IP Ghoster Ambassador Program
Currency:
Welcome To IP Ghoster IP Ghoster Local Anonymous Secure Peer Networks Complete Online Communications Security Mobile Proxy Anonymity or VPN Service Pricing Pricing Login
 
Security Weakness in Amazon’s Customer Service Highlighted by the Hack
December 31, 2012Hide Post
Security Weakness
December 31, 2012
Amazon is one of US’s biggest online retail stores and customers expect it to provide top class safety standards. But sadly, the online security that Amazon has, both as a site and for users, is not up to the mark. In fact, the lack of adequate security can escalate into a potentially fatal issue with […]

Amazon is one of US’s biggest online retail stores and customers expect it to provide top class safety standards. But sadly, the online security that Amazon has, both as a site and for users, is not up to the mark. In fact, the lack of adequate security can escalate into a potentially fatal issue with time. Synapse Studios, a web development company, was responsible for discovering the flaw in the online retail giant’s site. Chris Cardinal, the managing partner of the firm, reported this flaw. He also added that the flaw is causing more damage to the site than it is causing to the consumers.

Security Weakness

Security Weakness in Amazon’s Customer Service

 

Mr. Cardinal Quoted His Own Experience as Proof of Flaws

Synapse Studios’ Chris Cardinal said that his own personal experience was proof for how bad the security is on Amazon’s site. He said that the flaws were in the authentication protocols that the site had. Over time, people had adapted to these flaws and had not exactly noticed it. But hackers have gotten smart over the past few months and they managed to take advantage of these flaws in Amazon’s online system. He reported his experience on a periodical called the HTMList.

Chris Cardinal’s Experience

Mr. Cardinal had ordered a few products on Amazon.com and had also got the delivery of the products. But he said that scammers took advantage of his order history, name and address and made the company deliver replacement products to an alternate address. The scammers contacted the company and registered an alternate address. They made Amazon.com send replacement products even through Mr. Cardinal had signed for the products and received them. After this mess up, the customer service agency of Amazon called up Mr. Cardinal and started reporting problems about the order that he had received ages ago.

Incompetent Customer Service Representatives

After Cardinal got the email receipt for a replacement of the product, he tried calling the customer service of Amazon.com to fix the issue. Unfortunately for him, none of the customer service representatives that he got in touch with were able to solve the issue. Cardinal reported that it was the incompetence on the part of CSRs that caused this problem. He said that it was a simple matter of organizing everything on a universal basis, be it the order number or the account from which the product was ordered.

Child’s Play to Get Free Products

Cardinal said that the CSR’s incompetence could be laid bare, with only a couple of authoritative enquiries and a few data points. He said that all a hacker wanted to take advantage of the flaws in Amazon’s security system is the order number, the date, name, and email ID. That much data was sufficient for making the company send free products to alternate addresses. But he added that this cannot be done on a regular basis and probably can be accomplished once a year. That opportunity was sufficient, especially in high volume and high value orders.

This Social Engineering Technique is Old School

According to security experts from WhiteHat, this is not a new technique. The experts said that usage of anonymous accounts is an old school scamming method. The only difference with the hackers of this generation is that they used anonymous social media accounts and other latest social engineering platforms to run scams.

Coming back to the Amazon.com issue, the experts were of the opinion that the company is not taking this issue seriously because the difference in profits is very negligible to the company. With the billions of dollars of business they do, this is something that the company can afford to overlook.


Filed under: Our Products
Security Threats to Evolve in 2013: McAfee
December 28, 2012Hide Post
Treat Prediction
December 28, 2012
One of the biggest hurdles that online security vendors face is the change in the techniques and methodologies that hackers use over time. With change in technologies and the increase in usage of mobile devices, hackers have adopted new methods and techniques to take advantage of the security flaws and dangerous online habits. McAfee, the […]

One of the biggest hurdles that online security vendors face is the change in the techniques and methodologies that hackers use over time. With change in technologies and the increase in usage of mobile devices, hackers have adopted new methods and techniques to take advantage of the security flaws and dangerous online habits. McAfee, the world leader in online security services provider, has released a threat prediction report for the year 2013. This is the report that highlights the threats that McAfee predicts for the year 2013. This is a very important phase of providing security services.

