enhancements to its contact management features, allowing users to add and manage contacts from any device. Previously, contact management was limited to mobile devices, requiring users to input phone numbers or scan QR codes. The update will soon enable users to manage contacts via WhatsApp Web and Windows, with plans to expand to other linked devices. Meta has revealed some exciting new features coming to WhatsApp, making it simpler to add and manage contacts. 

Soon, users will be able to privately add and manage their contacts, no matter what device they’re using. While the messaging platform already offers cross-platform support, users were able to add a new contact only via the primary Android phone or iOS handset — by adding a phone number or scanning a QR code. 

It's particularly a problem in the age when WhatsApp wants to be everywhere, with cross-device syncing between users' smartphone, web, and desktop apps. If users wanted to add a new contact while using WhatsApp on their computer, for example, too bad: Users needed to use their smartphone.

Now, however, WhatsApp is fixing the issue: The company announced on Tuesday that WhatsApp will soon let users add and store their contacts on any device, including the web or the desktop app, meaning they will no longer need to open their smartphone app just to save a contact. This can be handy, especially for business users, now that WhatsApp lets users run two different accounts on one device. Users can save contacts to their business WhatsApp account without crowding their phone's contact book. According to WhatsApp, the contacts will be saved using a new encrypted storage system called Identity Proof Linked Storage (IPLS). 

The system will generate an encrypted key every time users save a contact. In effect, their saved contacts are protected by encryption: Only users can retrieve their contacts from WhatsApp's servers. In a press release, WhatsApp notes that users will soon be able to add and manage contacts through WhatsApp Web and also through Windows platforms or their preferred devices, like Android tablets. In some cases, users would want a certain contact only on WhatsApp and not as a contact on their phone contacts list. The messaging platform also adds such possibility, making handling personal and business numbers easier.

It helps when people have more than one account on their device. WhatsApp adds that contacts saved on the messaging platform can be readily restored when a user switches devices, which will be useful if they lose their smartphones and phone numbers. The messaging platform's primary aim with the introduction of these new capabilities is to eventually "manage and save contacts by usernames." Usernames aren't new, and most Android apps and even Meta-owned apps like Instagram utilize them. 

They create a unique identity for a person, irrespective of their phone number. This is an extra layer of privacy on the platform, which is likely to be coming soon to WhatsApp. Future updates will include the ability to manage contacts using usernames, enhancing privacy by eliminating the need to share phone numbers. This development aims to provide users with greater control and security over their contact information. WhatsApp is undergoing significant changes, moving toward implementing usernames as an alternative to traditional phone numbers for managing contacts on its platform. This transition marks a strategic effort to offer users more privacy and flexibility in their communication. 

One of the key benefits of this new approach is the convenience it provides to users who maintain multiple WhatsApp accounts on a single device. The introduction of usernames will streamline account management, allowing users to distinguish between different accounts more easily. Furthermore, when switching devices, users will find it simpler to restore contacts, even if they have lost access to their original smartphone or phone number. This added capability ensures continuity and simplifies the process of transitioning between devices. 

WhatsApp's long-term vision for this initiative is to enable contact management through usernames rather than relying solely on phone numbers. By doing so, the platform aims to enhance user privacy and offer more control over personal information. This shift will allow individuals to share their WhatsApp contact details without disclosing their phone number, thereby reducing the risks associated with sharing sensitive information and improving overall user security. 

The use of usernames as unique identifiers is not a novel concept in the tech world; many popular Android applications, including Meta-owned platforms like Instagram, have successfully integrated username-based systems for contact management. This model not only fosters a more secure environment but also allows users to establish a distinct identity separate from their phone number. In upcoming updates, WhatsApp is expected to further expand these capabilities by enabling more comprehensive contact management through usernames. 

The new features will likely include options for managing contacts and other privacy settings more intuitively, reinforcing the messaging platform's commitment to providing a more secure and user-friendly experience. As WhatsApp adopts these changes, it sets the stage for a more privacy-focused approach, empowering users to protect their contact information while maintaining the convenience of seamless communication. With these updates, WhatsApp continues to position itself at the forefront of secure and versatile communication technology. 

By embracing usernames and enhancing cross-device functionality, the platform not only addresses the evolving needs of its users but also anticipates future trends in digital privacy and convenience. The introduction of encrypted contact storage and flexible management options further solidifies WhatsApp's commitment to protecting user data while streamlining the user experience. As the platform gradually shifts away from phone number dependency, it ushers in a new era where privacy, security, and usability are given paramount importance, setting a standard for other messaging services to follow.
Read more »
WhatsApp
Google malware Minecraft Necro Trojan Play Store Spotify WhatsApp

Necro Malware Attacks Google Play Store, Again. Infects 11 Million Devices

Necro Malware Attacks Google Play Store, Again. Infects 11 Million Devices

A new variant of Necro malware loader was found on 11 million Android devices through Google Play in infected SDK supply chain attacks. The re-appearance of Necro malware is a sign of persistent flaws in popular app stores like Google. 

A recent report by Kaspersky suggests the latest version of Necro Trojan was deployed via infected advertising software development kits (SDK) used by Android game mods, authentic apps, and mod variants of famous software, such as Minecraft, Spotify, and WhatsApp. The blog covers key findings from the Kaspersky report, the techniques used by threat actors, and the impact on cybersecurity. 

What is Necro Trojan 

Aka Necro Python, the Necro Trojan is an advanced malware strain active since it first appeared. Malware can perform various malicious activities such as cryptocurrency mining, data theft, and installation of additional payloads. The recent version is more advanced, making it difficult to track and eliminate. 

Distribution of Necro Trojan

Users sometimes want premium or customized options that official versions don't have. But these unofficial mods, such as GB WhatsApp, Spotify+, and Insta Pro can contain malware. Traditionally, threat actors used these mods because they are distributed on unofficial sites that lack moderation. 

However, in the recent trend, experts discovered actors targeting official app stores via infected apps

In the latest case, Trojan authors abused both distribution vectors, a new variant of multi-stage Necro loader compromised modified versions of Spotify, Minecraft, and other famous apps in unofficial sources, and apps in Google Play. "The modular architecture gives the Trojan’s creators a wide range of options for both mass and targeted delivery of loader updates or new malicious modules depending on the infected application,” said the report.

Key Findings

  • The downloaded payloads can display ads in invisible windows, and interact with them. They can also execute arbitrary DEX files, install download apps, open arbitrary links in invisible WebView windows and run JavaScript, run a tunnel via the victim's device, and subscribe to paid services. 
  • The new variant of the Necro loader uses obfuscation to escape detection. 
  • The loader deployed in the app uses steganography tactics to hide payloads 

Read more »
WhatsApp
Cyber Attacks CyberCrime Cyberhackers Cybersecruity CyberThreat WhatsApp

WhatsApp Bans 7.1 Million Indian Users, Warns of More Bans for Rule Violations

 



A Meta-owned company called WhatsApp announced on Saturday that the company had banned more than 7.1 million Indian WhatsApp accounts for violating local laws in April. Approximately 1,302,000 of the 7,182,000 banned WhatsApp accounts were proactively blocked before any user reports. A company statement states that there are 7,182,000 banned WhatsApp accounts. Each month, thousands of Indians who are reported as scammers or violating the platform's privacy policies are banned. 
 
