Trend Micro: Hackers Using Android App For Sextortion   

 

Researchers found that the extortionists first lure their victims through a number of online chatting tools   
Saturday, March 28, 2015:  Security software company Trend Micro has come up with a new finding in which they detected that criminals have developed advanced mobile applications and tools that siphon their victims’ online passwords and contacts to increase the chance that they will pay up.

In a latest report ‘sextortion in the far east’, Trend Micro’s researchers detailed a new Android app that criminals are using to pressure their victims into blackmail.

Sextortion is the act of coercing cybercrime victims to perform sexual favors or to pay large amounts of money in exchange for the non-exposure of their explicit images, videos, or conversations.

Cybercriminals lure, record, and threaten their victims online, which includes a mobile malware component. During their chat or Skype session, cybercriminals convince victims to install a data stealer or disguised Android malware that steals victim data off their device. Cybercriminals can then threaten their victims with the possibility of sending the explicit content to their victim’s contact list. The malware these cybercriminals used are persistent and exhibit various intrusive behaviors.

Researchers found that the extortionists first lure their victims through a number of online chatting tools. Once the trap is set, they feign audio or messaging problems to persuade their target to download one of four malicious Android apps. Using their email, social media and bank accounts, Trend Micro traced several of the Android app developers and their money go-betweens to China.

The company found evidence that the criminals opened different bank accounts for each extortion campaign, which typically, lasted for a few weeks. 

Sushma rani, EFYTIMES News Network 

Advertisements

Beware! Your Smart TV May Be Watching & Listening To Everything You Do & Say!

IMG_2595

YOUR SAMSUNG SMARTTV IS SPYING ON YOU

eWeek – Enterprise IT Technology News, Opnion and Reviews

Be careful, you may be watched!

With the advances in technologies, your own purchases may be used against you. Privacy advocates are up in arms!!

A Hybrid Approach: Rewriting the Rules for DDoS Defense

IMG_2574

The dilemma for organizations when implementing an effective DDoS defense is whether to deploy on-premises DDoS protection or subscribe to a cloud-based provider. These decisions are not taken lightly, as the threat landscape is wide ranging and increasingly sophisticated.

Organizations outlining their DDoS defense strategy typically begin by looking to out-of-band defenses and anti-DDoS scrubbing-lane approaches for re-routing traffic once an attack has been identified. This approach is a good first step for DDoS prevention; however, it’s only the tip of the iceberg. The recommendation from industry analysts is to execute a two-pronged approach, to include in-line, real time detection and attack mitigation as the primary means for DDoS defense, and cloud anti-DDoS for full pipe saturation attacks.

Here’s why: partial saturation attacks are becoming more commonplace. These DDoS attacks are large (relatively speaking), but only last for a short period of time, and they do not fully saturate the internet link. While these attacks can be devastating to unprotected downstream border defenses, hosted customers or internet-facing services, the motive is most often financial gain or stealing sensitive data. Additionally, these partial saturation events are not long enough in duration for attacks to be detected and re-routed quickly enough for cloud-based DDoS mitigation solutions to provide much, if any benefit.

When assessing DDoS defense strategies, the solutions aren’t like-for-like comparisons. However, there is a suggested approach to protect against the entire spectrum: hybrid on-premise and cloud DDoS mitigation. Let’s look at each of the components.

Cloud Anti-DDoS Solution

DDoS protection, provisioned as a service, is most often an on-demand option for large-scale attacks. Massive volumetric attacks occur when more traffic than the total bandwidth of a network link is sent, which no amount of hardware resources will effectively combat.

Human intervention is critical to an on-demand defense approach – once detected an analyst must then decide to enable the transition to the cloud. In a recent study nearly 50% cited customer complaints as their initial means of DDoS notification. The time from detection to mitigation could range to upwards of one hour with this approach. However, the majority of volumetric attacks last 30 minutes or less. By the time your on-demand defenses are engaged the damage is done.

With out-of-band cloud anti-DDoS, visibility and analysis begin only after the traffic has been re-routed to the scrubbing service, allowing for little if any insight into the attack, eliminating all analysis capabilities.

Some businesses that frequently experience these attacks subscribe to an always-on anti-DDoS cloud solution service. The costs associated with this are substantial. If frequent, massive volumetric DDoS attacks are the Achilles’ heel of your organization, it’s hard to put a price on uninterrupted service availability.

“If frequent, massive volumetric DDoS attacks are the Achilles’ heel of your organization”

On-Premises Real-Time Defense

Purpose-built DDoS defense solutions are deployed between the internet and the enterprise network. A first-line-of-defense approach prevents outages by inspecting traffic at line-rate and blocking attacks in real time while allowing approved traffic to flow. On-premises, real-time defence enables complete and sophisticated visibility into DDoS security events when deployed at the network edge. Additionally, archived security event data will enable forensic analysis of past threats and compliance reporting of security activity, acting as a strong advantage against attackers when DDoS is utilized as a distraction.

Given its nature, precise enforcement of mitigation policies against attack traffic must be accomplished without incurring false positives, with line-rate performance and maximum security efficacy. On-premises technology is designed to handle volumetric network-based attacks, reflective and amplified spoof attacks as well as application layer attacks.

A Possible Silver Bullet – The Hybrid Approach

In 2014 the SANS Institute reported: “DDoS mitigation solutions integrating on-premises equipment and ISP and/or mitigation architectures are nearly four times more prevalent than on-premises or services-only solutions. The growing sophistication of DDoS attacks and the sensitive nature of potential disruption to business services require both local and upstream protections that work in sync.”

The concept of on-demand cloud defense for a pipe saturation attack coupled with always on, on-premises defense provides protection against the whole spectrum. Businesses that engage with their on-demand DDoS mitigation provider can quickly initiate that service based on visibility in the event of a massive volumetric attack. The main benefit of a hybrid approach is that the on-premises device heavily reduces the number of times an organization switches over to the cloud – lowering cost and providing comprehensive and consistent defense.

During the switchover, an on-premises solution would continue to provide the necessary protection for any threats not mitigated by the cloud. Continuous monitoring can show when your organization can return to normal operation and collaborative communication and sharing of information between you and your provider enables comprehensive visibility, enhancing the overall security performance of your network.

The implementation of an always-on solution combined with on-demand cloud defense provides businesses with a means of safeguarding against the vast scope of DDoS attacks posed to their networks. With DDoS attacks now being delivered in various sizes and with differing intentions, ensuring that the appropriate prevention best practices are utilized correctly could well be what saves your organization from falling victim to a major breach of information.

ORIGINAL ARTICLE

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
About the Author

Dave Larson is CTO at Corero Network Security. He is responsible for directing the Corero technology strategy, bringing over 20 years’ experience in the network security, data communication and data center infrastructure industries. Most recently, he served as CTO for HP Networking and vice president of the HP Networking Advanced Technology Group. Prior to HP, Larson was vice president of Integrated Product Strategy for TippingPoint and has held senior roles with Tizor Systems, Sandburst Corporation and Xedia Corporation.