How are hackers taking advantage of World Cup fever?

18 Jun 2018

Trophy of the FIFA World Cup and official Adidas Telstar 18 ball on a football pitch. Image: fifg/Shutterstock

The World Cup presents a lot of opportunities for cyber-criminals to exploit fans.

Last week, a group of internet luminaries joined the chorus of voices objecting to a proposed change to EU copyright law: Article 13. The potential change was criticised by figureheads such as Vint Cerf and Tim Berners-Lee among others, who cited economic and societal repercussions. The vote on the proposal is on 20 June.

Meanwhile in the US, Apple is closing a security flaw in iOS that had been used by law enforcement agencies to forcibly unlock iPhones in order to obtain evidence. The method was criticised by privacy groups, while police officers said it had provided invaluable help in hundreds of investigations.

Now that the bitcoin tidal wave has calmed down somewhat, a Texas academic has undertaken research he said proves that the massive price hikes of late 2017 were largely down to market manipulation.

Catch up on the best of this week’s enterprise news below.

World Cup presents open goal for hackers

Researcher at Check Point Software Technologies have identified a phishing campaign linked to the start of this year’s FIFA World Cup, where attackers lured victims into downloading a fixtures schedule and result tracker.

The email attachment malware variant used is dubbed ‘DownloaderGuide’ and downloads potentially unwanted programs, or PUPs.

It’s not uncommon for major events to see a spike in cybercrime, said Check Point’s threat intelligence group manager, Maya Horowitz. “With so much anticipation and hype around the World Cup, cyber-criminals are banking on employees being less vigilant in opening unsolicited emails and attachments.

“As such, it is critical that organisations take steps to remind their employees of security best practices to help prevent these attacks being successful.” Check out the live map of cyberattack threats here.

Europol foils infamous cybercrime gang

A long-running global cybercrime group, Rex Mundi, is in the process of being dismantled by Europol and the Joint Cybercrime Action Taskforce. The investigation began after a UK company was hit with a cyberattack in 2017.

A French-speaking member of Rex Mundi demanded a €580,000 ransom in bitcoin, according to Infosecurity magazine. Since then, eight arrests have been made, with the most recent one in Thailand last week. Once Brexit comes into effect, the UK may find this kind of cross-border investigation more difficult to carry out.

Google Chrome leaves third-party extensions out in the cold

Google Chrome last week began to phase out extensions that originate from third-party websites.

Extensions platform product manager James Wagner said that inline extensions (aka third-party extensions) are far more likely to cause hassle for Chrome users. “When installed through the Chrome Web Store, extensions are significantly less likely to be uninstalled or cause user complaints, compared to extensions installed through inline installation.” The inline install API method will be removed by early December of this year.

SigSpoof flaw allowed hackers to easily spoof email signatures

Remember the years-old critical vulnerability in email encryption tool PGP? It basically failed to hide encrypted messages, but researchers have found another bug that allowed hackers to spoof digital email signatures.

GnuPG, Enigmail and GPGTools were vulnerable to this particular flaw for decades. Researcher Markus Brinkmann found that anyone could spoof signatures using the public-private key method, easily allowing people to bypass email signature verification in encryption tools.

Trophy of the FIFA World Cup and official Adidas Telstar 18 ball on a football pitch. Image: fifg/Shutterstock

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com