According to the latest India Monthly Report published by Meta, between April 1, 2024, and April 30, 2024, nearly 71 lakh Indian accounts were banned by the instant messaging service, a move to curb misuse and maintain platform integrity. Also, the company has assured us that in the future it will continue to implement more bans for users that continue to violate its rules.

As of April 1, 2018, WhatsApp banned a total of 7,182,000 accounts, of which 1,302,000 were proactively banned before any complaints from users. Taking this proactive approach is an integral part of WhatsApp's overall strategy to prevent abuse before it occurs. The company uses advanced machine learning and data analytics to identify suspicious behaviour patterns that indicate abuse before it occurs. 

The company received 10,554 reports from users in April 2024 regarding various topics such as account support, ban appeals, product support, and safety concerns. According to the stringent criteria for taking action on an account, there were only six accounts which were acted upon in response to these reports. 

A ban on Indian accounts is a clear indication that WhatsApp is complying with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 by publishing compliance reports detailing the actions taken to address the grievances and violations of law as outlined in the Rules. It is clear from the latest report from June 2024 that WhatsApp is doing a good job of curbing harmful behaviour by utilizing user complaints as well as the sophisticated detection mechanisms it has in place. 

In the opinion of some experts, the account "Actioned" refers to complaints on which WhatsApp has taken remedial action. It was also explained by WhatsApp that it had received two orders from the Grievance Appellate Committee of the country, and was able to comply with them both, as outlined in its monthly compliance report. As per the report, the new Indian IT Rules of 2021 appear to have been followed. 

The company, from what we can gather, appears to employ a team of engineers, data scientists, analysts, researchers, and experts in law enforcement, online safety, and technology development to oversee its efforts to ensure these efforts are carried out effectively. Despite its multi-faceted approach to detecting and preventing abuse, WhatsApp is claimed to use a multi-layered approach to prevent abuse. It assumes that a user's account lifecycle involves various stages that may be compromised or might cause potential issues. 

To detect and block suspicious registrations during the process of creating a WhatsApp account, WhatsApp has constructed a vulnerable mechanism. With this, WhatsApp can prevent bad actors from entering the platform in the first place and causing problems for the platform. As part of its use of ITA algorithms, WhatsApp also continuously scans messages for patterns that are indicative of harmful behaviour and sends notifications accordingly. As part of this, you may receive spam messages, threats, or misinformation that spreads across the Internet.

It is very important to note that WhatsApp takes its customers' feedback into account as well as playing a vital role in the scanning of accounts. A user's action of reporting or blocking contacts contributes to the detection system of WhatsApp when it comes to that contact. It is this initiative that may lead to WhatsApp taking further action and possibly barring accounts from using the service. In addition to this, WhatsApp has a dedicated team of analysts who are constantly looking for ways to improve the efficiency of the system by examining complex or unusual cases.
Read more »
WhatsApp
Banking Data Cyber Attacks Cyber Scams E-Commerce fake Hacking WhatsApp Malaysia Malware Attack Payment Gateway WhatsApp

The Fake E-Shop Scam Campaign Sweeping Southeast Asia, seizing users banking details

 

In recent years, cybercriminals have been increasingly employing sophisticated tactics to target individuals and organizations across the globe. One such alarming trend is the proliferation of fake e-shop scam campaigns, particularly prevalent in Southeast Asia. 

These campaigns, characterized by their deceptive methods and malicious intent, pose significant threats to cybersecurity and personal privacy. The emergence of the fake e-shop scam campaign targeting Southeast Asia dates back to 2021, with a notable surge in activity observed by cybersecurity researchers in September 2022. 

Initially concentrated in Malaysia, the campaign swiftly expanded its operations to other countries in the region, including Vietnam and Myanmar. This expansion underscores the growing sophistication and reach of cybercriminal networks operating in Southeast Asia. At the heart of these malicious campaigns are phishing websites designed to deceive unsuspecting users. 

These websites often masquerade as legitimate e-commerce platforms or payment gateways, luring victims into providing sensitive information such as login credentials and banking details. Once users are enticed to visit these fraudulent sites, they are exposed to various forms of malware, including malicious Android applications packaged as APK files. 

The modus operandi of the attackers involves social engineering tactics, with cybercriminals leveraging popular communication platforms like WhatsApp to initiate contact with potential victims. By impersonating cleaning services or other seemingly innocuous entities on social media, the perpetrators exploit users' trust and curiosity, leading them to engage in conversations that ultimately result in malware infection. 

The malware deployed in these fake e-shop scam campaigns is multifaceted and constantly evolving to evade detection and maximize its impact. Initially focused on stealing login credentials for Malaysian banks, including prominent institutions like Hong Leong, CIMB, and Maybank, the malware has since incorporated additional functionalities. These include the ability to take screenshots, exploit accessibility services, and even facilitate screen sharing, granting the attackers unprecedented control over infected devices. 

Furthermore, the attackers have demonstrated a keen understanding of the linguistic and cultural nuances of their target regions. In Vietnam, for example, the campaign specifically targeted customers of HD Bank, employing phishing websites tailored to mimic the bank's online portal and language. Similarly, in Myanmar, the attackers utilized Burmese language phishing pages to enhance the credibility of their schemes among local users. 

The implications of these fake e-shop scam campaigns extend beyond financial losses and reputational damage. They represent a direct assault on user privacy and cybersecurity, with far-reaching consequences for individuals and businesses alike. The theft of sensitive personal and financial information can lead to identity theft, unauthorized transactions, and even ransomware attacks, resulting in significant financial and emotional distress for victims. 

In response to these evolving threats, cybersecurity experts emphasize the importance of proactive measures to safeguard against malicious activities. This includes exercising caution when interacting with unfamiliar websites or online advertisements, regularly updating antivirus software, and staying informed about emerging cybersecurity threats. 

Ultimately, combating the scourge of fake e-shop scam campaigns requires collective action and collaboration among stakeholders across the cybersecurity ecosystem. By raising awareness, implementing robust security measures, and fostering a culture of cyber resilience, we can mitigate the risks posed by these insidious threats and protect the integrity of our digital infrastructure.
Read more »
WhatsApp updates
Authentication Mobile Security user data security WhatsApp WhatsApp security features WhatsApp updates

WhatsApp Beta Testing Expanded Authentication Methods for App Lock Feature

 

In a world where privacy and security are increasingly important, WhatsApp continues to prioritize the protection of user data through encrypted messaging. Recently, the app has been testing a new label to highlight chat encryption, further emphasizing its commitment to safeguarding user conversations. 

Additionally, WhatsApp has released utilities such as chat lock and app lock to enhance chat security and privacy. One notable feature is chat lock, which allows users to hide private conversations from the main chat lists. By enabling chat lock on a per-conversation basis, users can ensure that sensitive chats remain secure. When activated, users are prompted for biometric authentication, either through face or fingerprint recognition, before accessing locked chats. For users who require comprehensive protection for all their chats, WhatsApp offers app lock functionality. 

