A Bug Found in Facebook Messenger App for Desktop

How was a situation where your phone suddenly called your EX on your Facebook Messenger App? That’s quite hilarious and you will be pumping in confusion and ask yourself. Who the heck called him/her? Well, that’s probably someone made the call from miles away. Yes, you probably have been hacked! Read this…

When I first read about this issue on ReasonSecurity.com I was quite indecisive and thought Messenger has desktop app? I didn’t know Facebook Messenger has an app for desktop users. Now I know. Well, anyway that’s our subject for today.

A ReasonSecurity researcher, Shai Alfasi, found bug on Facebook Messenger for desktop. This bug uses persistence method. The bug is already fixed with the latest version of the app. You just have to update your older version and you are good to go.

The bug found on the app which is available on Microsoft app store executes series of code that should not be executed. uh, Talk about bugs. This bug which can be found on the version of Messenger 460.16 which of course you can no longer use since Facebook already aware of the issue and has updated the app.

The bug results to a vulnerability and causes the app to kinda malfunction internally this gives a way to hackers to infiltrate a video call or executes resource within the Messenger code so they can run their malware. This vulnerability gives the attacker plenty of time to execute what they want to the victims Messenger app. Reasons Labs claimed they are the first to identify the bug.

The Persistence Method Bug

Persistence bug is a method in which attacker uses so he won’t lose the connection between him and the victim. He needs the time to perform and execute series of commands to the victims machine.

Researchers can easily discover this method because the only logic malware requires to be successful are the following:

  • The attacker should be able to communicate to the victims machine.
  • The attacker should be able to run his codes.
  • The attacker should be untraceable by antiviruses.

Thought most antiviruses are able to automatically remove these threat since it can detect what is going on on your system files. It monitors your files behavior and are able to pinpoint a threat.

No reports of Threat

Internet users has dramatically increased on the past months since this COVID-19 pandemic started. Facebook alone reports 70% increase on the Facebook App usages globally. Before the discovery of the bug. There are 1.3 Billion of active users in Messenger but there are no reports from users of hacking. So we can quite sure that no one are able to take advantage of it yet. And wont be able to take advantage on it since it’s already fixed.

For more details about this bug you can to the ReasonsLab website and read the article their for complete details.

CISCO Found Two Vulnerabilities on Zoom Software

Zoom has a sudden surge of users when this pandemic begun. Employers are requiring their people to start working from home and group video calling is in demand. Zoom is the most favorite tool for video meeting, schooling, social talking.

Since zoom is now one of the center of technology used during this crisis. Attackers didn’t missed the chance to find vulnerabilities to it and successfully found one and ultimately used it to make fun.

The Zoom Software Vulnerabilities

One report about this issue was published by ADnews which apparently showed how hacker are able to interrupt a netting and show some pornographic images and spew hate speech.

From the Cisco Talos blog found two major vulnerabilities on the popular video conferencing software. The vulnerability explained that the attacker could use it to execute malicious code on the victims machines.

Zoom client software and Giphy extension (TALOS-2020-1055/CVE-2020-6109)

Code named (TALOS-2020-1055/CVE-2020-6109) the vulnerability found an exploitable path on the Zoom client Installer sofware version 4.6.10 that process messages that includes GIF’s or the Giphy feature.

Originally, only Giphy server could use the feature and process GIF’s messages. The attacker are able to use the path of this connection to inject malicious codes on it and trigger the vulnerability and execute it on the victims machines. We don’t have all day to explain the vulnerability so read here for more information about it.

The second zoom software vulnerability is the feature in which it stores zip files and automatically unpacking and user downloaded compressed file. Zoom does not perform validation during the extracting the files.

The vulnerability allows the attacker to inject binary codes on the zip file and executes it on the victims machine when Zoom automatically extract zip files.

This is not the first time that Cisco has able to find vulnerabilities on the software. Last may they also found one and immediately informed the Zoom technical team on it which was later fixed.

Make sure you have your anti-virus installed to avoid any malicious attacks on your PC that will affect your machine directly.

Gandcrab Ransomware – Everything You Need To Know

There’s a new ransomware going around the web. Its named Gandcrab ransomware. Now, you didn’t know what is a ransomware let me tell you some brief definition of it.

What is a Ransomeware?

A ransomware just from its name “ransom” means its a crime that involves money and a hostage. Now this hostage is your files and software stored on the infected machine or PC. The victims files will get encrypted on some language that only the attacker can decryption keys. Meaning you cannot use these files because their system language has been altered to the root! If you have an image file, documents, videos, or anything these files would be unusable. And only the attacker can make it back to normal. Of course, your files are the hostage and the attacker will ask for money to get your files back normal just like this image below.