Treat Prediction

Threat Prediction 2013

 

Importance of Threat Prediction Report

While providing online security services, it is very important for the security company to remain one step ahead of the hackers. That is the reason why these companies spend thousands of dollars on speculating each and every move of the cybercriminals. This will help them in being prepared when the attack comes. Preparation will either limit or completely negate the damage that is caused due to online hackers’ attacks.

Evolution of Hacking Techniques

The bottom line of the threat report McAfee has published outlines how hacking techniques will evolve from present day methodologies. The report says that with the advancement of technology and rapid changes in trends, hackers will also evolve their techniques. With cloud computing and other similar technologies coming to the fore, hackers cannot maximize the effect of their attacks if they use the old tried and tested methods. The report warns that hackers might use techniques that we have never yet seen till date. So, the best way of countering those attacks would be to identify the flaws in our system and try to fortify the flaws as best as we can.

Rise in Mobile Malware and Mobile based Threats

Another significant point made by the report is the rise in mobile malware. This is a fairly straightforward prediction because the rise in the number of people using mobile devices has been unprecedented in the past two years. Just look around you. People nowadays use mobile devices for all their regular activities, be it checking mail, online banking, checking social media accounts or shop without being tracked. So, hackers need to target mobile devices to ensure that their attacks are profitable. That is why we can expect a rise in mobile malware density.

Decline in Group Hacking

Some hackers operate as a group. They use group attacks to inflict as much damage on the network as possible before taking advantage of the information they glean from the hack. But this trend will definitely decline according to the report from McAfee. Group attacks are easy to trace as investigator will get multiple points from which they can trace back to the hackers. This is why hackers are slowly starting to operate alone. This will continue in 2013 and group hacking might altogether stop or will be very scarce.

Increase in Hacking Extortion

Ransomware has made a lot of appearances over the past few months. This is a type of malicious software that gathers information and sends out ransom notice to the victims. If the ransom is paid, the hacker might or might not release the personal information of the victims. The McAfee report suggests that the same principle will be used in other attack vectors also in the future. The hackers also have another advantage with this method. They can target the same victim multiple times, unlike an exposure attack where the victim cannot be re-targeted. This shows how much thinking hackers are putting into each and every aspect of their attack. That is why we must be more careful in the coming days than we ever were.


Filed under: Our Products
The Latest Children’s Privacy Policy – The Good and the Bad
December 27, 2012Hide Post
Privacy Policy
December 27, 2012
Online privacy is a never ending issue, and companies and authorities have always tussled over the optimum rule set for this. But both parties have failed to find a neutral ground in this issue and the tug of war continues. Children’s privacy came into sharp focus recently with apps and other websites taking advantage of […]

Online privacy is a never ending issue, and companies and authorities have always tussled over the optimum rule set for this. But both parties have failed to find a neutral ground in this issue and the tug of war continues. Children’s privacy came into sharp focus recently with apps and other websites taking advantage of the innocence of children. There was a lot of pressure on the Federal Trade Commission (FTC) to revise its rule set for children’s online privacy. The body has finally relented and come up with some changes that are specifically aimed at making the internet a safe place for children.

However, as it is with any new policy, rule or change, some are happy while others are not. One group’s loss is the others’ gain and that is how things work in this field. This article will outline who stands to lose and who gains by these new children’s online privacy rule amendments.

Privacy Policy

Children Privacy

 

The App Makers and Websites Are Responsible For the Privacy of Under-13 Users

The old rule for children’s online privacy, Children’s Online Privacy Protection Act or COPA, had specified that children under the age of 13 should take the consent of their parents for using the sites and apps. This meant that the parents had to check if the apps and sites are safe before allowing their children to use them. This meant having measures like using VPNs, proxy servers or simple steps like stop cookies/tracking online in place.