This feature, available at a device level on certain Android skins by major OEMs, allows users to secure the entire app with biometric authentication or device passcodes. Recently, in the latest WhatsApp beta version 2.24.6.20, the app's app lock feature underwent significant enhancements. According to findings by WABetaInfo, app lock is expanding to include additional authentication methods beyond just biometric fingerprint recognition. 

The update will introduce options such as face unlock and device passcodes, providing users with more flexibility in securing their chats. The inclusion of multiple authentication methods serves as a backup for fingerprint authentication, ensuring accessibility even in scenarios where fingerprint recognition may not be feasible. 

For example, users wearing gloves can still unlock the app using alternative methods. Moreover, the expansion of authentication options enhances accessibility for users who may face limitations with certain authentication methods. While the introduction of new authentication methods represents a significant improvement to WhatsApp's app lock feature, users are advised to exercise caution when installing the latest beta version. The current beta release may be prone to crashes, potentially compromising the app's core functionality. 

Therefore, it is recommended to await a wider release before attempting to access the new features. In conclusion, WhatsApp's dedication to user privacy and security is evident through its continuous efforts to enhance encryption and introduce innovative security features. The expansion of authentication methods for the app lock feature underscores WhatsApp's commitment to providing users with robust security options while maintaining accessibility and ease of use.
Read more »
WhatsApp
Apple Cyber Crime Cyberattacks CyberCrime DMA Compliant E2EE iMessage Messenger Meta Privacy Protocol Technology Fusion TikTok WhatsApp

Signal Protocol Links WhatsApp, Messenger in DMA-Compliant Fusion

 


As part of the launch of the new EU regulations governing the use of digital "gatekeepers," Meta is ready to answer all of your questions about WhatsApp and Messenger providing end-to-end encryption (E2EE), while also complying with the requirements outlined in the Digital Markets Act (DMA). A blog post by Meta on Wednesday detailed how it plans to enable interoperability with Facebook Messenger and WhatsApp in the EU, which means users can message each other if they also use Signal's underlying encryption protocol when communicating with third-party messaging platforms. 

As the Digital Markets Act of Europe becomes more and more enforced, big tech companies are getting ready to comply with it. In response to the new competition rules that took effect on March 6, Google, Meta, and other companies have begun making plans to comply and what will happen to end users. 

There is no doubt that the change was not entirely the result of WhatsApp's decision. It is known that European lawmakers have designated WhatsApp parent company Meta as one of the six influential "gatekeeper" companies under their sweeping Digital Markets Act, giving it six months to allow others to enter its walled garden. 

Even though it's just a few weeks until the deadline for WhatsApp interoperability with other apps approaches, the company is describing its plans. As part of the first year of the regulation, the requirements were designed to support one-to-one chats and file sharing like images, videos, or voice messages, with plans for these requirements to be expanded in the coming years to include group chats and calls as well. 

In December, Meta decided to stop allowing Instagram to communicate with Messenger, presumably to implement a DMA strategy. In addition to Apple's iMessage app and Microsoft's Edge web browser, the EU has also made clear that the four parent companies of Facebook, Google, and TikTok are "gatekeepers," although Apple's parent company Alphabet and TikTok's parent company ByteDance are excluded. 

ETA stated that before the company can work with third-party providers to implement the service, they need to sign an agreement for interoperability between Messenger and WhatsApp. To ensure that other providers use the same security standards as WhatsApp, the company requires them to use the Signal protocol. 

However, if they can be found to meet these standards, they will accept others. As soon as another service sends a request for interoperability, Meta is given a window of three months in which to do so. The organization warns, however, that functionality may not be available for the general public to access immediately. 

The approach Meta has taken to interoperability is designed to meet the DMA requirements while also providing a feasible option for third-party providers looking to maximize security and privacy for their customers. For privacy and security, Meta will use the Signal Protocol to ensure end-to-end encrypted communication. This protocol is currently widely considered the gold standard for end-to-end encryption in E2EE.
Read more »
WhatsApp
Android Cyberattacks CyberCrime Cybersecurity Meta Technology WhatsApp

WhatsApp's New Twinning Feature: Manage Two Accounts on a Single Device

 


There has been an announcement by Meta that users of smartphone devices will soon have the ability to use two WhatsApp accounts on the same device. 

According to Zuckerberg, switching between work and personal accounts is now much easier with this feature in place – now you don't have to worry about logging out individually each time, carrying two phones, or having your messages sent from the wrong account. 

The WhatsApp Business feature has been in development for a few months now, both in the beta version of WhatsApp and in the business version. Now it is finally available. In a recent press release, Meta said the new capability aimed at making switching accounts easier for users, such as switching between their personal phone numbers and their professional numbers, a feature aimed to simplify life for users. 

There are many people who prefer to maintain two WhatsApp accounts: one for work and one for personal communication. As a result, these users need to download a copying app on Android or setup a WhatsApp Business account on iOS in order to use this method. In this situation, it is important to point out that the multi-account login feature opens up.

It gives users the option to switch from one WhatsApp account to another with just a few taps. For the feature to be enabled, users will need to obtain a new phone number (with a SIM card) or a new phone with multiple SIMs installed in order to use it. Through a one-time password, a verification will be done for the second number by the app.  

There has been some discussion regarding the availability of the feature on Android, but to date, it is only available on Android devices. In the coming weeks, users are expected to receive the new update. Meta also recommends that users only use the official WhatsApp application and not download unofficial or fake versions to make it easier for them to add more accounts. 

WhatsApp assures users that their messages are secure and private, whereas imitations may not provide the same level of security for your messages. Currently, Meta's decision is to create a new feature to make it easier for users to use multiple WhatsApp accounts on different devices in the future. 

As of 2021, Meta has now expanded this feature to include other smartphones, so users will now be able to access their accounts on Android tablets, browsers, or computers using the multi-device feature. As a result, users of Meta will now be able to use their WhatsApp accounts on two different smartphones simultaneously. 

When setting up a second account, users can do so by going to Settings > Add Account. When setting up, they will need their second mobile phone with a SIM or a device that has the physical or eSIM capabilities for multi-SIM. It was announced earlier this week that each account can have its own notifications and privacy settings. 

With the passkey support that WhatsApp launched earlier this week for the Android version, users can no longer use SMS-based two-factor authentication to log into the app. The Chief Executive Officer (CEO) of Meta, Mark Zuckerberg, has unveiled an upcoming functionality that will enable users to utilize two WhatsApp accounts on one device, thereby streamlining the administration of personal and professional dialogues. 

