A company known as River City Media (RCM) has accidently leaked the email addresses of 1.37 billion users due to the failure of setting up a password protection on their remote backup storage. In addition to email addresses, the database also included thousands of real names, IP addresses, and even physical addresses. In all, some 200GB of data had been exposed for several months, leaving it vulnerable to cyberattacks. The leak was found by Chris Vickery, a security researcher for MacKeeper. In his blog post published on Monday, March 6, Vickery explains that MacKeeper worked closely with CSOOnline and Spamhaus after the discovery of the files in January. Vikery and his team were able to trace the files back to RCM, a notorious spam operation. ?RCM masquerades as a legitimate marketing firm while, per their own documentation, being responsible for up to a billion daily email sends,? says Vickery. Vickery believes the company was able to obtain the almost 1.4 billion email addresses through offers such as credit checks, sweepstakes, and education opportunities. There is also evidence that similar spam companies also contributed to the list. While some percentage of the user may have fallen for RCM?s spam offerings, Vickery also suggests that the company used a variety of more advanced techniques to lure users to give up their email address. ?One is called co-registration,? explains Vickery, ?That?s when you click on the ?Submit? or ?I agree? box next to all the small text on a website. Without knowing it, you have potentially agreed your personal details can be shared with affiliates of the site.? The leak is blamed on a failed remote backup attempt, which left a ?snapshot? of the company data from January 2017 exposed to the internet. Anyone who found the data would be able to access internal chatlogs, emails, and the 200GB email collection RCM had acquired. According to Vickery, the failure was due to RCM failing to put a password up on their repository, leaving it poorly secured. Since the release of the break, Spamhaus has blacklisted the entirety of RCM?s infrastructure. The research team working on the case have also reached out to law enforcement agencies about the data leakage and suspected illegal spamming. Putting security and proper backup on the back burner can cause serious damage. Don’t let your company fall pray to the thousands of threats that lurk just a click away. Contact Info Advantage today at (585) 254-8710 to speak to a technology consultant about your security and backup environment.
SonicWall recently released their 2017 Annual Threat Report, which takes a look into the technology security trends in the upcoming year. In the report, SonicWall carefully observes and analyses the technology threat landscape from the last year and uses it to predict how it will continue to change in the future. Here?s a brief summary of their most important findings for 2017, and what it means for modern business. Point-Of-Sale Malware Declining With the integration of chip-based POS systems, hackers are finding it more difficult to steal sensitive information through POS malware attacks. The chip readers allow the transaction to be approved by creating a unique code that cannot be used again, as opposed to the traditional magnetic strip that uses the same code each time it is swiped. Thanks to the integration of the chip-reader, along with stronger legal guidelines, SonicWall observed that the number of new POS malware has decreased by 88 percent since 2015. Website Encryption on the Rise As web traffic continues to grow exponentially, users want to ensure that their data is kept safe. Due to this, many websites are opting to use Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption to protect sensitive user data. SSL/TLS encryption is represented by a lock and HTTPS URL, rather than the standard HTTP URL. This ensures the user that their information is safe, and is only being sent to the intended recipient. SonicWall believes the trend towards SSL/TLS encryption is due in part to the growing trend of cloud applications. They expect the trend to continue into 2017, and believe that SSL/TLS traffic will account for 75 percent of online interactions by the year 2019. Ransomware Becoming More Popular Ransomware was by far the most popular security attack in the previous year, with an increase from 3.8 million attacks in 2015 to 638 million in 2016. According to SonicWall?s Global Response Intelligence Defense (GRID), $209 million in ransom had been paid by affected companies by the end of the first quarter. The growth was most likely driven by the increased access of ransomware as the ransomware-as-a-service (RaaS) industry expanded. This allowed individuals to purchase a ransomware pack without requiring the necessary coding skills needed to launch an attack. The most common attack is known as Locky, and is often attached to emails as disguised as a Microsoft Word invoice. As the RaaS industry continues to grow, SonicWall?s GRID suggests that all organizations backup their data continuously to a backup system that isn?t always online, or uses authentication. Internet of Things Devices Compromised The recent advances in technology have opened up the world to more and more connections to the Internet from more than just a computer, smartphone or tablet. These days, Internet of Things (IoT) devices can be anything from a camera or smart watch, to a smart car or home security system. Due to the wide-adaptation of IoT devices, many developers have felt the pressure to release their devices as soon as possible, which often means oversight in security. This made it easy for hackers to discover weaknesses in IoT devices, resulting in the launch of largest distributed denial-of-service (DDoS) attacks in history. The attack used thousands of IoT devices with weak passwords to launch an attack on hosting company OVH and DNS service provider […]
One of the major arguments for die-hard Apple fans is that their devices are nearly invulnerable to the attacks that work their way into other operating systems, such as malware or viruses. While it is true that Apple has a much lower rate of malware infections, this does not make it impenetrable, and hackers are constantly looking for new ways to extort data. One newly discovered malware, known as Fruitfly, takes advantage of an antiquated code that allows it to run undetected on macOS systems. What is Fruitfly? Fruitfly is a newly discovered type of malware recently found by the team at Malwarebytes. While relatively harmless, this malware is able to hide inside of OS X without alerting the user of its presence. The malware communicates with two command-and-control servers, which allows it to perform actions such as typing, webcam and screen capture, and even moving and clicking the mouse. It can also map other devices and try to connect with them. Where did Fruitfly come from? There is a bit of mystery surrounding the origins of Fruitfly. According to Malwarebytes, Fruitfly may have been hiding in a OS X for several years, as much of its code indicates that it was adapted from OS X to Yosemite, making it at least three years old. However, there are also lines of code that rely on pre-OS X systems, and some open-source ?libjpeg? code, which hasn?t been updated since 1998. So far, most of the discovered instances of Fruitfly have been found on machines at biomedical research institutions. What can I do to protect my device? Luckily, it seems that most of the Fruitfly attacks are targeted, making them a minor threat to an everyday user. However, Apple has yet to release a patch against Fruitfly, so users should take caution and keep an eye out for any updates they release in the near future. One of the best ways to ensure that your device stays infection-free is through constant monitoring of your network. Keep an eye out for any irregularities, and don?t let anything go unreported. Worried that your network is in danger of malware infection? Not sure what to look for when monitoring your network? Contact Info Advantage today at (585) 254-8710 to talk to an IT professional about how to keep your devices safe from harmful attacks.