But with the new rule set, parents don’t have to worry about their children as the websites and app makers are responsible for ensuring that privacy of children is not compromised. The rule set is so stringent that even if the websites and app makers have a reason to suspect if under-13 users are using their services, they should immediately disable tracking and information gathering.

App Makers Might Stay Away From Children’s Market Altogether

Since these rules came into force, app developers are scratching their heads on how to design their apps. Information gathering is the revenue generating force in these apps and without that, the concept of free apps makes no sense at all. Here’s an example. If a parent is using a game app on his/her device, app makers can track them and gather information as the users have consented. But imagine the same app is used by the child when the parent gets home. The app should not track or gather user information. If it does so, the developers are liable for prosecution.

This stranglehold might prompt the app developers to completely pull out of the children’s app development market.

The FTC and Parents Can Take a Breather

The FTC was under intense pressure from lobbying agencies and the general public to take a stand against children’s online privacy exploitation. With these rule changes, the FTC is out of the firing line. They can proudly say that they have done everything in their power to ensure that children remain safe when they are online.

Another party that is benefited by this rule amendment is the parents. Before this amendment, parents were constantly worried how their innocent child could be exploited when he/she is using the internet. Complete ban of internet usage was also not a feasible alternative as the present lifestyle requires its usage. But now, parents can just keep an eye on the sites and apps that their child is using. If there is anything suspicious about the site or the app, they can report it to the authorities and further action will be taken.

Overall, the exploiters (read app developers) have become the exploited now because of the latest privacy policy amendments. We still have to wait and watch the long term effects of this amendment.


Filed under: Our Products
Spyware on Rented PCs Spied and Photographed Unsuspecting Users
December 26, 2012Hide Post
Spyware On Rented PC
December 26, 2012
It is a well-known fact that malicious software comes in varying degrees of sophistication in today’s world. There are some that are in the form of anonymous social media accounts that target unsuspecting users. There are others that steal your authentication codes for your online accounts, including your online bank accounts. Recently, a new type […]

It is a well-known fact that malicious software comes in varying degrees of sophistication in today’s world. There are some that are in the form of anonymous social media accounts that target unsuspecting users. There are others that steal your authentication codes for your online accounts, including your online bank accounts. Recently, a new type of malicious software called as ransomware was identified. This software held users’ personal information and released it only on the payment of a ransom amount. The case you are reading about today is the spyware that was planted on rental computers to get personal information of unsuspecting users.

Spyware On Rented PC

Spyware On Rented PCs Photographed Unsuspecting Users

 

Phenomenon Identified On a PC Rental Establishment

This particular type of spying was identified in a well-known PC renting establishment. This is a type of service where you go into the shop, pay a fixed amount for using a PC for a fixed interval of time and then log off. You can use the PC for anything from internet banking to checking email or Facebook. But the problem was that these PCs had a type of malicious software implanted in them that could spy on the activity of the users. The software gathered information and relayed it to the person who planted it via the internet.

The Flaw is in An Application Called PC Rental Manager

If you are not aware of the application PC Rental Manager, it is a tool that allows administrators to control the duration of PC usage. As you can understand, this feature comes in handy when you are renting out computers to anonymous users for money. You can also use this software to control the type of sites that the users visit, ensuring that the rented PC is not used for performing any illicit activity. The add-on here is the ability to snoop on the users and gather information.

The Level of Detail with Which the Information Was Gathered Was Astonishing

One of the most amazing and dangerous aspects of this software was the level of detail with which information could be gathered by a miscreant. The software has a mode called as ‘Detective Mode’ that has to be activated by the person who is controlling the spying activities. There are three levels with which a user can be spied on and the level of snooping is also determined by the controller.

