<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=156961&amp;fmt=gif">
Threat Thursday 19th September 2019

#ThreatThursday | 19th September 2019 | Cyber Security Updates

It’s another week, which can only mean a whole new glut of cyber threats plaguing our emails and internet. This week: Bugs are crawling in your home router, Phishers are lurking in our universities, and Jokers hijack the Google Play Store.

Home Routers Infested with Bugs

Independent research conducted on a series of home and small office routers has revealed a somewhat troubling list of common vulnerabilities and exposures (or CVEs, for you acronym lovers out there). The list, including such recognised names as Asus, Netgear, Lenovo and Zyxel, details a range of vulnerabilities most home users would rather be without, including SQL injection vulnerabilities, remote control exploits and “at least one” web application vulnerability. In other words, it’s much easier than it should be for these routers to be remotely compromised.

The whitepaper, from ISE, uncovers each exploit (with exceptional detail, we might add) and concludes with its protective recommendations for manufacturers. It also demonstrates that the rush to get connected to the “Internet of Things” often comes at the expense of security – with both manufacturers and the public having a lot to learn about staying protected on there.  

Universities Challenged by Large-Scale Phishing Attack

A discovery by shows that universities all over the world are being targeted in a colossal phishing campaign from the Iranian hacking collective Cobalt Dickens. Incorporating more than 20 phishing domains – suggesting a campaign of no small size – the landing pages are designed to steal the credentials of university students using false webpages themed around library services. So far, nearly 400 universities over more than 30 countries are being targeted – in some cases, multiple times.

The campaign works much like any other phishing campaign; emails containing spoofed URLs are sent to students, who are then redirected to convincing fakes of their university’s library resource. Once the victim’s information is entered, the information is logged by the attackers and the victim is then sent to the actual landing page – presumably unaware that any breach has taken place. For such a large-scale campaign, CTU attest that it’s neither elaborate nor technical, using tried-and-tested phishing techniques. So while this campaign is big, it certainly isn’t clever.

The age-old phishing prevention techniques ring true once again; check where your emails are coming from (as none will come from recognised domains), and make sure that any links are legitimate. It’s easy to spoof a URL, but it’s even easier to check that they’re going to a legitimate, recognised web address.  

Joker Malware is no Laughing Matter for Google

Google’s Play Store seems the online trader du jour for peddlers of dodgy apps. Fresh off the revelation that a number of its Antivirus apps offered no protection at all, Google has been forced to remove a further 24 apps after discovering they were infected with malware.  

Cyber security firm CSIS discovered that the ‘Joker’ malware had crept into each of the infected apps (presumably having eluded a certain caped crusader) and secretly signed their unwitting downloaders up to premium subscription services. It also stole details on the user’s saved contacts and SMS messages.

Interestingly, the app only affects users in certain countries, including most of the EU, China, Australia and the UK. America and Canada, notably, seem unaffected by the malware.

The 24 culprits, helpfully identified by TechRadar, are:

- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security – Security Scan
- Beach Camera
- Board Picture Editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant Scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper

It’s interesting how many of these apps have camera or face-scanning abilities. While no camera exploits have so far been reported, the fact that the apps might incorporate the phone’s camera capabilities means the potential exists to hoover up yet more incriminating data.

Naturally, if you’ve downloaded any of these apps, now’s the time to delete them. And if you haven’t already, get your Android phone protected by a reputable Antivirus app.

If this week's cyber threats prove anything, it's that cyber criminals are relying increasingly on the trust and complacency of their victims. As always, we'd encourage users to familiarise themselves with the tell-tale signs of phishing, to download only from trusted vendors, and to keep all their protective measures consistent with the latest updates and firmware. 

Resist and Recover from Cyber Attack's

Our eBook, Recovering from Common Cyber Attacks walks you through the worst-case scenarios - and helps you stop them from ever happening again.

Download it now.

How to Recover from Common Cyber Attacks eBook


 

Would you like to comment, or leave your thoughts?

Recent Posts