This functionality, initially accessible on the Android platform, is scheduled for global implementation in the forthcoming weeks. Users will be required to possess an extra telephone number for verification purposes. Meta strongly advises against the acquisition of unofficial WhatsApp versions due to security concerns. This advancement is congruent with Meta's endeavours to augment user satisfaction and extend multi-account capabilities across diverse devices.
Read more »
WhatsApp
Calling Cybersecurity IP Masking Privacy Techincal Updation WhatsApp

Securing Your Conversations: WhatsApp Introduces IP Masking for Calls

 


Meta-owned WhatsApp is rolling out a new option on Android and iOS to make it harder for hackers to infer users' location by protecting their IP address in calls. With this new 'protect IP address in calls' feature, users will get to add an extra layer of security to their calls by protecting their IP address and location from malicious actors, reports WABetaInfo. 

Besides allowing users to create AI-generated stickers, WhatsApp is also working on something much more serious. The Meta-owned instant chat messaging platform is planning a new privacy feature that will make IP tracking a lot more difficult to achieve. 

India is witnessing a surge in cyber fraud cases and one of the most vulnerable platforms to these scams is WhatsApp. With millions of active users, the Meta-owned instant messaging app is becoming common ground for scammers to spread their tricks. So, to protect users, Meta is working on a new security feature that will allow users to block their location from being tracked down using their IP address during a call. 

According to WABetaInfo, WhatsApp previously introduced the silence unknown callers feature, allowing users to mute calls from unfamiliar contacts to enhance call privacy. The latest update reveals a new privacy relay feature for calls. 

The toggle states that enabling it would make it more difficult for people to infer your location from your message, and it goes on to explain how WhatsApp would accomplish this task. It's also worth mentioning that it's likely that this feature will remain an opt-in feature that will not be used too often because the quality of users calls would be sacrificed to have this extra layer of security. 

WhatsApp is yet to confirm when the toggle will be available on the stable version, which is expected by the end of the year, but it intends to make it available to all users in the future. However, the company has not yet confirmed the exact date when the toggle will be available on the stable version of the app. 

Using the new IP address protection feature, users can protect their location information during a call, which makes it harder for those they are communicating with to pinpoint their precise location, thus increasing the privacy of their location information during a call. This feature is not yet available on WhatsApp. 

Wabetainfo noticed it during testing and it was first observed in the WhatsApp beta for Android 2.23.18.15 update, but has not been officially announced yet. This means that an upcoming update to the app is likely to include it. 

It seems to us that this privacy safeguard applies to both voice and video calls, as there is no mention that it is limited to voice calls. According to WhatsApp's support page, both calls as well as texts or media that are sent via the platform are protected by end-to-end encryption, which is used to make sure none of the information is disclosed to the wrong parties. 

Overall, it is positive news to hear that WhatsApp is doing its utmost to improve user security, which is especially pertinent given that Meta Platforms has long been accused of neglecting user privacy. In the meantime, WhatsApp has announced that it will now offer a feature called "Silence Unknown Callers" in its settings menu.

Introducing the new feature in an official blog post of Meta, a company that announced it. It revealed the feature would give users more control and privacy over their incoming calls through the "Silence Unknown Callers" feature. For enhanced protection on the platform, the feature will screen out spam, scams, and phone calls from unknown people automatically. 

It has been announced that Mark Zuckerberg, Founder and CEO of Meta, will be releasing a new privacy feature on WhatsApp that allows users to automatically silence incoming calls from unknown contacts, as a more secure means of maintaining privacy and control. 

The new feature, which can be turned on or off, will silence incoming calls from unknown numbers once it is turned on. However, WhatsApp continues to show the call history in the call list tab and notifications so that users are not left out of important calling opportunities.
Read more »
WhatsApp
Cyber Attacks CyberCrime Cybersecurity Jews Lawsuit NSO WhatsApp

WhatsApp Debunks Baseless Claims of Cyberattack Targeting Jews

 


Forwarded messages spewing rumours of cyberattacks targeting Jewish people, or stoking fears that Jewish people might be the target of cyberattacks, have no basis in reality, according to Meta's WhatsApp messaging service. 

Numerous online platforms have appeared to be spreading the warnings in recent days, with warnings beginning to circulate on Saturday. Scott Melker, one of the most influential crypto influencers on X, who has over one million followers, posted a warning on the social network asking that people share it with others. 

Hackers will use the WhatsApp app to lure WhatsApp users to download a file called "Seismic Waves CARD" the app, which will allow them to hack their phones in less than 10 seconds after installing the app. A post by Melker has been retweeted 200 times and has been viewed more than 250,00 times as of this writing. 

As reported by NBC News, the warning has been posted more than 30 times on X and has also spread to other social media and messaging services, including Facebook, Twitter, WhatsApp and WhatsApp Messenger. There have been more than a dozen other posts since then, including one that was posted by a former Twitter user who spread the warning across Twitter, Facebook, and other social media platforms. 

In a recent interview with the New York Times, WHO Communications Manager Emily Westcott stated that similar rumours have circulated before and that the company had previously confirmed that the messages hacked by "seismic waves" had been false. There have been several hoaxes popping up of late, warning of the download of a “Seismic Waves CARD”, which supposedly relates to the Moroccan earthquakes. 

The message copycats elements of a previous hoax warning issued just several weeks ago. A Snopes report in September confirmed that those messages were also false and that WhatsApp had lied about them.

A Similar Hoax Has Been Reported in The Past 

In a report published by multiple news outlets, Emily Westcott, a communications manager at WhatsApp, owned by Meta, stated that this type of hoax has been reported in the past. 

According to her, similar messages regarding the September earthquake in Morocco had also been falsely reported by the company in a previous statement that was made to fact-checking website Snopes. Even though spyware has cropped up in the past, this issue is rare to date and the spread of the hoax plays to the fears that victims may have about spyware on their phones.

As per researchers, Israeli cyber-intelligence company NSO Group created spyware in 2019 which was capable of infecting cell phones through the app's voice calling function based on a vulnerability found in WhatsApp's code. 

According to WhatsApp's lawsuit against NSO, the spyware was allegedly targeting 1,400 users, including journalists, lawyers, human rights activists, political dissidents, diplomats, and foreign officials in a position to represent a foreign government. It has been reported that NSO's products were at least a minor part of the murder of the Washington Post journalist Jamal Khashoggi. 

Elon Musk has been criticized heavily for his more relaxed approach to content moderation and the spread of misinformation at X, and as a result, Musk himself has commented on conspiracy theories that are spreading throughout the site. After Musk posted a message on Sunday urging X users to stay updated on the Israel-Hamas fighting by following accounts known for promoting lies, Musk deleted the post after a few hours. 

A number of those accounts have also posted antisemitic content in the past, including a statement that said, "The overwhelming majority of people who work in the media and banks are Zionists," which is antisemitic. Several videos from previous conflicts have been repackaged and distributed on the Internet in the days following the outbreak of the war, including videos repurposing to show footage from the ground, video game clips claiming to show footage from the ground, and a false press release from the White House claiming the Biden administration had provided $8 billion in emergency aid to Israel.
Read more »
WhatsApp
alternative messaging apps Cyber Security End-to-End Encryption Privacy Concerns Secure Messaging Signal app SMS security risks SMS vulnerabilities Telegram WhatsApp

Seure Messaging Apps: A Safer Alternative to SMS for Enhanced Privacy and Cybersecurity

 

The Short Messaging Service (SMS) has been a fundamental part of mobile communication since the 1990s when it was introduced on cellular networks globally. 