Gandcrab ransomware
A ransomware pop up on computer screen

And no, you cannot bring them back to normal on your own. Even if you hire some top-notched computer security guy. They might be albe to crack the encrpytion but it will definitely take a lengthy amount of time and I mean lengthy I mean years of non-stop decryption. Well, I guess if you are lucky they you can call an FBI-network security guy then they might be able to fix it in no time.

What is GandCrab?

GandCrab ransomware Its a ransomeware virus that attacked more than 500,000 companies worldwide since July of 2018. And just last year it has attacked Vietname and most of Asian countries.

Where GandCrab Originated?

It’s not clear where this virus originated or who made it. On my personal opinion since its been attacking most of Asian countires it should something to do with our Chinese friends.

How to get infected with GandCrab?

  • Gandcrab like most of the viruses disguised itself a legit file. Gandcrab displays as a legitimate archive file with a file name .rar it can get attached to emails and email server cannot detect it. The email containing the virus would be sent to companies employees. The victim opens the .rar file and it will start attacking the machine, encrypting everything on its sight.

How to get back the encrpyted files?

When GandCrab ransomware was opened it will start encrypting files on the victims PC and will open a window that asks for a ransom money ranges from USD400 – USD1,000. However, after the payment its not 100% sure you will get back your files.

How to prevent such attacks?

  • Since this is fairly new kind of virus. It’s very hard to detect whether its a legitimate file or not. Anti-virus software cannot even detect is as a virus. Just don’t open random files on an email that came from someone you don’t know.
  • Make sure you have anti-virus installed on your PC. Most ransomware or almost 90% or computer viruses can be detected with the help of an anti-virus software.
  • Do not open malicious looking files. Especially from unknown email address.
  • For more details on how to prevent such attacks visit this tips to avoid email scams.

10 Simple But Effective Tricks To Protect Your Credit Card Online

Earning money is hard but losing money in your credit card is even harder. Each day the cases of financial fraud continually increases. In that manner, credit card holder must arm themselves with knowledge on how they are going to protect your credit card online.

According to ShiftProcessing.com there has been 24Billion Dollars in losses because of credit card fraud worldwide in 2018. 39% of those fraud came from the USA and those number are not stopping their.

There has been a rise of credit card payments online this year. 69% of fraud starts with a consumer being done by phone alone. But worry not here are the simple steps you could do right now to include you from these numbers. Now here are the 8 most basic tricks you can make to protect your credit card from online predators.

The following are 8 tips to protect your credit card details online:

Learning the Basic

In life or even when it comes to protecting our credit cards, before we can proceed any further, we need to learn first the basic. These includes securing your phone, personal computers as well as your connection to the internet. Making sure that your operating system is up to date and putting strong password in your device are also part of the basic things you need to know.

Basic Security

  • Have an updated Anti-virus software on your PC – having an anti-virus software blocks 99% of attacks! Make sure to have one!
  • Make sure to only connect to a trusted WIFI connection when you are away from your home or own data connection.
  • Don’t let anyone unknown use your mobile phone. They could be hackers you know!
  • Always update your PC / Laptop with the latest security enhancements. Windows always release those updates.

#2. Keeping Account Number Private

Thief always look for ways to get hand on your credit card number. To get rid of this you need to keep your card private especially when you’re out in public. Do not make transactions over the phone where it involves giving your account number or personal information. Although it’s coming from reputable company, still you can’t trust anyone.

  • Don’t share your account number to anyone. Especially online when you don’t trust the transaction.
  • Don’t take a picture of your credit card and show it online!

#3 Use Fake credit card details on Untrusted websites

This is probably the most sneaky method on how you can hide your financial details on untrusted websites. The use of fake credit cards are very common among people who are deeply aware of the dangers of use of your real credit card details and entering it on a random website which you are not even sure if its a legit website. There are numerous websites offering this kind of credit card details. Among of which are the following trusted websites:

Generate random credit card details using the following websites:

#4 Updating information from time to time

If you happen to change any single information such as your phone number or email address, always make sure to check if your account is also up to date. It is important to know if your account still follow your recent address and provides you notification of its movement. Signing up for fraud alerts can also be a good idea to give you updates of whatever happening in your account. This way, if anything goes wrong you will be aware and can make actions quickly.

  • Update your mobile number for more secured transaction. Often banks will ask you if you have an updated mobile number.
  • Enable two-factor authentication so that every transaction you will get double the verification.

