A Week in Security (Apr 05 - 11)

A Week in Security (Apr 19 – 25)

Last week, our researchers focused on an industry we regularly talk about here on Malwarebytes Unpacked: videogaming. First off, we covered news of Steam’s effort to improve the security of its users by introducing limited user accounts.

Our researchers also discussed TeslaCrypt, a now known ransomware that targets gamers, and how one should respond properly once affected. The main takeaway from the campaign is to regularly backup files, whether they’re game-, work-, or media-related.

Of course, no day is really complete unless we start talking about scams, and they are everywhere. The latest one we found and discussed are fake Instagram apps for Blackberry phones and highly suspicious “tools” used to hack into user accounts.

Finally, we pushed out a technical brief on what a zero-day campaign looks like and how the criminals behind it can be forward thinking at best and deliberately evasive at worse.

Notable news stories and security related happenings:

  • Wi-Fi Software Security Bug Could Leave Android, Windows, Linux Open to Attack. “The vulnerability is similar in some ways to the Heartbleed vulnerability in that it doesn’t properly check the length of transmitted data. But unlike Heartbleed, which let an attacker read contents out of memory from beyond what OpenSSL was supposed to allow, the wpa_supplicant vulnerability works both ways: it could expose contents of memory to an attacker, or allow the attacker to write new data to memory.” (Source: Ars Technica)
  • Financial Botnets Go Beyond Banking to Hit Payroll, HR Portals. “Recent takedowns force criminals to keep their botnets modest, target smaller banks and compromise other types of networks for financial gain.” (Source: eWeek)
  • Feds Warn Airlines to Look Out for Passengers Hacking Jets. “In response to reports last week that passenger Wi-Fi networks make some planes vulnerable to hacking, the FBI and TSA have issued an alert to airlines advising them to be on the lookout for evidence of tampering or network intrusions.” (Source: Wired)
  • What is the Real Value of Your Precious, Precious Data? “Value is ‘value to whom’ and that also depends upon the time and place.” (Source: The Register)
  • Google Moves to Encrypt Ad Traffic. “Encryption by default is a popular goal for internet companies, and Google has done its part to use strong HTTPS encryption, for Search, Gmail, YouTube and Drive. The company is now moving its advertising platforms to HTTPS as well. Most of its ads will be served over encrypted links by the end of June.” (Source: InfoSecurity Magazine)
  • Twitter Cyberbullies Targeted with New Anti-Abuse Tools. “The social network has acknowledged that its previous rules, which said a threat needed to be ‘direct’ and ‘specific’ to justify its intervention, had been too ‘narrow’.” (Source: The BBC)
  • Medical Data Breaches are Breeding Unhealthy Fears. “There’s evidence that data breaches in the medical world are prompting some patients to avoid giving doctors sensitive information about themselves, including such conditions as mental health or drug abuse problems.” (Source: Albuquerque Journal)
  • Cell Phones a Harder Hack Target Than Computers, FireEye’s President Says. “But the reason mobile is more difficult for hackers to break through is, “you can’t find those mobile devices via IP [Internet protocol] addresses like you can find a server at a company.” (Source: CNBC)
  • Clickjackers: Inside The Strange New World Of Modern Spyware. ” Google estimates that five percent of web users are running ad injectors without knowing it and it’s driving marketers crazy – and it makes for some fascinating code.” (Source: TechCrunch)
  • eBay Magnetro Flaw Revealed and Patched. “If exploited, the vulnerability enables attackers to compromise any online store based on the Magento platform, and access credit card information and other customer financial and personal data. The flaw bypasses all security mechanisms and gives control of the store and its complete database, allowing credit card theft and administrative access into the system.” (Source: IT Security News)
  • Networking Flaw Opens Millions of iOS App Users to Data Theft. “Around 1,000 iOS apps are affected by a weakness in their mobile security which makes it easy for attackers to access encrypted data like passwords, bank account numbers and home addresses as they are being sent over the airwaves, according to a report from security firm SourceDNA.” (Source: The Guardian)

Safe surfing, everyone!

The Malwarebytes Labs Team