Despite the rise of Internet Protocol-based messaging services with the advent of smartphones, SMS continues to see widespread use. However, this persistence raises concerns about its safety and privacy implications.

Reasons Why SMS Is Not Secure

1. Lack of End-to-End Encryption

SMS lacks end-to-end encryption, with messages typically transmitted in plain text. This leaves them vulnerable to interception by anyone with the necessary expertise. Even if a mobile carrier employs encryption, it's often a weak and outdated algorithm applied only during transit.

2. Dependence on Outdated Technology

SMS relies on Signaling System No. 7 (SS7), a set of signalling protocols developed in the 1970s. This aging technology is highly insecure and susceptible to various cyberattacks. Instances of hackers exploiting SS7 vulnerabilities for malicious purposes have been recorded.

3. Government Access to SMS

SS7 security holes have not been adequately addressed, potentially due to government interest in monitoring citizens. This raises concerns about governments having the ability to read SMS messages. In the U.S., law enforcement can access messages older than 180 days without a warrant, despite efforts to change this.

4. Carrier Storage of Messages

Carriers retain SMS messages for a defined period, and metadata is stored even longer. While laws and policies aim to prevent unauthorized access, breaches can still occur, potentially compromising user privacy.

5. Irreversible Nature of SMS Messages

Once sent, SMS messages cannot be retracted. They persist on the recipient's device indefinitely, unless manually deleted. This lack of control raises concerns about the potential exposure of sensitive information in cases of phone compromise or hacking.

Several secure messaging apps provide safer alternatives to SMS:

1. Signal
 
Signal is a leading secure messaging app known for its robust end-to-end encryption, ensuring only intended recipients can access messages. Developed by the non-profit Signal Foundation, it prioritizes user privacy and does not collect personal data.

2. Telegram

Telegram offers a solid alternative to SMS. While messages are not end-to-end encrypted by default, users can enable Secret Chats for enhanced security. This feature prevents forwarding and limits access to messages, photos, videos, and documents.

3. WhatsApp

Despite its affiliation with Meta, WhatsApp is a popular alternative with billions of active users. It employs end-to-end encryption for message security, surpassing the safety provided by SMS. It's available on major platforms and is widely used among contacts.

In conclusion, SMS is not a recommended option for individuals concerned about personal cybersecurity and privacy. While it offers convenience, its security shortcomings are significant. 

Secure messaging apps with end-to-end encryption are superior alternatives, providing a higher level of protection for sensitive communications. If using SMS is unavoidable, caution and additional security measures are advised to safeguard information.
Read more »
WhatsApp
2FA Android App Bogus Apps Data Breach Pre-installed apps Signal User Data Leak User Privacy WhatsApp

Fake Android App Enables Hackers to Steal Signal and WhatsApp User Data

Cybercriminals have recently developed a highly sophisticated approach to breach the security of both WhatsApp and Signal users, which is concerning. By using a phony Android conversation app, cybercriminals have been able to obtain user information from gullible individuals. There are significant worries regarding the vulnerability of widely used messaging services in light of this new threat.

Cybersecurity experts have reported that hackers have been exploiting a spoof Android messaging software to obtain users' personal information without authorization, specifically from Signal and WhatsApp users. With its slick layout and promises of improved functionality, the malicious app lures users in, only to stealthily collect their personal information.

Using a traditional bait-and-switch technique, the phony software fools users into thinking they are utilizing a reliable chat service while secretly collecting their personal data. According to reports, the software misuses the required rights that users are requested to provide during installation, giving it access to media files, contacts, messages, and other app-related data.

Professionals in cybersecurity have remarked that this technique highlights the growing cunning of cybercriminals in taking advantage of consumers' trust and the weaknesses in mobile app ecosystems. It is emphasized that consumers should exercise caution even when they download programs from official app stores because harmful apps can occasionally evade detection due to evolving evasion strategies.

Researchers studying security issues advise consumers to protect their data right away by taking preventative measures. It is advised to carefully examine user reviews and ratings, confirm the app's permissions before installing, and exercise caution when dealing with unapproved sources. Moreover, setting two-factor authentication (2FA) on messaging apps can provide an additional degree of security against unwanted access.

Signal and WhatsApp have reaffirmed their commitment to user privacy and security in response to this new threat. Users are encouraged to report any suspicious behavior and to remain alert. The event serves as a reminder that users and platform providers alike share responsibility for cybersecurity.

Dr. Emily Carter, a cybersecurity specialist, has stressed that a proactive approach to digital security is crucial in light of the hackers' increasing strategies. Users must be aware of potential risks and exercise caution when interacting with third-party apps, particularly those that request an excessive amount of permissions."

The necessity for ongoing caution in the digital sphere is highlighted by the recent usage of a phony Android chat app to steal user data from Signal and WhatsApp. To avoid becoming a victim of these nefarious actions, consumers need to stay informed and take precautions as hackers continue to improve their techniques. People can contribute to the creation of a safer online environment by keeping up with the most recent cybersecurity trends and best practices.

Read more »
WhatsApp
Cyberattacks CyberCrime Cybersecurity End-to-End Encryption iMessage Privacy WhatsApp

E2E Encryption Under Scrutiny: Debating Big Tech's Role in Reading Messages

 


A recurring conflict between Silicon Valley and several governments is primarily about "end-to-end encryption," "backdoors," and "client-side scanning," which appear to be complex issues. However, in its simplest form, this issue boils down to the question: should technology companies be allowed to read people's messages?  

In the last few years, this fundamental dispute has rumbled. With such a platform, you can chat with others using popular platforms such as WhatsApp, iMessage, Android Messages, and Signal. These platforms offer end-to-end encryption to ensure your privacy.  

In response to a potential landmark law being considered by the UK government, Meta's Mark Zuckerberg is on a collision course with the UK government. This is over his continued plans to build ultra-secure messaging into all his apps despite a ban. Various governments around the world are closely watching the showdown to see who blinks first as they oppose popular technology as well. 

The biggest argument in technology, the argument about End-to-End encryption, backdoors, and client-side scanning, seems very complicated right now. There is, however, a simple question to answer to determine the outcome. What are the consequences of technology companies reading text messages? 

The crux of this disagreement has been brewing in Silicon Valley for years. It continues to have repercussions across the globe involving at least a dozen nations. There are several end-to-end encryption services in the market including WhatsApp, iMessage, Android Messages, and Signal.

This technology means that only the person sending the message, at one end, and the person receiving the message, at the other end, will be able to see, hear, and read the messages. There is no access to the content for anyone but the app makers. 

Messages are encrypted and decrypted using cryptographic keys stored on endpoints that are configured to handle them. Encryption is based on public key technology, which is very secure. 

Personalized, or asymmetric, encryption is composed of a private key and a public key shared with others. Upon sharing the public key, others can use the private key to encrypt a message and send it to the private key owner. Decrypting the message with the corresponding private key involves using the decryption key. 