  • Level 1: In the first level of spying, the detective mode managed to capture a screenshot and also the first 30 keystrokes of the user. This information was then relayed to the controller using the internet. To do this, Designer Ware Servers were employed and the information was relayed via e-mail.
  • Level 2: The second level of snooping is obviously more detailed. A screenshot was taken and recorded at a two minute interval. Also, keystrokes of the user were recorded every two minutes. The controller had to issue a command for the application to stop recording this data.
  • Level 3: Level 3 is almost similar to level 2, except that the application used the in-built camera on the PC to capture a photograph. Also, fake software registering screens were used to gather personal information.

How Did The Scam Come To Light?

The first giveaway was the fact that PC camera light was turning on without the users instructing the PC to do so. Also, some users who are familiar with registration scams identified the pattern and pointed it out to the administrators. The sent emails were also discovered consequently.

All this suggests that it is better to use your own PC or a friend’s rather than renting one. The damages that this type of hacking can cause can be catastrophic and it is better to stay away from PC renting altogether.


Filed under: Our Products
Facebook Helps FBI in Catching the Culprits behind the Butterfly Botnet
December 25, 2012Hide Post
Facebook
December 25, 2012
The rise in popularity of social networking site Facebook has been unprecedented and unmatched. Consequently, Facebook has, by default, painted a target on itself for the hackers. With millions of users using the social networking site, it is attracting hackers like flies to food. The site is also very concerned about the security and privacy […]

The rise in popularity of social networking site Facebook has been unprecedented and unmatched. Consequently, Facebook has, by default, painted a target on itself for the hackers. With millions of users using the social networking site, it is attracting hackers like flies to food. The site is also very concerned about the security and privacy of its users. A number of advanced security protocols have been implemented over the years. However, time and again, hackers get the better of these protocols and score a hit. But Facebook is determined to bring them to justice.

In an unprecedented move, the social networking giant helped the Federal Bureau of Investigation to catch a group of hackers who were responsible for the Butterfly botnet. This botnet group was very lethal and caused a lot of financial and privacy damages. The association of Facebook in the investigation and subsequent snaring of this cybercriminal group was confirmed by an official statement from the authorities.

Facebook

Facebook Helps FBI

 

A Little about the Butterfly Botnet Group

You are all aware of what a botnet is. It is malicious software that employs a group of computers to conduct security breaches. This group is in turn controlled by a third party controller. The Butterfly Botnet also operated on similar lines. The reason why Facebook was so interested in this botnet was that it was using Facebook as a platform to infect millions of users. The botnet used anonymous social media accounts to download itself on to the computers of victims. After that, the hacker has full control over the group of infected computers.

Butterfly Botnet was Very Lethal

Although the botnet was shut down in the month of October, 2012, according to authorities, the botnet wreaked havoc while it was active. According to official reports, the botnet group caused financial damages of more than $850 million put together. This is one of the biggest hacking hits, if not the biggest. Also, the total number of computers that were affected with this botnet exceeded 12 million in number. This number alone suggests how effective this hacker group was in planting malicious software on to the computers of unsuspecting users. The reports also showed that this botnet specifically accessed financial information from over 800,000 computers.

Experts Suggest Botnet Operators Were Not Very Smart

According to some of the leading experts in cybercrime and online security, the botnet operators were not very smart in covering their tracks. They are of the opinion that the hacker group had ready-to-use malware for their operations. At the time they started using it, it was one of the most sophisticated software that the cyber world had seen. But over time, the malware did not evolve as it had to. Facebook was studying the malware for a couple of years now. This enabled them to identify patterns to track the hacker group and ultimately, trap them. FBI was also quite open in acknowledging the success of the operation. This shows that they have comprehensively wiped out all the units of the hacker group from multiple countries.

Cybercrime Tracking is a Lucrative Business

Some of the experts were also of the opinion that some hackers might switch over to the legal side as cybercrime tracking is proving to be a very lucrative business proposition. They said that although government agencies had talented staff, the talent pool outside the government agencies is very vast and of high quality. If the government takes the help of private investigators (read hackers turned investigators), the hit rate would improve significantly. This type of association is not just a speculation. In a couple of years’ time, this would probably come true.