#5 Minimizing online shopping and Payment accounts

Online shopping

Due to the increase of higher technologies and scarcity of time, people are well-satisfied shopping and paying bills online through the help of their mobile phones and computers. However, you need to do it safely because the chip cards have fraudsters’ online, waiting to steal and raid your bank accounts. It’s not easy to get rid of online shopping since it become a regular routine particularly to women but in when it comes to  making  your account safe, limiting  yourself from online shopping can be of help. If in case this thing is hard for you, just try to select shop with big retailers and watch out for fake sites.

  • Don’t shop on untrustworthy websites.
  • Don’t use your credit card right away.

#6. Changing Passwords Regularly

Changing passwords regularly

One way of protecting your credit card details is putting a hard- to -provoke passwords on your account. Using common passwords like “I love you”,”000”,”123” or even passwords that has connection to your personal information like your birthdate and year are not advisable. It would be better also if you consider getting Password Manager to generate strong passwords and Password Checker to regularly check your password.

#7. Adding up another layers of security

Aside from typing your password anytime you’ve got to have transactions, it’s highly recommended to set up multi-factor authentication into your accounts. Meaning, you can enter code that is connected to your phone number or email address to verify and validate process in your account.

#8. Creating alerts on your accounts

Have an alert on your credit card

Every companies who issue credit cards offers free account alerts, make sure to at least avail one. This can be beneficial to you in providing safety usage of your credit card. For instance, you can set a text or email alert for any purchase in any amount or any time you make use of your card.

#9 Applying safely any credit card offers

As part of fraud acts, there are a lot of messages sent in your email account. This include offers that targets your bank account. Before considering any of it, it’s best to call or visit your card issuer to have some advice. You can also choose not to respond to offers via emails, but if you are really interested with the offer, do the research and check its background features and reliability.

#10 Checking credit reports

The best way to protect your account and making sure no new accounts have been opened in your name by other people is to check your credit report regularly. This is essential for the reason that it will give you timely updates and records happening in your account.

There are many ways on securing your credit card details online but most of it comes from intelligence coupled with someone’s common sense.

Stack Overflow Q&A Platform breach- Users’ Data has been compromised

Bob Diachenko, a Cyber Threat Intelligence Director and a journalist at SecurityDiscovery.com has uncovered a massive SMS Bombing Operation that exposes millions of users’ information.

You might be wondering why is the uncovering of SMS bombing so relevant. Well, let us start first to elaborate what is SMS Bombing, it is basically sending duplicated text messages that can be sent to several cellular phone users at a time. It uses a software program called “SMS Bomber”, this software program is mostly used for SMS marketing products and services by legitimate companies. However, these companies have their customers consent to receive such text messages. In the case of this passwordless database which was uncovered by Bob Diachenko on April 11th, the users’ information might be used by hackers or fraudster for illegal acts such as phishing techniques.

According to Bob Diachenko on the article he published for SecurityDiscovery.com, he discovered an unprotected MongoDB instance named ApexSMS, this database has millions of data relevant to SMS operations, in fact, according to Diachenko, one prominent folder contained an astounding 80, 055, 125 records.

Breached data contained in the database were as follows:

  • Hashed email
  • First and Last Name
  • City, State, Country and Zip Codes
  • IP Address
  • Phone Number
  • Carrier Network for Mobile
  • Line Type (Mobile or Landline)

Allegedly the owners of this database may have an official cover as MobileDrip.com, however it is not yet confirmed since they have not receive yet any response from Mobiledrip.com, which according to its website:

Mobile Drip is a cloud based SMS platform that’s optimized for high volume messaging with all the tracking, automation, segmentation, and data management features you need to maximize the profitability of your campaigns.”

The also indicated on their website that they will not knowingly engage in spam.

Legitimate companies mostly use SMS Marketing, thus Mobiledrip.com clearly describe how automated SMS Marketing works:

  • Attach drip campaigns to your lists and list segments to completely automate your sending.
  • Drip campaigns include the same features as broadcasting
  • Rotating Providers, Rotating Messages
  • Auto-replacing Domains
  • Segmenting data by carrier, gender, ethnicity, and location so you can optimize the messages you’re sending based on the leads
  • View stats for each message inside the drip campaigns
  • View drip message queue and history with stats on all messages.

On the other hand, Diachenko said that these information might be used to trick people to click on untrusted links or any phishing techniques which mostly victimized older people. Thus, this issue really raises concern about security and protection of the users’ information, it also affects the legitimate companies who does SMS Marketing to send information to their customers.

With this, let us all be careful to believe in text messages that we received, especially those which came from an unknown number or source. Always make sure to validate first, it is ok to be doubtful sometimes especially when you know that your information security is at stake.

SMS Bombing Operation in Passwordless Database Uncovered by a Security Researcher

Passwordless Database breached
Passwordless Database breached

Bob Diachenko, a Cyber Threat Intelligence Director and a journalist at SecurityDiscovery.com has uncovered a massive SMS Bombing Operation that exposes millions of users’ information.

