Winter in Tehran, Iran’s capital. Image: Alexander Mazurkevich/Shutterstock
Iran’s central bank bans financial institutions from dealing in cryptocurrencies amid money-laundering worries.
Russia’s heavy-handed approach to dealing with encrypted messaging app Telegram has been getting a lot of attention lately as Google confirmed some of its services were being affected by the mass blocking of IP addresses.
Cryptocurrency-mining malware has overtaken ransomware as the choice du jour for cyber-criminals, according to new research.
Meanwhile, GDPR is just around the corner, but a change made to Facebook terms means the rules may not be the same for every one of its users.
Moving on to this week, yet another nation distances itself from digital currency while Twitter and Kaspersky Lab are on a break.
Iranian central bank says no to digital currency trading
Iran is currently in the grips of a currency crisis and its central bank has banned the country from making any digital money deals. Reuters cited Iranian news agency IRNA as saying: “Banks and credit institutions and currency exchanges should avoid any sale or purchase of these [digital] currencies or taking any action to promote them.”
The ban comes as the country braces itself for the possibility of renewed sanctions against it by the US in May, which is causing the national currency – the rial – to plummet. Iranian media had quoted the central bank back in February as having described cryptocurrencies as “highly unreliable and risky”.
UK teen jailed for targeting FBI and CIA officials
Kane Gamble, an 18-year-old hacker from Leicestershire, must serve two years at a youth detention centre following what a judge called a “campaign of cyber-terrorism”. Kane targeted the databases of the US Department of Justice, CIA and FBI, obtaining sensitive information about military and intelligence operations in Iraq and Afghanistan.
Among his targets were the former chief of the CIA, John Brennan, and deputy director of the FBI, Mark Giuliano. Gamble founded the hacking group known as CWA and he claimed his actions were out of support for the people of Palestine and in retaliation against the US “killing innocent civilians”.
Kaspersky left out in the cold by Twitter
Twitter has banned ads from Russian antivirus firm Kaspersky Lab, but is still allowing the company to remain on the platform as an organic user. Twitter stated that the decision was based on its determination “that Kaspersky Lab operates using a business model that inherently conflicts with acceptable Twitter Ads business practices”.
CEO Eugene Kaspersky claimed his company had not violated any rules, but Twitter told Reuters its decision was partially influenced by an assessment from the US Department of Homeland Security, claiming Kaspersky Lab may pose a security threat to the US. The Kaspersky CEO was critical of the decision: “You’re only shooting yourself in the foot when you cater to the geopolitical noise and start refusing to promote material on false pretences.”
RSA cybersecurity conference app was not secure
The RSA conference is one of the highlights of the year for infosec professionals and you would naturally expect the security around it to be airtight – but that wasn’t the case. In fact, the official app for this year’s conference in San Francisco was leaking some information about attendees.
A security engineer known as ‘svbl’ found a vulnerability in the API of Eventbase, an event management app platform used by the conference organisers. 114 first and last names were accessed by svbl, but probing was limited to confirm the vulnerability.
This is not the first time an app associated with the major cybersecurity conference was found to be problematic. In 2014, a researcher found one linked to the event to be vulnerable to man-in-the-middle attacks.
Wolves in sheep’s clothing: Chrome’s fake ad-blockers
Moscow-based ad-blocking firm AdGuard found five bogus ad-blockers on the Google Chrome Web Store, but all five have now been removed by the tech giant.
Cloning ad-blockers and legitimate tools is a popular strategy for criminals, and researchers at AdGuard described what they discovered as “a botnet composed of browsers infected with the fake ad-block extensions”.
It added: “The browser will do whatever the command-centre server owner orders it to do.”
20m users had the fake apps installed before they were flagged and removed. AdRemover was the most popular fake offering, with 10m people using it, essentially creating a massive botnet of browsers to do the bidding of the sneaky app’s author.