Filed under: Our Products
The ‘January Effect’ of Cyber Attacks
December 24, 2012Hide Post
KET Dec 24
December 24, 2012
Online security companies spend millions of dollars on analyzing trends, habits and signs of cyber attacks and hackers. This is one of the best and effective ways of determining when, where and how cybercriminals might strike. It gives both online security companies and users to prepare better and when the attack comes, it will not […]

Online security companies spend millions of dollars on analyzing trends, habits and signs of cyber attacks and hackers. This is one of the best and effective ways of determining when, where and how cybercriminals might strike. It gives both online security companies and users to prepare better and when the attack comes, it will not be so much as a surprise. True, sometimes the predictions are accurate and sometimes they are not. But the bottom line is that the damage can be limited and sometimes, totally prevented. One such trend is what online security experts and researchers popularly call as the ‘January Effect’.

KET Dec 24

What is the ‘January Effect’?

You might be rejoicing that the world has not ended on December 21st, 2012 but if you are not careful, you will feel like the end of the world because January is supposedly the month of cyber attacks. Jeffery Carr is a cyber warfare author and also the chief executive officer of a reputed company, said that every year, he has noticed a major security breach or a cyber warfare activity. He said that although the attack itself might not occur in the month of January, January is the month when it is detected or is revealed to the general public. This has started some warning bells in the cyber security world and even the major companies have noticed the trend that they had failed to do so till not.

Occurrences that Back the ‘January Effect’

Jeffery Carr listed four major cyber attacks in the past four years, all that occurred in the month of January or that came to light in January, as proof for the January Effect.

  • 2008 December to 2009 January: This occurrence was a part of an ongoing war between the Hamas and Israel. The operation was called as Operation Cast Lead and this war had a number of simultaneous online security breaches as a part of the attack.
  • 2009 December to 2010 January: Many leading internet based and technology companies including Google reported security breaches of their servers and networks. The reports on the severity of the breaches were not accurate but the breaches were confirmed by official statements from all the affected companies.
  • 2011 January to 2011 March: The RSA announced in the month of March that its network was breached in the early part of 2011. The details of the breach and the extent of damage remained sketchy.
  • 2012 January: Symantec was the victim this time. An anonymous hacker announced that he had obtained the source code for Norton online security system and some of the other products. This created a huge stir and many other hackers took advantage of this by selling cracked and fake antivirus systems for a relatively low price.

A Part of Online Security Experts’ Community Say They Are Coincidences

While most of the online security experts’ community agree that timing of the events are too many to be a coincidence, a small part of the community beg to differ. They still maintain that these events were just coincidences. Their reason is that hackers thrive on being unpredictable and this trend will only contribute to reducing the severity of their attack. The damage is severe only when you least expect the attack and that is what hackers depend on.

You cannot afford to leave it to Chance

 Although the attacks suggest that the damage to the common man is mild to say the least, you never know what might happen. It is always better to stay on your guard. Don’t click on posts, photos or links from anonymous social media accounts. Delete all the spam mails without opening them. Don’t click on links that say claim free bonus or discounts while shopping online. But the bottom line is that the onus is on online security service providers to ensure that we remain safe. Let us hope for a safe new year!


Filed under: Our Products
Privacy Policy Changes By Facebook and Instagram Trigger Widespread Online Protests
December 21, 2012Hide Post
Privacy Policy changes By Instagram
December 21, 2012
Instagram is a popular photo sharing app that has millions of users all over the world. Recently, the company was purchased by Facebook in a deal that reportedly cost Mark Zuckerberg $1 billion. Privacy policy changes are common but the latest change by Instagram triggered a lot of unrest among its widespread user community. Reportedly, […]

Instagram is a popular photo sharing app that has millions of users all over the world. Recently, the company was purchased by Facebook in a deal that reportedly cost Mark Zuckerberg $1 billion. Privacy policy changes are common but the latest change by Instagram triggered a lot of unrest among its widespread user community. Reportedly, these changes affect not only the users who are above the legal age of 18 but also kids as young as 13 years old. Celebrities and public figures were the worst threatened by these privacy policy changes. Although co-founder of the company publicized in a blog that they are working on language changes to make the privacy policy updates more clear, experts and users were still skeptical.