Almost always, when two parties involved in an exchange communicate online, an intermediary is entrusted with the task of handling the messages between the two parties. There are usually a variety of intermediaries including servers that belong to ISPs, telecom companies, or a variety of other companies that serve as mediators.  

Using a public key infrastructure such as E2EE's, intermediaries are unable to intercept messages that are sent between parties. It is recommended to embed the public key within a certificate digitally certified by a recognized certificate authority (CA) to ensure that a public key is a legitimate key created by a legitimate recipient. It can be assumed that a certificate signed by that public key is authentic since its distribution and knowledge of the public key is widespread; the legitimacy of a certificate signed by the public key can be relied upon. 

There might be a case in which the CA would reject a certificate that has a different public key associated with the same name as the one associated with the recipient since the certificate identifies the recipient's name and public key. 

It is imperative to note that a system that provides end-to-end encryption ensures that only the parties involved in sending and receiving messages, media, and phone calls can access the content, including app developers. Governments and security agencies reluctantly accepted the rise of these encrypted apps as they gained immense popularity and became increasingly popular. The fact that end-to-end encryption was not the standard for Messenger and Instagram arose four years ago when Mark Zuckerberg, the CEO of Meta, announced plans to implement it in their applications. 

Having launched this ambitious project back in 2012, Meta has been diligently working on it ever since. However, there are insufficient details regarding the project progress and the switchover timeline. There have been growing concerns, leading to requests to halt the switchover or create safeguards to protect consumers. As well, law enforcement agencies such as Interpol, in several countries have expressed concerns about the technology. These countries include the United Kingdom, Australia, Canada, New Zealand, the United States, India, Turkey, Japan, and Brazil.

One of the most noticeable attempts to address this issue is the proposed Online Safety Bill in the UK. The paper suggests that technology companies must be encouraged to include backdoors in their systems that allow them to scan messages for illegal content. Even though this bill has sparked debates over the balance between privacy and security, it remains in the bill. There is no doubt that governments and law enforcement agencies believe that accessing message content is crucial for convicting criminals and protecting children from online grooming. However, opponents assert that end-to-end encryption is critical for maintaining privacy and safety online.

A recent survey conducted by the National Society for the Prevention of Cruelty to Children (NSPCC) revealed that 73% of the UK public believe that technology companies should have the legal obligation to scan private messages for child sexual abuse when they are in an end-to-end encrypted environment, according to the study conducted by YouGov. The Research Crime and Security Initiative has voiced concerns that the Online Safety Bill could have detrimental effects on end-to-end encryption, undermining privacy guarantees and setting the stage for citizen surveillance by repressive regimes to become more common. 

Adding to the discussion, WhatsApp and Signal have both announced that they will withdraw their services from the UK if security is compromised in favor of end-to-end encryption. It is thought that this may be their way of expressing their commitment to end-end encryption. The discussion about end-to-end encryption in Twitter messages was further sparked by Elon Musk's announcement of his plans to integrate it directly into the system. 

Although implementing end-to-end encryption is a complex process and a significant financial undertaking, technology companies view it as necessary to regain users' trust after several high-profile data breaches. As a result of this encryption, it becomes much harder to monitor content users share with others, which makes content moderation more challenging. 

There is a continuing debate between governments, privacy organizations, and tech companies regarding the ethical and legal ramifications of end-to-end encryption while negotiating a careful balance between privacy, security, and online abuses. 

Big Switchover 

End-to-end encrypted apps have grown in the last ten years as billions of people use them every day, making them one of the fastest-growing app categories. Law enforcement officers will likely lose out on one of their most critical sources of evidence if they cannot ask Meta for people's messages in the future. 

The government and security agencies were slow to accept that end-to-end encryption would, as a standard, be implemented in the Messenger and Instagram apps. This was until Facebook founder Mark Zuckerberg announced four years ago that apps would transition to end-to-end encryption. 

End-to-end: Undermines Privacy

In another letter published on Wednesday, 68 prominent defense and privacy researchers expressed their dissatisfaction with the Online Safety Bill for breaking end-to-end encryption, which shows the passion on both sides of this debate. 

As a result of the law, experts say tech firms cannot implement safety measures to prevent children from being harmed. However, they can maintain user privacy.

Rebuilding Trust

Despite this, WhatsApp and Signal have made it clear that they are strongly opposed to any compromise to the security of end-to-end encryption in the UK. 

Announcing in May that Elon Musk was incorporating end-to-end encryption into Twitter messages was not only a worry for those who criticize the technology but also compounded the problem for those who criticize it. A meta-analysis shows that switching to technology is one of the most challenging decisions companies have to make, but it is worth it in the end. 

After years of data scandals, big tech organizations feel regaining customers' trust in their services is the key to regaining customers' confidence.
Read more »
WhatsApp
BingeChat ESET ESET Research GravityRAT malware SpaceCobra WhatsApp

GravityRAT: ESET Researchers Discover New Android Malware Campaign


ESET researchers have recently discovered a new Android malware campaign, apparently infecting devices with an updated version of GravityRAT, distributed via messaging apps BingeChat and Chitaco. The campaign has been active since August 2022.

According to ESET researcher Lukas Stenfanko who examined a sample after getting a tip from MalwareHunterTeam, it was found that one of the noteworthy new features seen in the most recent GravityRAT version is the ability to collect WhatsApp backup files.

GravtiRAT

A remote access tool called GravityRAT has been used in targeted cyberattacks on India since at least 2015 and is known to be in use. There are versions for Windows, Android, and macOS, as previously reported by Cisco Talos, Kaspersky, and Cyble. However it is still unknown who is the actor behind GravityRAT, the group has been internally defined as SpaceCobra.

Although GravityRAT has been active since at least 2015, it only began specifically focusing on Android in 2020. Its operators, 'SpaceCobra,' only employ the malware in specific targeting tasks.

Current Android Campaign

According to ESET, the app is delivered via “bingechat[.]net” and other domains or distribution channels, however, the downloads require invites, entering valid login information, or creating a new account.

While registrations are currently closed, this method only enables the threat actors to distribute the malware to targeted users. Additionally, accessing a copy for analysis becomes more difficult for researchers. 

Upon installation on the target's smartphone, the BingeChat app makes dangerous requests for access to contacts, location, phone, SMS, storage, call records, camera, and microphone.

Since these are some typical permissions asked of the users for any instant messaging apps, the malicious app goes unsuspected.

The program provides call records, contact lists, SMS messages, device location, and basic device information to the threat actor's command and control (C2) server before the user registers on BingeChat.

Along with the aforementioned records, files, and document files of jpg, jpeg, log, png, PNG, JPG, JPEG, txt, pdf, xml, doc, xls, xlsx, ppt, pptx, docx, opus, crypt14, crypt12, crypt13, crypt18, and crypt32 types, have also been compromised.

While SpaceCobra’s malware campaign is mainly targeting India, all Android users are advised to refrain from downloading APKs anywhere other than Google Play and be very careful with potentially risky permission requests while installing any app.

