Wednesday, August 26, 2015

Think about how you want to get out of jail

We all like to play with our mobile devices: customizing them, giving them this different touch to make the whole world THIS is MY smartphone. If you´re an iPhone user it´ll be a little bit harder, but there are still chances like "jailbreaking" your apple. If you have already done it, maybe you should be scared today. We´ll see why right away and we´ll also talk about Android´s security, the worldwide distribution of the risk and, keep an eye on it, a new variant of Zeus, the financial malware par excellence.

iOShacker blog has revealed today an important data leak from iCloud: up to 200.000 users registries who had done a jailbreak to their iOS devices (iPhone, iPod, iPad), according to the Chinese web WooYun. The first speculations talk about malicious tweaks with backdoors, pirate copies of legitimate tweaks to "break the jail" of Apple devices. The supposed database could be on sale in a Chinese server, allowing buyers to accomplish any kind of misdeeds with it, since creating botnets to making cash exploiting the provided data.

Don´t be lazy

We change the platform, but not the behavior: users who decide to safe some euros and gamble with their data, users who barely took the time to secure their Android with the famous block patterns of this operating system. According to a recent research by a Norwegian new graduate, Marte Lodge, most of the users are very predictable, with L shaped patterns or drawing their names first letter, or limiting to four the number of nodes, when the system allows up to nine.

Invisible and invulnerable

The iCloud one is not the only fright of the day. As we know by the guru Pierluigi Paganini, a new variant of the financial malware par excellence, Zeus, is on sale on the darkest corners of Internet. This new version is named Sphinx, works completely through the Tor network and it´s potentially invisible and invulnerable. Each binary of Sphinx has a cost of  less than 500 bucks and has a wide impact array: certificates interception, virtual network computing (VNC) for hidden transactions, webinjects to ask for confidential info or webfakes to simulate legitimate websites, among other criminal activities.

Where is the risk?

Who is this malware aimed against? Virtually against everybody. That´s why it´s so interesting the recent study by CloudLock which identifies the cyber risk distribution among employees. And the conclusion is a highly disproportionated distribution, to such extent that 3 out of 4 risk factors are in the hands of 1 out of 100 users. ¿And who are this "privileged" 1%? The more tempting for criminals: users with super-admin privileges, software architects, machine based identities which grant the access to privileges escallation or any kind of data

But don´t delude yourself, even if you´re not part of this 1% of users, you´re a target too. Think carefully if it´s worth to save some cents by installing pirate apps, or being too lazy to block your devices. Since the moment somebody takes advantage of a vulnerability to make you join a "botnet", you are already a victim of cybercrime.


Post a Comment