Privacy Policy changes By Instagram

Privacy Policy changes By Instagram

 

Users Take to Social Networking Sites to Show Their Displeasure

Tiffani Thiessen, a long time Instagram user tweeted ‘really sad to end my luv 4 @instagram. Will be deleting my account due 2 their ridiculous new terms’. This was a reasonably measured tweet when you compare it to the swear words and bashing that many other users resorted to. Most of them were quite vocal in their Facebook pages and Tweets that they would rather delete their account than have their privacy invaded in such an open and official manner.

What Exactly Are The Privacy Changes?

The recent privacy policy that has been released by Instagram suggests that the company might use the pictures posted for their advertising needs. The privacy policy that the users have already agreed to allows Instagram the latitude to use personal information (read pictures) in advertisements or any other company sanctioned event without the consent of the users. This is frankly ridiculous in an age where contacting someone using an anonymous social media account is considered as an invasion of privacy. It makes you wonder what the privacy policy makers of Instagram were thinking while coming up with this policy.

Instagram Co-Founder Calls for Patience on the Part of Users

With users expressing their ire and opposition over social networking sites, the co-founder of Instagram also took to twitter and called for a little understanding amongst its users. The tweet did not reveal anything about the proposed changes but all it did was include a call for patience among Instagram users. Later on, a blog post in Instagram official blog by the co-founder said that the users have apparently misinterpreted the privacy policy changes. The post further added that the company officials were working on changing the language structure used in the policy to facilitate clear understanding.

Privacy Advocates and Legal Experts Beg to Differ

However, legal experts and privacy advocates were of the opinion that the language structure used in Instagram privacy policy update is quite clear. An expert on the condition of anonymity said that the policy is so detailed that it includes clauses that speak about the privacy rights of kids as young as 13 years. The expert concluded by saying that there is no ambiguity in the understanding and the privacy policies are flawed more than anything else.

What Are The Consequences?

If you agree to the new privacy policy of Instagram, you are giving the company latitude to use your personal information. This means, you can see your picture in an ad that you have no affiliation with, the only reason being the picture was posted in Instagram. More than the common man, celebrities are affected by this because they will have legal obligations defined by a contract with brands. They might face lawsuits just because they posted a picture on Instagram and that picture was used by the company as they had a right to do it. Unless Instagram does something about this, its popularity is going to hit the rock bottom. 


Filed under: Our Products
Federal Trade Commission All Set to Bring In New Children Privacy Rules
December 20, 2012Hide Post
Privacy Policy
December 20, 2012
Children’s privacy has been in the focus for some time now and FTC was under a lot of pressure to implement new rules that would favor the online safety of children. There were a lot of discussions in this regard and FTC were eager to move ahead. However, major internet companies like Google, Facebook, Yahoo, […]

Children’s privacy has been in the focus for some time now and FTC was under a lot of pressure to implement new rules that would favor the online safety of children. There were a lot of discussions in this regard and FTC were eager to move ahead. However, major internet companies like Google, Facebook, Yahoo, etc. were not ready to make changes to the privacy policy. This led to a lot of friction and tension and privacy experts were starting to get quite vocal about how the FTC is indirectly being controlled by these private companies. Finally, FTC seems to have taken a stand. The organization is now all set to implement a new rule set that will ensure a higher degree of privacy protection for children.

Privacy Policy

Children Privacy

 

Finer Details Regarding the Update in Privacy Policy

The update in policy that will be released during the third week of December would be to the Children’s Online Privacy Protection Act, more commonly known as COPPA. The current law that is in force states that companies (both online and offline) cannot collect information that is related to children below the age of 13 years. However, this law had quite a few loopholes that advertising companies, analytics companies and app developers took full advantage of.

