Trend Micro: Hackers Using Android App For Sextortion   

 

Researchers found that the extortionists first lure their victims through a number of online chatting tools   
Saturday, March 28, 2015:  Security software company Trend Micro has come up with a new finding in which they detected that criminals have developed advanced mobile applications and tools that siphon their victims’ online passwords and contacts to increase the chance that they will pay up.

In a latest report ‘sextortion in the far east’, Trend Micro’s researchers detailed a new Android app that criminals are using to pressure their victims into blackmail.

Sextortion is the act of coercing cybercrime victims to perform sexual favors or to pay large amounts of money in exchange for the non-exposure of their explicit images, videos, or conversations.

Cybercriminals lure, record, and threaten their victims online, which includes a mobile malware component. During their chat or Skype session, cybercriminals convince victims to install a data stealer or disguised Android malware that steals victim data off their device. Cybercriminals can then threaten their victims with the possibility of sending the explicit content to their victim’s contact list. The malware these cybercriminals used are persistent and exhibit various intrusive behaviors.

Researchers found that the extortionists first lure their victims through a number of online chatting tools. Once the trap is set, they feign audio or messaging problems to persuade their target to download one of four malicious Android apps. Using their email, social media and bank accounts, Trend Micro traced several of the Android app developers and their money go-betweens to China.

The company found evidence that the criminals opened different bank accounts for each extortion campaign, which typically, lasted for a few weeks. 

Sushma rani, EFYTIMES News Network 

The Heartbleed Hit List

The Heartbleed Hit List: The Passwords You Need to Change Right Now

20140410-150906.jpg

An encryption flaw called the Heartbleed bug is already being called one of the biggest security threats the Internet has ever seen. The bug has affected many popular websites and services — ones you might use every day, like Gmail and Facebook — and could have quietly exposed your sensitive account information (such as passwords and credit card numbers) over the past two years.

But it hasn’t always been clear which sites have been affected. Mashable reached out some of the most popular social, email, banking and commerce sites on the web. We’ve rounded up their responses below.

SEE ALSO: How to Protect Yourself From the Heartbleed Bug

Some Internet companies that were vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you’ll need to go in and change your passwords immediately for these sites. Even that is no guarantee that your information wasn’t already compromised, but there’s also no indication that hackers knew about the exploit before this week. The companies that are advising customers to change their passwords are doing so as a precautionary measure.

Although changing your password regularly is always good practice, if a site or service hasn’t yet patched the problem, your information will still be vulnerable.

Also, if you reused the same password on multiple sites, and one of those sites was vulnerable, you’ll need to change the password everywhere. It’s not a good idea to use the same password across multiple sites, anyway.

We’ll keep updating the list as new information comes in.

Social Networks Affected