You might be wondering why is the uncovering of SMS bombing so relevant. Well, let us start first to elaborate what is SMS Bombing, it is basically sending duplicated text messages that can be sent to several cellular phone users at a time. It uses a software program called “SMS Bomber”, this software program is mostly used for SMS marketing products and services by legitimate companies. However, these companies have their customers consent to receive such text messages. In the case of this passwordless database which was uncovered by Bob Diachenko on April 11th, the users’ information might be used by hackers or fraudster for illegal acts such as phishing techniques.

According to Bob Diachenko on the article he published for SecurityDiscovery.com, he discovered an unprotected MongoDB instance named ApexSMS, this database has millions of data relevant to SMS operations, in fact, according to Diachenko, one prominent folder contained an astounding 80, 055, 125 records.

Some information contained in the database were as follows:

  • Hashed email
  • First and Last Name
  • City, State, Country and Zip Codes
  • IP Address
  • Phone Number
  • Carrier Network for Mobile
  • Line Type (Mobile or Landline)

Allegedly the owners of this database may have an official cover as MobileDrip.com, however it is not yet confirmed since they have not receive yet any response from Mobiledrip.com, which according to its website: “Mobile Drip is a cloud based SMS platform that’s optimized for high volume messaging with all the tracking, automation, segmentation, and data management features you need to maximize the profitability of your campaigns.” The also indicated on their website that they will not knowingly engage in spam.

Legitimate companies mostly use SMS Marketing, thus Mobiledrip.com clearly describe how automated SMS Marketing works:

  • Attach drip campaigns to your lists and list segments to completely automate your sending.
  • Drip campaigns include the same features as broadcasting
  • Rotating Providers, Rotating Messages
  • Auto-replacing Domains
  • Segmenting data by carrier, gender, ethnicity, and location so you can optimize the messages you’re sending based on the leads
  • View stats for each message inside the drip campaigns
  • View drip message queue and history with stats on all messages.

On the other hand, Diachenko said that these information might be used to trick people to click on untrusted links or any phishing techniques which mostly victimized older people. Thus, this issue really raises concern about security and protection of the users’ information, it also affects the legitimate companies who does SMS Marketing to send information to their customers.

With this, let us all be careful to believe in text messages that we received, especially those which came from an unknown number or source. Always make sure to validate first, it is ok to be doubtful sometimes especially when you know that your information security is at stake.

Amazon Was Victimized By a Pervasive Fraud with Hackers Stealing Merchant Funds

The world’s biggest online retail platform, and ecommerce giant, Amazon Inc. was victimized of an extensive fraud from May to October of 2018, according to a U.K legal document.

Amazon lawyer said it already had done an investigation about the incident and asked a London judge to approve searches of account statements in which hackers funneled the funds into. Hackers were able to break in to more than 100 seller accounts and siphoned cash from sales and loans directly to their own bank accounts, which was reported to be wtih Barclays Plc and Prepaid Technologies Ltd.

Amazon legal counsel said that hackers may have used phishing techniques to obtain sellers log in credentials, thus giving them pledge access to their accounts and then changed their bank account information to their own. And their investigation confirms that the first instance of hacking activity was on May 16, 2018.

Though it is unclear on how much the hackers stole, Amazon said that it issued more than $1 billion dollars in loans to merchant in 2018, that makes the incident more concerning since the amount of money involve might be millions. Amazon Inc. said that it will continue to enhance and develop its online system to make sure these incidents will not happen again, and also sends message to the affected seller, as well as to those who are not, to be very vigilant about phishing techniques.

On the court filing, Amazon lawyers said that they need the documents “to investigate the fraud, identify and pursue the wrongdoers, locate the whereabouts of misappropriated funds, bring the fraud to an end and deter future wrongdoing,”.

Barclay Plc particularly said that they have strict guidelines and a very sophisticated fraud system and will make sure the incident will be dealt with accordingly. Both Barclay Plc and Prepaid Technologies were known to be party associated with Mactercard Inc. 

Amazon upholds its promise to their customer about protection and security of their information, following with another technical issue of their websites that occurred before Black Friday last year, this was when the issue inadvertently posted customer names and email addresses to its website. This incident has been taken care of swiftly, Amazon sends out an email notification to their affected customers regarding the technical issue, the customers were told on the email about:

“Our website inadvertently disclosed your email address or name and email address due to a technical error. The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action. The impacted customers have been contacted. Amazon takes all security-related matters very seriously and your account security is our top priority. We have policies and security measures in place to ensure that your personal information remains secure.”

– Amazon sends out email to their affected customers.