The update will not change any rules but make things more clear and specific. The update will specify that the law applies not only to websites but also mobile and web applications, games, online plug-ins and even advertising networks. Also, the definition for the term ‘personal information’ is being updated in the law. Now, it will cover everything from pictures, videos, geographic and location services based information, and even indirect social media information.

Is It Goodbye Tracking Cookies?

It might be a little farfetched to consider that this new rule update might signify the end of tracking cookies. But the update clearly mentions that tracking cookies should not be used on children’s computers. While cookies are a very popular way of tracking user related information and aid in targeting, companies should exercise extreme caution while using them from now on. Failing to do so will imply that they went against the law and the defaulters would be liable for prosecution.

Shift from ‘Actual Knowledge’ to ‘Reason to Know’ Basis

Also, the update will clearly specify that in case websites clearly know that the user is under 13 years, the cookies should be automatically disabled. This rule applies to all the sites, including ones which require children to open an account to use the full range of services. This shift from ‘actual knowledge’ that under 13 users are logged in to ‘reason to know’ if under 13 users are logged in clearly highlights how serious the FTC is about the new rule update.

What is The Effect of This Shift in Perspective?

It was mentioned above that if sites had a ‘reason to know’ if the user was an under 13, they should not track him/her. This significance is that you don’t have to buy specific devices for your children and register them to ensure that they are not being tracked. Even if you are using your work laptop most of the times and your kid/kids use it to access children’s sites after you go home, it is the responsibility of the site operator to ensure that the site doesn’t track your kid/kids. Effectively, you don’t have to take steps to ensure that you stop cookies/tracking online. There might also be a reduction in the level of user experience on sites but privacy trumps user experience at any given point of time.


Filed under: Our Products
Economical Spam Texting Facilitated By New Android Malware
December 19, 2012Hide Post
Economical Spam Texting
December 19, 2012
Hackers have always found Android to be a very easy and convenient target, considering the open source nature of its code. It is not surprising that there are a number of malware infested apps, with a wide range of capabilities, available for Android. The simple stop cookies/tracking online option will not work if you have […]

Hackers have always found Android to be a very easy and convenient target, considering the open source nature of its code. It is not surprising that there are a number of malware infested apps, with a wide range of capabilities, available for Android. The simple stop cookies/tracking online option will not work if you have to escape the clutches of these advanced malware. Recently, an online security company Cloudmark, discovered that hackers are using a new type of malware for spam texting. This malware was not only convenient to use and allowed the hackers a greater degree of control, but also proved to be a more economical option to the miscreants. This article will take you through the details of that malware and its effects.

Economical Spam Texting

New Android Malware

 

Malware Used Botnet Agent Called Spam Solider

Botnets are a very popular form of malicious software with the hackers, who have introduced it to the Android world too. The new Botnet agent that has been discovered by Cloudmark has been dubbed as Botnet Solider. This botnet can be introduced into an Android device through a malware and the botnet allows the hacker to control the device. Using the SMS services on the hacked device, the hacker can send spam texts conveniently. This marks a new methodology of hacking Android devices.

Economical Angle of this Attack

According to the online security company, one of the reasons why this type of attack methodology was chosen by the hackers was because it gave them economic freedom. By using the text messaging services on a hacked device, they got text services free of cost. So, they can send as many texts as they want, which were essentially spam texts. So, the hackers don’t have to pay a dime for SMS services and that gives them more freedom to use text messaging services. So what was a limited line of attack, owing to the text message charge constraint, is being transformed into an unlimited line of attack with the use of Spam Solider.

This Attack is relatively Unsophisticated but Future Attacks Might be more Complex

According to security experts in Cloudmark, this attack line is unsophisticated when you compare it with the PC botnet attacks. But what this does is show us how hackers are prepared to think out of the box and evolve their threats to suit their needs. Initially, Android malware and botnet attack proved to be easy to diagnose and take down. But somewhere down the line, we might have to face a line of attack that is not only highly sophisticated but also very hard to combat. This poses a very challenging and fairly worrisome situation to both users and online security service vendors.

