US police investigation methods are questioned while a major cybercrime kingpin is nabbed by Europol.
Cambridge Analytica and the resulting maelstrom dominated headlines in the past week, as Facebook CEO Mark Zuckerberg placed full-page ads in newspapers apologising profusely for the breach of user trust.
In Germany, university researchers found some unusual – and, in some cases, illegal – material on bitcoin’s blockchain, including links to child abuse imagery. This discovery throws the spotlight on blockchain and its risks, which should be considered alongside its much-touted benefits.
Infamous ‘lone hacker’ Guccifer 2.0, the alleged leaker of incriminating DNC emails in 2016, does not seem to be who they say they are. According to new evidence, the whole thing was a Russian GRU operation, not a solo hacker based in Romania.
It has been another bumper week in the world of infosec and enterprise – time for a quick catch-up.
Privacy for the dead?
Forbes spoke to FBI forensics specialist Bob Moledor about the first known case of law enforcement using a deceased person’s fingerprints to unlock an iPhone, in an attempt to bypass Apple’s Touch ID feature.
The suspect in question, Abdul Razak Ali Artan, had mowed down a group of people in his car, carried out a stabbing spree and was subsequently shot dead by a police officer on the campus of Ohio State University in November 2016.
According to Moledor, the police tried to unlock the phone using the dead man’s fingertip, but the device had gone to sleep and required a passcode for access. It raises questions around the privacy of the deceased, as sources informed Forbes that police unlocking iPhones this way was a relatively common occurrence and has proved useful in other cases. For example, in overdose cases, the iPhones can often lead to the drug dealer themselves.
It is not without its quandaries, though. Some privacy advocates feel a warrant should be provided before police access a device belonging to someone no longer alive, with their own hand.
Attorney Marina Medvin said: “You cannot assert your privacy rights when your friend’s phone is searched and the police see the messages that you sent to your friend. Same goes for sharing information with the deceased.”
Sneaky malware infiltrates Google Play in cunning disguise
Security researchers at Sophos have uncovered malware they have dubbed ‘Andr/HiddnAd-AJ’. According to the researchers, the malware presents itself as a number of useful apps such as a QR code scanner and a compass, among other things.
The malware barrages the unlucky user with a bevy of ads after lulling them into a false sense of security. While Sophos reported the apps to Google, some of them attracted more than 500,000 downloads before they were pulled from the Play Store.
The developers used certain techniques to hide their true aims. The apps all appeared to be what they were advertising themselves as and the adware did not begin immediately. This allowed them to slip past Google Play Protect without detection.
Despite these apps appearing on the Google Play Store, Sophos still recommends Android users avoid off-market app directories as they have far fewer vetting hurdles for developers to overcome.
Mozilla and Tesla give Facebook the cold shoulder
Mozilla and Tesla are among a number of companies distancing themselves from Facebook following the Cambridge Analytica revelations. While it is not likely these actions will be a permanent decision or make any considerable dent in Facebook’s bottom line, it is still a demonstration of the severity of the reputational hit the social media giant has taken.
Mozilla is “taking a break” from Facebook, pausing its ads on the platform as well as refraining from posting on its page. Tesla CEO Elon Musk removed Tesla and SpaceX’s Facebook pages and German bank Commerzbank is also freezing its ad campaigns on the site.
Facebook responded: “Most of the businesses we’ve spoken with this week are pleased with the steps we’ve outlined to better protect people’s data, and they have confidence that we’ll respond to these challenges and become a better partner and company as a result.”
Big tech works with Atlanta to resolve major city cyberattack
Last Thursday (22 March), a ransomware attack occurred on networks in Atlanta, Georgia. This was still being dealt with as of Saturday (24 March). A number of websites that customers use to pay bills began to be affected on Thursday, and access to court information was also curtailed.
City officials in Atlanta were forced to take down webpages in other departments and unplug city computers from wall outlets. Some city staff were not even receiving email. According to CSO Online, Atlanta is working with Cisco, Microsoft and US officials to determine how the information was accessed. It is not clear at this point if the ransom (bitcoin to the value of $51,000) was paid by the city.
Cybercrime mastermind arrested in Spain
The alleged head of the Carbanak and Cobalt malware campaigns, which targeted banks and had been active since 2013, was arrested in Spain. According to Europol, the group had been active since 2013 and infiltrated more than 100 different banks in that time.
The gang would send out spear-phishing emails to bank employees, allowing the criminals to remotely control infected machines and provide the intelligence needed to cash out the money, either by remotely instructing ATMs, using money mules to collect money from inflated databases or nefarious e-payment use.
CybSafe CEO Oz Alashe said to Siliconrepublic.com: “The criminals sent key staff phishing emails containing the malware that enabled them to penetrate their IT systems. This demonstrates that the most stringent cyber processes coupled with the latest technology can be undermined by the human component of cybersecurity.”