Read more »
WhatsApp updates
Data Transfer legal and regulatory issues Meta Technology UPI WhatsApp WhatsApp Pay WhatsApp updates

Mata: Challenges in Data Transfer Between Countries May Affect Services


Meta, in a recent report, stated how its inability to transfer data "between countries and regions," where the company operates, may alter its ability to provide services to its users. The company added that this issue may further affect its financial results.

Apparently, Meta has been facing lawsuits in Europe and India, along with other jurisdictions for its 2016 and 2021 updates on WhatsApp on the basis of its service and privacy policy.

In a statement provided on Wednesday, Meta wrote, "If we are unable to transfer data between and among countries and regions in which we operate, or if we are restricted from sharing data among our products and services, it could affect our ability to provide our services, the manner in which we provide our services or our ability to target ads, which could adversely affect our financial results."

The multinational conglomerate further noted that countries like India and Turkey are apparently considering enacting legislation that requires local data storage and processing or is considering doing so already.

These legislative laws “could increase the cost and complexity of delivering our services, cause us to cease the offering of our products and services in certain countries, or result in fines or other penalties," the company said in Form 10-K.

The company has been under continuous legal and regulatory issues in a number of jurisdictions, one being India.

The Competition Commission of India is currently looking into the issue, investigating Meta for its alleged anti-competitive practices. Adding to this, the company is also facing lawsuits in regard to its unified payments interface (UPI) service WhatsApp Pay.

Amidst the ongoing investigations and legal actions, Amrita Mukherjee, Director, Legal, India operations, was purportedly fired by the corporation as part of a recent series of layoffs. The layoff has been a component of Meta's downsizing strategy, which was disclosed in March and will affect some 10,000 employees worldwide.

The issue is especially significant for Meta, since it has a weighty presence in India, with more than half a billion users utilizing its services.

The company's daily active users (DAUs) grew by 4% to 2 billion on average through December 2022 from the previous year, according to its annual report. The top three countries for DAU growth during that time were Bangladesh, the Philippines, and India.  

Read more »
WhatsApp
Elon Musk End-to-End Encrypted Messaging Services Online Safety Bill Signal Technology Twitter WhatsApp

Twitter Launches End-to-End Encrypted Messaging Services


Twitter has become the newest social media platform to be providing encrypted messaging service.

End-to-end Encryption 

Direct messages delivered on the platform will be end-to-end encrypted, i.e. private and only readable by the sender and receiver. However, Chief executive Elon Musk has warned Twitter users to “try it, but don’t trust it yet,” taking into account that it is only an early version of the service.

Only users of Twitter Blue or those connected to verified Twitter accounts are currently able to use the service, which is not yet available to the general public. Additionally, users can only send text and links in conversations for now; media attachments cannot yet be sent.

In a post on its support site, Twitter writes “It was not quite there yet” with encryption. "While messages themselves are encrypted, metadata (recipient, creation time, etc) are not, and neither is any linked content[…]If someone - for example, a malicious insider, or Twitter itself as a result of a compulsory legal process - were to compromise an encrypted conversation, neither the sender or receiver would know," it further read. 

Online Safety Bill Criticized 

Musk indicated his plans to make Twitter into a "super-app" with many features when he purchased it in 2022. There is not really a similar platform in the West to China's super-app WeChat, which can be used for anything from social media and restaurant ordering to payments and texting.

Since then, he has made a number of significant modifications to the social network, such as the addition of a subscription service and the elimination of the previous version of Twitter's blue tick badges, which were designed to combat the spread of disinformation.

For a long time, many Twitter users have demanded that the platform's private messaging function be made more secure. The UK, where the government's Online Safety Bill would impose additional rules for social media companies, reportedly in an effort to safeguard youngsters from abuse, may find Mr. Musk's timing unsettling.

Messaging services WhatsApp and Signal have both criticized this part of the Online Safety Bill, which is presently making its way through Parliament.

They expressed concerns that the legislation might weaken end-to-end encryption, which is seen as a crucial tool by privacy activists and campaigners.

Following this, heads of the two messaging platforms signed a letter demanding a rethink over the bill. According to them, the bill, in its current form, opens the door to "routine, general and indiscriminate surveillance" of personal messages. In regards to this, a Home Office spokesperson stated, "The Online Safety Bill applies to all platforms, regardless of their design and functionality. Therefore, end-to-end encrypted services are in scope and will be required to meet their duties of care to users."

"We have made clear that companies should only implement end-to-end encryption if they can simultaneously uphold public safety. We continue to work with the tech industry to collaborate on mutually agreeable solutions that protect public safety without compromising security," he added.

Read more »
WhatsApp
Cyber Security Data Safety Safety Security User Data User Safety WhatsApp

WhatsApp Users Alerted About Possible Scam Calls From International Numbers

 

As per experts, if you're receiving missed calls, messages, or WhatsApp calls from international numbers starting with +254, +84, +63, or others, it's advised to "report and block" them. The Indian Cybercrime Coordination Centre (I4C) of the Home Ministry is spreading this alert to protect people from falling prey to cybercrime. Forensics and data analysis experts, who are actively working to combat this issue for the government, have cautioned that these numbers may be originating from countries such as Singapore, Vietnam, and Malaysia. These international numbers may be used by malicious individuals to obtain financial information unlawfully.

"This is a new cybercrime trend. People across India irrespective of their profession have been receiving calls and missed calls on WhatsApp from +254, +84, +63, +1(218) or other international numbers, and some of them have become victims of cybercrime. It has become more frequent," an expert in cyber intelligence and digital forensics told ANI on condition of anonymity.

"Cyber awareness and hygiene are one of the important aspects in policing and it is a much-appreciated initiative," the official added.

"From early morning between 6 am to 7 am or late in the night, such calls are being received by people from all groups whether he or she is a private employee, businessman, retired government officer or even school and college boy or girl. We need to be just aware of such calls."

A message received from a number starting with +243 said: "Hello, my name is Allena, may I take a few minutes of your time?"

"Now that the 5G era of the Internet has arrived, there are already many people who make money through the Internet. I believe you know it too. I must be added to make money. If you don't speak, you may miss an opportunity at a turning point in your life. There are not many opportunities. I hope you see and then respond to my message," the message said.

If a person or organization is the victim of a cyber-attack, the situation can be reported on the cybercrime.gov.in website, according to the experts, who added that "focused work is being done by the central agencies with the help of I4C to curb the cyber menace."

In March, Union Home Minister Amit Shah visited the Indian Cyber Crime Coordination Centre (I4C) and stated that the wing is trying to realize Prime Minister Narendra Modi's goal of a cyber-success society. He went on to say that the I4C allows for effective and seamless cooperation among all agencies and states in the fight against cybercrime.

Since its inauguration in 2018, the Indian Cyber Crime Coordination Centre, a "special purpose unit" of the Centre, has saved over Rs 12 crore from cybercrime victims.
Read more »
WhatsApp
Data Breach Job Scam Malicious Apps Mandiant Threat Intelligence North Korean Hackers User Privacy WhatsApp

Using Employment Offers, North Korean Hackers Target Security Researchers

 

Security experts have been the victim of a hacking campaign by threat actors associated with the North Korean government that use cutting-edge methods and malware in an effort to infiltrate the organizations the targets work for, according to researchers.