How is Spam Solider Distributed?

Interestingly, Spam Solider is not spread to devices using spam or malicious links. They are embedded in seemingly harmless free applications like Angry Birds or Need for Speed. The problem here is that when the user installs these apps, they provide access permissions to these apps. In turn, access permission is granted to the malicious software.

After installation, the user will have no inkling of the botnet being present on their devices. Another factor that is working in the favor of the hackers is that text messaging is slowly on the decline. With social networking and instant messaging ruling the roost, users hardly use the text messaging services. So, the service is free to be exploited by these botnets controlled by the hackers.

At this point of time, the only possible solution to this issue is that you must be careful while installing free apps on your Android devices. Only choose apps from reputed developers and ensure that they are malware free using security software.


Filed under: Our Products
Mobile Malware Situation Set To Go Downhill in 2013
December 18, 2012Hide Post
Mobile Security
December 18, 2012
Of late, especially in the year 2012, hackers and other cybercriminals have been targeting mobile devices more than your regular computers and servers. This move is understandable considering the rise of mobile devices such as smartphones, tablets and other handheld gadgets. People also use these devices more often than they use their computers. So, hackers […]

Of late, especially in the year 2012, hackers and other cybercriminals have been targeting mobile devices more than your regular computers and servers. This move is understandable considering the rise of mobile devices such as smartphones, tablets and other handheld gadgets. People also use these devices more often than they use their computers. So, hackers and cybercriminals obviously have a better hit rate while targeting mobile devices. Just at a time when you thought that this situation could not get worse, online security services vendor Eset has claimed that the mobile malware situation will get worse in 2013.

Mobile Security

Mobile Malware

 

What to Expect in 2013

The online security solutions company said that in the year 2013, the frequency of malware attacks will increase exponentially. A representative from the company also added that people might expect to see unique types of malware, including ransomware, making frequent appearances. He also added that online security software providers will definitely have their hands full with so many different types of malware coming to the fore.

To make sure that you are safe, he suggested that you use security software only from reputed online security solutions companies. He also added that you should keep your software updated and perform regular maintenance checks on your mobile devices to ensure that your device is not infected with malware.

Why is Mobile Malware on the Rise?

Some people might feel that this question is rhetorical. Look at it this way. Why do cybercriminals design such malicious software? They do it for infecting devices, gathering data that they are not supposed to have and make a profit out of it. A couple of years ago, computers and laptops were used for all types on online transactions and computer malware would do the job for them.

When you look at today’s situation, it is completely different. Although you cannot go as far as to say that computers are totally outdated and shelved, their usage for certain activities has certainly come down. Especially, the activities that the cybercriminals are interested in, like online banking, online shopping, checking your mail and social media accounts; these activities are done using either your smartphone or tablet devices. You would know this if you own either of the aforementioned devices.

So naturally, the cybercriminals are focusing on developing malicious software that is specifically targeted at mobile devices. However, this is only part of the reason. There are a number of other reasons why mobile malware has been and will be the focus of cybercriminals in the coming months.

Users Show a Marked Laxity towards Mobile Security

How many of you have security software installed on your mobile devices? How many of you perform regular maintenance scans using security software? This number is very less. Although everyone is aware that mobile devices are the hot targets in today’s world, there is a marked apathy towards mobile security software. This sentiment is reflected by the statements of security services vendors who openly claim that not even 10% of the mobile users use security software. Hackers can use something as simple as an anonymous social media account to hack into your devices and you will never realize it without proper security software.

Uptrend In Mobile Banking

Recent reports also suggest that mobile banking has gained a lot of popularity in 2012 and the trend will continue in the year 2013 also. According to a prediction, there will be 530 million new mobile banking customers in 2013. This number is sufficient for the hackers to focus only on mobile malware to make some quick bucks. If you are one of the users, we suggest that you keep your eyes open for anything abnormal or fishy.


Filed under: Our Products

About Us Privacy Policy © 2008-2014 Contact Us