As per researchers from security company Mandiant, they first became aware of the activity in June of last year while monitoring a phishing attempt that was aimed at a US-based client in the technology sector. By using three new malware families—Touchmove, Sideshow, and Touchshift—the hackers in this effort aimed to infect targets. In addition, while operating inside the cloud environments of their targets, the hackers in these assaults displayed new ability to evade endpoint detection technologies.

In order to communicate with their victims using WhatsApp, the attackers utilize social engineering to persuade them to do so. It is at this point that the malware payload 'PlankWalk' with a C++ backdoor, which aids in infiltrating the corporate environment of the target, is delivered.

In this operation, Mandiant believed UNC2970 targeted specifically security researchers. The North Korean threat actor, UNC2970, repeatedly breached US and European media organizations, prompting a reaction from Mandiant. In an effort to lure the targets and deceive them into installing the new virus, UNC2970 used spearphishing with a job advertisement theme.

Historically, UNC2970 has sent spearphishing emails with themes of employment recruitment to certain target organizations. The hackers approach their targets over LinkedIn and pose as recruiters for jobs before launching their attack. They eventually switched to WhatsApp to carry on the recruitment process, sharing a Word document with malicious macros.

Mandiant claims that these Word papers may occasionally be styled to fit the job descriptions they are marketing to their targets.The trojanized version of TightVNC is fetched using remote template injection performed by the Word document's macros from infected WordPress websites that act as the attacker's command and control servers.

The malware loads an encrypted DLL into the system's memory once it has been executed using reflection DLL injection.The loaded file is a malware downloader called 'LidShot,'which performs system enumeration and launches PlankWalk, the last payload that establishes a foothold on the compromised device.

Previously, North Korean hackers used phony social media identities that claimed to be vulnerability researchers to target security experts working on vulnerability and exploit development. Companies should also take into account other security measures, such as restricting macros, utilizing privileged identity management, conditional access policies, and security warnings. A dedicated admin account should be used for delicate administration tasks, and a another account should be used for email sending, web browsing, and similar activities.





Read more »
WhatsApp
End To End Encryption Government Database internet outage Message encryption Proxy Server User Privacy Vulnerabilities and Exploits. WhatsApp

WhatsApp Allows Communication Amid Internet Outages

On January 5, WhatsApp revealed a new feature that enables users to connect via proxy servers so they may continue using the service even when the internet is restricted or disrupted by shutdowns.

Concept of Whatsapp proxy 

When selecting a proxy, users can connect to WhatsApp via servers run by individuals and groups devoted to promoting free speech throughout the world. According to WhatsApp, using a proxy connection preserves the app's privacy and security settings, and end-to-end encryption will continue to secure private conversations. As per the firm, neither the proxy servers, WhatsApp, nor Meta will be able to see the communications that are sent between them.

When it comes to assisting users when WhatsApp is prohibited in a country, the messaging service stated, "If WhatsApp is restricted in your nation, you can utilize a proxy to connect and communicate with loved ones. End-to-end encryption will still be used to protect private communications while using a proxy connection to WhatsApp."

In accordance with the new rules, internet service providers had to remove anything that law enforcement regarded to be illegal and cooperate with police investigations, which included locating the authors of malicious materials.WhatsApp countered this claim by saying that it will continue to secure users' private messages and would not compromise their security for any government.

According to Juras Jurnas of the proxy and online data collecting company Oxylabs, "For persons with government restrictions on internet access, such as was the situation with Iran, utilization of a proxy server can help people keep a connection to WhatsApp as well as the rest of the public, internet free."

After activists in response to the death of Mahsa Amini, 22, while in police detention, the Iranian government restricted access to Instagram and WhatsApp last year. The suspension of Article 370 of the Indian Constitution by the Indian Parliament resulted in a shutdown of the internet in the state of Jammu & Kashmir. This state-imposed lockdown was implemented as a precautionary measure. Only two districts, Ganderbal and Udampur, have 4G availability. After 552 days without internet or with slow internet, the former state was finally connected to 4G on February 6th, 2021.

The business stated it is working to ensure that internet shutdowns never occur and that individuals are not denied human rights or prevented from seeking immediate assistance as these scenarios arise in various locations throughout the world. 

Internet platforms had to comply with police investigations, including locating the authors of malicious information and destroying anything that authorities had determined to be illegal, according to the new legislation.WhatsApp countered that it would maintain the privacy of users' private messages and would not compromise its security for any government.






Read more »
WhatsApp
Data Data Breach Data Safety data security Security WhatsApp

Experts Look into WhatsApp Data Leak: 500M User Records for Sale

 

On November 16, an actor advertised a 2022 database of 487 million WhatsApp user mobile numbers on a well-known hacking community forum. The dataset is said to contain WhatsApp user data from 84 different countries. 

According to the threat actor, there are over 32 million US user records included. Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), France (20 million), and Turkey each have a sizable number of phone numbers (20 million). The dataset for sale also allegedly contains the phone numbers of nearly 10 million Russians and over 11 million UK citizens. The threat actor told Cybernews that they were selling the US dataset for $7,000, the UK dataset for $2,500, and the German dataset for $2,000.

Since such data is frequently used by attackers in smishing and vishing attacks, we advise users to be cautious of any calls from unknown numbers, as well as unsolicited calls and messages. According to reports, WhatsApp has more than two billion monthly active users worldwide. The seller of WhatsApp's database provided a sample of data to Cybernews researchers upon request. The shared sample included 1097 UK and 817 US user numbers.

Cybernews probed all of the numbers in the sample and was able to confirm that they are all WhatsApp users. The seller did not say how they obtained the database, only that they "used their strategy" to collect it, and assured Cybernews that all the numbers in the instance belong to active WhatsApp users.

Cybernews contacted WhatsApp's parent company, Meta, but received no immediate response. We will update the article as soon as we learn more. The data on WhatsApp users could be obtained by harvesting information at scale, also known as scraping, which is against WhatsApp's Terms of Service.

This claim is entirely speculative. However, large data dumps posted online are frequently obtained through scraping. Over 533 million user records were leaked on a dark forum by Meta, which has long been chastised for allowing third parties to scrape or collect user data. The actor was practically giving away the dataset for free.

Days after a massive Facebook data leak made headlines, a popular hacker forum listed an archive containing data purportedly scraped from 500 million LinkedIn profiles for sale. Phone numbers that have been leaked could be used for marketing, phishing, impersonation, and fraud.

Head of Cybernews research team Mantas Sasnauskas said, “In this age, we all leave a sizeable digital footprint – and tech giants like Meta should take all precautions and means to safeguard that data. We should ask whether an added clause of ‘scraping or platform abuse is not permitted in the Terms and Conditions’ is enough. Threat actors don’t care about those terms, so companies should take rigorous steps to mitigate threats and prevent platform abuse from a technical standpoint.”
Read more »
Subscribe to: Posts (Atom)